Pierluigi Paganini
November 13, 2016
BlackNurse attack allows to power massive DDoS attacks that are able to knock large servers offline with limited resources. Researchers discovered a simple method, called BlackNurse attack, to power massive DDoS attacks that could allow lone attackers to knock large servers offline with limited resources. “This attack is not based on pure flooding of the internet connection, […]
Pierluigi Paganini
November 13, 2016
The Pawn Storm APT group exploited some zero-days vulnerabilities in targeted attacks across the world before they get patched. The Pawn Storm APT group, also known as APT28 and Fancy Bear, exploited some zero-days flaw in targeted attacks before they get patched. The threat actors powered spear phishing attacks between the discovery of the zero-days […]
Pierluigi Paganini
November 12, 2016
At PwnFest 2016, hackers compromised Windows 10’s Microsoft Edge web browser in just 18 seconds and devised the first attack on VMware Workstation 12.5.1. This week, at the PwnFest 2016 contest held at the Power of Community security conference in Seoul, hackers compromised Microsoft Edge operating on Windows 10 Red Stone 1 and for the first […]
Pierluigi Paganini
November 12, 2016
Cozy Bear launched new spear-phishing attacks against US policy think-tanks aiming to infect their systems with a malware. Trump is the new US President, a few hours after he won the election, a hacking crew powered several spear-phishing attacks against US policy think-tanks aiming to infect their systems with a malware. The security experts believe […]
Pierluigi Paganini
November 11, 2016
Once again the hacker Kapustkiy breached an embassy and leaked data on Pastebin, this time the victim is the Paraguay Embassy of Taiwan. The security pentester who goes online with the moniker Kapustkiy breached the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw). A few days ado the hacker and his friend Kasimierz (@Kasimierz_) hacked the Indian Embassies in Switzerland, Mali, […]
Pierluigi Paganini
November 11, 2016
Telecrypt ransomware is a new malware that abuses the instant messaging service Telegram for command and control (C&C) communications. Security experts from Kaspersky Lab have spotted a new Ransomware, called Telecrypt (Trojan-Ransom.Win32.Telecrypt), that abuses the Telegram instant messaging service for communications with command and control (C&C). The Delphi-written Trojan, which is currently targeting only Russian users, it exploits […]
Pierluigi Paganini
November 10, 2016
The Legendary Blog of MalwareMustDie is closed for protest against NSA hacking trace of educational and public servers of harmless countries. The Shadow Brokers, the hacker group that hacked NSA hackers, who have previously released NSA hacking tools for anyone to download, published more files containing the IP address of 49 countries that have been […]
Pierluigi Paganini
November 10, 2016
Siemens released security updates and temporary fixes to fix a privilege escalation flaw, tracked CVE-2016-7165, that affects several industrial products. Siemens has released security updates and temporary fixes to address a privilege escalation vulnerability, tracked CVE-2016-7165, that affects several industrial products. The flaw could be exploited by attackers to escalate their privileges if the flawed products […]
Pierluigi Paganini
November 10, 2016
The effects of cyber-attacks against SCADA/ICS are well known, however, there is a great confusion when dealing with mitigation techniques. The Majority are aware of the impact cyber-attacks can have on Industrial Control Systems however, the reality in terms of mitigation techniques are shrouded with confusion and a reactive approach. Recent 0-day vulnerability dubbed as […]
Pierluigi Paganini
November 09, 2016
Kaspersky discovered a new strain of the Svpeng Trojan delivered through popular news websites using Google’s AdSense via a zero-day in Chrome. Crooks exploited a Chrome Zero-Day vulnerability to deliver the Android Svpeng Trojan to Android users via Google AdSense. The Svpeng Trojan is not a new threat, it was first spotted by Kaspersky Lab in July 2013 when threat […]
