Pierluigi Paganini
April 25, 2017
The popular PHP webmail package SquirrelMail is affected by a remote code execution vulnerability tracked as CVE-2017-7692. The popular PHP webmail package SquirrelMail is affected by a remote code execution vulnerability tracked as CVE-2017-7692, that could be exploited by hackers to execute arbitrary commands on the target and fully control it. The recent version, 1.4.22, and […]
Pierluigi Paganini
April 24, 2017
Personal information associated with more than a million Aadhaar numbers published on Jharkhand govt website due to a technical problem. Digital identities of more than a million citizens have been exposed due to a coding error on a website maintained by the Jharkhand Directorate of Social Security. “We got to know about it this week […]
Pierluigi Paganini
April 24, 2017
A group of Israeli researchers has devised a new technique to exfiltrate data from a PC in an air-gapped network through malware controlled via scanners. The team was composed of Ben Nassi, a graduate student at the Cyber Security Research Center at Ben-Gurion University, and his advisor Yuval Elovici, based on an idea of the prominent cryptographer Adi Shamir. […]
Pierluigi Paganini
April 22, 2017
Security researcher warn of hackers compromised thousands of Windows boxes using leaked NSA hack tools DOUBLEPULSAR and ETERNALBLUE Security expert Dan Tentler, the founder of security shop Phobos Group, has observed a significant increase in the number of Windows boxes exposed on the Internet that has been hacked with DOUBLEPULSAR backdoor. The compromised windows boxes have been used […]
Pierluigi Paganini
April 21, 2017
Security firm Flashpoint published an interesting paper titled, ‘Cybercrime Economy: An Analysis of Cybercriminal Communication Strategies‘ about cybercriminal communications of threat actors. A recent research by the threat intelligence firm Flashpoint has uncovered how malicious threat actors communicate to share information between them. The research has found out that there is a growing economy in the […]
Pierluigi Paganini
April 21, 2017
According to Trend Micro, the RawPOS PoS malware was recently used to steal driver’s license information from victims. Security experts at Trend Micro have spotted a new variant of the RawPOS PoS malware stealing driver’s license information from victims. The RawPOS PoS malware is an old threat that has been active since 2008. RAWPOS is a memory scraper that has infected […]
Pierluigi Paganini
April 20, 2017
Cyber security experts disclosed the existence of 10 unpatched security flaws in dozens of Linksys routers widely used today. The IOActive senior security consultant Tao Sauvage and the independent security researcher Antide Petit have reported more than a dozen of unpatched security vulnerabilities affecting 25 different Linksys Smart Wi-Fi Routers models. The security duo published […]
Pierluigi Paganini
April 20, 2017
A security researcher presented a method to exfiltrate sensitive data from a laptop or a smartphone through built-in ambient light sensors. The security expert Lukasz Olejnik discovered that it is possible to steal sensitive data exploiting the ambient light sensors built-in many smartphones and laptops. The ambient light sensors are installed on electronic devices to […]
Pierluigi Paganini
April 20, 2017
Symantec observed the Hajime IoT malware leaving a message on the devices it infects, is it the work of a cyber vigilante? The Mirai botnet is the most popular thingbot, it is targeting poorly configured and flawed ‘Internet of Things’ devices since August 2016, when the threat was first discovered by the researcher MalwareMustDie. Many other bots threaten […]
Pierluigi Paganini
April 19, 2017
Oracle patch update for April 2017 fixed a record number of vulnerabilities, including Apache Struts and Shadow Brokers exploits. Oracle has released security updates to fix flaws in its product, including Apache Struts and a Solaris exploit included in a dump leaked by the Shadow Brokers hackers and containing NSA documents and hacking tools. The Oracle patch update […]
