Hacking

Pierluigi Paganini November 16, 2017
Terdot Banking Trojan is back and it now implements espionage capabilities

The Terdot banking Trojan isn’t a novelty in the threat landscape, it has been around since mid-2016, and now it is reappearing on the scenes. According to Bitdefender experts, vxers have improved the threat across the years, implementing credential harvesting features as well as social media account monitoring functionality. The Terdot banking Trojan is based on the Zeus […]

Pierluigi Paganini November 16, 2017
Cisco issued a security advisory warning of a flaw in Cisco Voice Operating System software

Cisco issued a security advisory warning of a vulnerability in Cisco Voice Operating System software platform that affects at least 12 products. The tech giant Cisco issued a security advisory warning of a vulnerability in Cisco Voice Operating System software platform that could be triggered by an unauthenticated, remote hacker to gain unauthorized and elevated access to vulnerable […]

Pierluigi Paganini November 16, 2017
Formidable Forms plugin vulnerabilities expose WordPress sites attacks

A researcher from Finland-based company Klikki Oy has discovered several vulnerabilities in the Formidable Forms plugin that expose websites to attacks. The researcher Jouko Pynnönen from Finland-based company Klikki Oy has discovered several vulnerabilities in the Formidable Forms plugin the expose websites to attacks. The Formidable Forms plugin allows users to easily create contact pages, polls and surveys, and many other kinds […]

Pierluigi Paganini November 15, 2017
17-Year-Old MS Office flaw CVE-2017-11882 could be exploited to remotely install malware without victim interaction

Ops, a 17-Year-Old flaw in MS Office, tracked as CVE-2017-11882, could be exploited by remote attackers to install a malware without user interaction. Ops, a 17-Year-Old vulnerability in MS Office could be exploited by remote attackers to install a malware without user interaction. The flaw is a memory-corruption issue that affects all versions of Microsoft […]

Pierluigi Paganini November 15, 2017
Go to HELL, PowersHELL : Powerdown the PowerShell Attacks

Powerdown the PowerShell Attacks : Harnessing the power of logs to monitor the PowerShell activities Lately, I have been working on analyzing the PowerShell attacks in my clients’ environment. Based on the analysis and research, I have come up with a few indicators that will help to detect the potential PowerShell attacks in your environment […]

Pierluigi Paganini November 14, 2017
A Backdoor in OnePlus devices allows root access without unlocking bootloader

Expert discovered a backdoor in OnePlus devices that allows root access without unlocking the bootloader. Other problems for the owners of the OnePlus smartphone, this time experts discovered a backdoor that allows root access without unlocking the bootloader. Just over a month after OnePlus was caught collecting personally identifiable information on its users, the Chinese smartphone company has been […]

Pierluigi Paganini November 14, 2017
Experts bypass ultra secure Apple iPhone X Face ID with a 3D-Printed mask

A group of researchers hacked Apple iPhone X Face ID facial recognition technology by using a 3D-Printed Mask that costs less than $150. On November 3, Apple released its new iPhone X and a few days later a group of researchers from Vietnamese cybersecurity firm Bkav has claimed to have hacked Apple’s Face ID facial recognition technology by using […]

Pierluigi Paganini November 13, 2017
A China-linked cyber espionage group has been using a new strain of malware dubbed Reaver

Experts at Palo Alto Networks have discovered a new malware family named Reaver with ties to hackers who use the SunOrcal malware. A China-linked cyber espionage group has developed a new strain of malware, dubbed Reaver, that was already observed in highly targeted attacks during 2016. The malware was analyzed by experts at Palo Alto Networks, who spotted […]

Pierluigi Paganini November 13, 2017
Bug bounty programs and a vulnerability disclosure policy allowed Pentagon fix thousands of flaws

Bug bounty programs allowed the US agency to receive 2,837 valid bug reports from 650 white hat hackers located in 50 countries around the world. Bug bounty program ‘Hack the Pentagon’ launched by the Pentagon in 2016 along with the vulnerability disclosure policy announced nearly one year ago allowed the US agency to receive 2,837 valid bug reports […]

Pierluigi Paganini November 13, 2017
DHS – Tests demonstrate Boeing 757 airplanes vulnerable to hacking

Researchers and private industry experts, along with DHS officials, remotely hacked a Boeing 757 airplane that was parked at the airport in Atlantic City. A group of researchers and private industry experts, along with DHS officials, remotely hacked a Boeing 757 airplane owned by the DHS that was parked at the airport in Atlantic City, […]