Pierluigi Paganini
February 18, 2017
Servers at a paper maker Georgia-Pacific were hacked by a former sysadmin that was arrested by feds. The incident caused $1m in damage. A system administrator, Brian Johnson (44) from Baton Rouge, Louisiana, has been jailed for hacking the control systems of his ex-employer. Johnson had worked at paper maker Georgia-Pacific for years until the Valentine’s Day […]
Pierluigi Paganini
February 18, 2017
Experts at Kaspersky Lab have analyzed several Android car apps and discovered that most of them lack proper security features to protect vehicles. Security researchers from antivirus vendor Kaspersky Lab have analyzed seven of the most popular Android apps that allow to remotely control millions of modern cars. The experts discovered that the Android apps, whose name […]
Pierluigi Paganini
February 17, 2017
Security experts have discovered a new SQL malware targeting online shops running on Magento that hides the code in the website’s database. Security experts have discovered a new strain of malware that is targeted websites raising Russian the Magento eCommerce platform. The novelty is that this is the first a malware that hides the code in the website’s […]
Pierluigi Paganini
February 17, 2017
A group of security researcher has devised a new attack technique dubbed AnC attack that allows to bypass the ASLR Protection on 22 CPU architectures. The Address Space Layout Randomization (ASLR Protection) is a security mechanism used by operating systems to randomize the memory addresses used by key areas of processes, it makes hard for attackers […]
Pierluigi Paganini
February 16, 2017
On Thursday the OpenSSL Project has fixed a high severity denial-of-service (DoS) vulnerability in OpenSSL tracked as CVE-2017-3733. The OpenSSL development team has fixed a high severity denial-of-service (DoS) flaw tracked as CVE-2017-3733. This is the second security update released in just two months, the first one addressed four low and moderate severity flaws in the library. The […]
Pierluigi Paganini
February 16, 2017
Security experts at IBM published a report that includes precious details on the attack chain of the dreader Shamoon cyberweapon. The dreaded Shamoon malware, aka Disttrack, has resurrected and government agencies and threat intelligence firms are investigating the recent strings of attacks leveraging the dangerous disk wiper. We detected the Shamoon malware for the first time in August 15th, […]
Pierluigi Paganini
February 16, 2017
Yahoo notifies users that hackers are forging “cookies” or files used in the authentication process to access their accounts, instead of stealing passwords Yahoo confirmed it was notifying some users of sophisticated cyber attacks aimed to compromise their accounts. The hackers are adopting hacking methods to forge “cookies” or files used in the authentication process, instead of […]
Pierluigi Paganini
February 15, 2017
The Russian-speaking black hat hacker Rasputin, hacked systems of more than 60 universities and U.S. government agencies. According to the threat intelligence firm Recorded Future, a Russian-speaking black hat hacker, known as ‘Rasputin‘, hacked systems of more than 60 universities and U.S. Government agencies. We met Rasputin in December 2016, when he was offering for sale stolen login […]
Pierluigi Paganini
February 14, 2017
Adobe addressed thirteen highest severity code execution vulnerabilities in Flash Player for Windows, MAC OS, and Chrome. Adobe released security updates that address two dozen vulnerabilities in Flash Player, Digital Editions, and the Campaigns marketing tool. Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. The updates address critical vulnerabilities that could be […]
Pierluigi Paganini
February 14, 2017
Security researchers at Palo Alto Networks spotted a campaign leveraging Microsoft Office loader using malicious macros to drop multiple malware families. The researchers analyzed more than 650 unique samples of this specific loader since early December 2016, accounting for 12,000 phishing email targeting numerous industries. Most affected industries are High Tech, Professional and Legal Services, […]
