Pierluigi Paganini
January 17, 2019
Drupal released security updates for Drupal 7, 8.5 and 8.6 that address two “critical” security vulnerabilities that could be exploited for arbitrary code execution. The first vulnerability could be exploited by a remote attacker to execute arbitrary PHP code. The flaw resides in the phar stream wrapper implemented in PHP and is related to the way […]
Pierluigi Paganini
January 16, 2019
A critical flaw in online flight ticket booking system developed by Amadeus could impact almost half of the fight travelers of 141 airlines around the world A critical flaw in online flight ticket booking system developed by Amadeus could be exploited by a remote attacker to access and modify travel details and claim his frequent […]
Pierluigi Paganini
January 16, 2019
By using multi-gesture trackpad along with Safari browser in MacBook Pro, one can view sensitive data which is cached in your Safari browser. (Note: This is not a back button browsing vulnerability) I figured out this issue while playing around with Safari browser, looks like the most recent activity of any authenticated or un-authenticated website is stored in […]
Pierluigi Paganini
January 16, 2019
Security researchers at Check Point have discovered several flaws in the popular game Fortnite that could be exploited to takeover gamers’account. Security experts at Check Point discovered several issues in the popular online battle game Fortnite. One of the flaws is an OAuth account takeover vulnerability that could have allowed a remote attacker to takeover […]
Pierluigi Paganini
January 15, 2019
Researchers from Trend Micro have analyzed the communication protocols used by cranes and other industrial machines and discovered several flaws. Security experts from Trend Micro have discovered several vulnerabilities in the communication protocols used by cranes, hoists, drills and other industrial machines. The experts found vulnerabilities in products from several vendors, including Saga, Juuko, Telecrane, […]
Pierluigi Paganini
January 15, 2019
A security expert discovered a zero-day flaw in the processing of VCard files that could be exploited by a remote attacker to compromise a Windows PC The security expert John Page (@hyp3rlinx), discovered a zero-day vulnerability in the processing of VCard files that could be exploited by a remote attacker, under certain conditions, to hack Windows […]
Pierluigi Paganini
January 15, 2019
Starting from Firefox 69, Mozilla will disable Adobe Flash by default, a process that aims to completely remove the support for the popular plugin. Mozilla announced that the Firefox 69 will no longer support Adobe Flash due to a large number of serious flaws exploited by hackers in attacks across the years. The decision was […]
Pierluigi Paganini
January 14, 2019
Zurich American Insurance Company is refusing to refund its client because consider the attack as “an act of war” that is not covered by its policy. The US food giant Mondelez is suing Zurich for $100 Million after the insurance company rejected its claim to restore normal operations following the massive NotPetya ransomware attack. On […]
Pierluigi Paganini
January 14, 2019
The City Hall of Del Rio, a city in and the county seat of Val Verde County, Texas, was hit by a ransomware attack, operations were suspended. Last week, the City Hall of Del Rio, a city in and the county seat of Val Verde County, Texas, was hit by a ransomware attack. On Thursday, tens of computers at […]
Pierluigi Paganini
January 14, 2019
FireEye and CrowdStrike discovered that threat actors behind the Ryuk ransomware are working with another cybercrime gang to gain access to target networks. In August 2018, security experts from Check Point uncovered a ransomware-based campaign aimed at organizations around the world conducted by North Korea-linked threat actor. This is the first time that a security firm […]
