Pierluigi Paganini
December 09, 2017
Google fixed a bug dubbed Janus that could be exploited by attackers to inject malicious code into Android apps without affecting an app’s signature. Google fixed four dozen vulnerabilities this week, including a bug dubbed Janus that could be exploited by attackers to inject malicious code into Android apps without affecting an app’s signature verification certificates. Millions of Android […]
Pierluigi Paganini
December 08, 2017
A security researcher discovered that hundreds of notebook models contain a debugging code that could be abused by attackers as a keylogger component. Hundreds of notebook models contain a debugging code that could be abused by attackers as a keylogger component. The code was discovered by a security researcher that goes online with the moniker ZwClose, the list of affected models […]
Pierluigi Paganini
December 08, 2017
#OpUSA – OpIsrael – The hacker collective Anonymous threatens cyber attacks on US Government and launched the offensive against the Israeli targets. In the last hours, the hacktivists leaked online names, emails, and passwords of Israeli public employees and shared a list of US government sites to target, calling on action against them. Anonymous leaked data belonging to only a […]
Pierluigi Paganini
December 08, 2017
Microsoft issued an emergency Windows Security Update to address a critical flaw, tracked as CVE-2017-11937, that affects the Malware Protection Engine. Microsoft issued an emergency Windows Security Update to address a critical vulnerability, tracked as CVE-2017-11937, that affects the Malware Protection Engine (MPE). The emergency fix comes a few days before Microsoft is scheduled to roll out […]
Pierluigi Paganini
December 08, 2017
The OpenSSL Project released the OpenSSL 1.0.2n version that addresses two vulnerabilities discovered by the Google researcher David Benjamin. Benjamin discovered the vulnerabilities using the OSS-Fuzz fuzzing service. The first “moderate severity” issue, tracked as CVE-2017-3737, is related to an “error state” mechanism implemented since OpenSSL 1.0.2b. “OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an “error state” […]
Pierluigi Paganini
December 07, 2017
Security experts discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. A group of security researchers has discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. The vulnerability was discovered by researchers of the Security and Privacy Group at the University […]
Pierluigi Paganini
December 07, 2017
Experts devised a new attack technique dubbed Process Doppelgänging, that could be implemented by vxers to bypass most antivirus solutions. A group of security researchers from Ensilo discovered a new malware evasion technique, dubbed Process Doppelgänging, that could be implemented by vxers to bypass most antivirus solutions and security software. The technique is a fileless code […]
Pierluigi Paganini
December 07, 2017
ProtonMail is officially launching ProtonMail Bridge, which brings easy-to-use email encryption to desktop email clients. Ever since the day that we first got the idea to create ProtonMail, one of the most enduring challenges has been how to do email security right while simultaneously making encrypted email easy enough to use for normal people. Since […]
Pierluigi Paganini
December 07, 2017
The cryptocurrency mining market NiceHash confirmed it has fallen victim to a hacking attack that may have resulted in the loss of $60m worth of Bitcoin Cryptocurrency companies continue to be a privileged target of hackers, the last victim in order of time is the cryptocurrency mining market NiceHash. The NiceHash marketplace allows users to buy […]
Pierluigi Paganini
December 06, 2017
A security researcher discovered a collection of vulnerabilities dubbed MailSploit affecting more than 30 popular email client software. Email spoofing is quite simple and it is an important activity in any phishing/spear phishing attack. Attackers modify email headers and send an email with the forged sender address to trick recipients into opening the message believing they […]
