Pierluigi Paganini
April 16, 2017
The Callisto APT Group borrowed the source code leaked by hackers that broke into Hacking Team network. According to F-Secure Labs, The Callisto APT Group used the HackingTeam leaked surveillance software to gather intelligence on foreign and security policy in eastern Europe and the South Caucasus. The Callisto APT group targeted government officials, military personnel, journalists and think tanks since […]
Pierluigi Paganini
April 16, 2017
Security experts discovered vulnerabilities in the Bosch Drivelog Connector dongle that could be exploited by hackers to stop the engine. Security Researchers at automotive cybersecurity firm Argus discovered vulnerabilities in Bosch Drivelog Connect solution that can be exploited by hackers to inject malicious messages into a vehicle’s CAN bus. The Bosch Drivelog Connect is the […]
Pierluigi Paganini
April 16, 2017
Facebook disrupted an international spam campaign leveraging on bogus accounts used to create “likes” and bogus comments. The security team at Facebook has disrupted an international spam operation after a six months investigation. The company has neutralized a coordinated campaign that was leveraging on bogus accounts used to create inauthentic likes and comments. “Today we are taking another […]
Pierluigi Paganini
April 14, 2017
Cisco issued two “critical” security advisories, one for Cisco IOS and Cisco IOS XE Software, another for a flaw affecting Apache Struts 2. Today Cisco issued two “critical” security advisories, the first one for Cisco IOS and Cisco IOS XE Software, the second one for the recently discovered flaw affecting Apache Struts 2. The vulnerability […]
Pierluigi Paganini
April 14, 2017
The Linux remote vulnerability tracked as CVE-2016-10229 poses Linux systems at rick of hack if not patched. A Linux kernel vulnerability, trackers as CVE-2016-10229, potentially allows attackers to remotely take over a vulnerable system (i.e. Servers, desktops, IoT devices and mobile devices). “udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP […]
Pierluigi Paganini
April 14, 2017
An unpatched vulnerability in Magento platform could be exploited by hackers to compromise fully web servers that host the e-commerce sites. An unpatched vulnerability in the Magento e-commerce platform could be exploited by attackers to upload and execute malicious PHP scripts on web servers that host online shops. The vulnerability was reported by experts at […]
Pierluigi Paganini
April 13, 2017
SAP has issued a security patch for the SAP TREX search engine that addresses also a two-years old critical vulnerability. SAP has issued a security patch for the SAP TREX search engine that addresses multiple vulnerabilities discovered by the experts in a 2015 patch released in December 2015. The SAP TREX search engine is used […]
Pierluigi Paganini
April 13, 2017
Hackers exploited the CVE-2014-9222 flaw, also known as ‘Misfortune Cookie’, to hack thousands of home routers and abuse them for WordPress attacks. According to the experts at the security firm Wordfence tens of thousands, of home routers have been hacked and used to power cyber attacks on WordPress websites. The security firm observed a spike in […]
Pierluigi Paganini
April 13, 2017
A group of researchers has demonstrated that attackers can steal PINs and Passwords capturing data from smartphone sensors. Modern mobile devices are full of sensors (i.e. GPS, Camera, microphone, accelerometer, magnetometer, proximity, gyroscope, pedometer, and NFC) that could be exploited by hackers to gather data about owner’s activities? A group of researchers from Newcastle University demonstrated that […]
Pierluigi Paganini
April 12, 2017
Today Microsoft Patch Tuesday fixed the zero-day Word vulnerability that has been actively exploited in attacks in the wild. Microsoft today patched the zero-day Word vulnerability that has been exploited in attacks in the wild. Just yesterday I wrote about a phishing campaign leveraging the flaw to deliver the Dridex banking Trojan. Microsoft published security […]
