Pierluigi Paganini
January 16, 2015
Google Project Zero team disclosed a new unpatched flaw affecting Windows 8.1 systems, the cyber security community is divided between those for and against. The Google Project Zero team has disclosed the details of two more unpatched Windows vulnerabilities due to its disclosure policy. Google has released the details of another Windows vulnerability that Microsoft failed to fix […]
Pierluigi Paganini
January 14, 2015
GE MultiLink managed switches are affected by two vulnerabilities which could be exploited to gain unauthorized access and run DoS attacks on the device. Managed Ethernet switches produced by GE include the hard-coded private SSL key in a number of network devices. The Ethernet switches that present the security hole are designed for use in industrial […]
Pierluigi Paganini
January 14, 2015
Google is not able to direct control the distribution of bug patches for its devices, and 60 percent of Android phones is exposed to security risks. The security expert Todd Bearsley published an interesting blog post on Rapid7 Security Street blog explaining that the Metasploit framework currently includes 11 different exploits for WebView. “WebView is the core component […]
Pierluigi Paganini
January 14, 2015
Google Project Zero team disclosed a new unpatched vulnerability affecting Windows 8.1 systems unleashing the wrath of Microsoft for its disclosure policy. Google’s Project Zero hacking team has disclosed the details of a new unpatched Windows 8.1 Privilege Escalation vulnerability in Microsoft Windows 8.1 OS. It is the second flaw in Windows 8.1 OS publicly disclosed by […]
Pierluigi Paganini
January 10, 2015
Security expert Brian Krebs and a research team discovered that the Lizard Stresser DDoS tool relies on compromised Home Routers. Over the holidays the Lizard Squad team knocked out the networks of Sony PSN and Microsoft Xbox live service using a tool they have designed to run DDoS attacks. The tool is dubbed Lizard Stresser and according to […]
Pierluigi Paganini
January 08, 2015
The popular copy and paste website Pastebin has been leveraged by hackers to serve a backdoor to millions of users by exploiting flaws in a WordPress plugin. Malware authors have demonstrated a great inventiveness using any kind of platform and technique to control their malicious code. Security experts have detected botnet controlled via Gmail drafts, Evernote or […]
Pierluigi Paganini
January 07, 2015
The Carnegie Mellon University CERT/CC warned about the presence of serious vulnerabilities in the Unified Extensible Firmware Interface (UEFI). The CERT/CC has issued three different advisories for security flaws identified in the Unified Extensible Firmware Interface (UEFI). The Unified Extensible Firmware Interface (UEFI) (pronounced as an initialism U-E-F-I or like “unify” without the n) is a specification that defines a software interface between an operating […]
Pierluigi Paganini
January 06, 2015
Apple has patched the iCloud flaw exploited by iDict tool, the news was confirmed by the author of the hacking application via Twitter. Last week the iDict hacking tool has been released by a hacker known as Pr0x13, the expert posted the code of iDict on GitHub explaining that it is very easy to use and exploits a […]
Pierluigi Paganini
January 06, 2015
A Greek security researcher has developed WiFiPhisher, a Wi-Fi social engineering tool that is designed to steal credentials from users of WPA networks. The Greek security expert George Chatzisofroniou has developed WiFiPhisher, a WiFi social engineering tool that allows an attacker to steal credentials from users of secure WiFi networks. WiFiPhisher is available for download on the software […]
Pierluigi Paganini
January 05, 2015
A security researcher has presented a technique dubbed Thunderstrike hack to infect Apple’s Mac PCs with with EFI Bootkit through the Thunderbolt port. Infect Apple Mac PCs exploiting the Thunderbolt port is possible, the security researcher Trammell Hudson has demonstrated how it is possible during the last edition of the annual Chaos Computer Congress in Hamburg, Germany. The […]
