Pierluigi Paganini
March 21, 2017
The vendor “SunTzu583” is offering for sale over 20 million Gmail and 5 million Yahoo login credentials on the Dark Web A vendor with the online moniker “SunTzu583” is reportedly selling millions of login credentials for Gmail and Yahoo accounts on a black market in the dark web. Over 20 million Gmail accounts and 5 million […]
Pierluigi Paganini
March 21, 2017
The McDelivery application used by McDonaldâs customers in India was found to be leaking the personal data of more than 2.2 million users. McDelivery is a web application used by McDonaldâs customers in India that was found to be leaking the personal information of more than 2.2 million users. The issue was discovered by researchers at security […]
Pierluigi Paganini
March 20, 2017
After the leak of the CIA Vault7 archive, experts from CISCO warn of Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution flaw. Recently Wikileaks announced it is planning to share with IT firms details about vulnerabilities in a number of their products, the flaw are exploited by the hacking tools and […]
Pierluigi Paganini
March 20, 2017
The security expert Matt Nelson has devised a new method that leverages App Paths to bypass the User Account Control (UAC) only on Windows 10. The researcher detailed a bypass technique that is quite differed to the previous ones he devices, the new method âdoesnât rely on the IFileOperation/DLL hijacking approachâ. “Iâve previously blogged about two different bypass techniques, […]
Pierluigi Paganini
March 18, 2017
Assange sent an email to tech firms including “a series of conditions” that they need to fulfill before gaining access to details included in the Vault 7. A couple of weeks ago Wikileaks published the Vault 7 archive, a huge trove of files detailing CIA hacking tools and capabilities. The files allegedly originated from a high-security […]
Pierluigi Paganini
March 18, 2017
Further investigation on the attacks against Polish banks allowed Symantec to determine that North Korean Lazarus APT group was behind recent attacks on banks. According to malware researchers at Symantec, the North Korean APT group Lazarus was likely behind a recent string of cyber attacks against organizations in 31 countries. According to Symantec, the Lazarus […]
Pierluigi Paganini
March 17, 2017
New APT Campaign based on Poison Ivy RAT with C&C in China has been reversed by MalwareMustDie who shared a lot of interesting details about the attack vectors and reverse techniques. Our travel along the great analysis of a fresh, new insidious APT China campaign. An ordinary case of phishing? At the beginning, it seemed […]
Pierluigi Paganini
March 17, 2017
Pwn2Own 2017 is started, as usual, it is a great event to see hackers at work. In the first day, experts hacked Edge, Safari, Ubuntu, and Adobe Reader. Pwn2Own 2017 competition held in Vancouver (Canada) is started, as usual, it is a great event to see hackers at work. In the first day Bug bounty hunters […]
Pierluigi Paganini
March 16, 2017
A flaw recently fixed in the Linux kernel tracked as CVE-2017-2636 might have been exploited to gain privilege escalation or cause a DoS condition. The security expert Alexander Popov from Positive Technologies has discovered a race condition in the n_hdlc driver that might be exploited by attackers for privilege escalation in the operating system. The vulnerability tracked as CVE-2017-2636, […]
Pierluigi Paganini
March 16, 2017
Drupal development team has issued a new release of the popular content management system (CMS), Drupal version 8.2.7, that fixes multiple vulnerabilities. The Drupal development team has released the Drupal version 8.2.7 that addressed a number of vulnerabilities in the popular CMS. The list of flaws includes an access bypass issue, a cross-site request forgery […]
