Pierluigi Paganini
October 13, 2018
Security experts from Palo Alto Networks warn of fake Adobe Flash update hiding a miner that works as legitimate update and really update the software. A fake Adobe Flash update actually was used as a vector for a malicious cryptocurrency miner, the novelty in this last campaign is represented by the tricks used by attackers to stealthily […]
Pierluigi Paganini
October 13, 2018
The UK’s Department of Health and Social Care provided an update on the efforts to secure the NHS IT infrastructure, with a focus on WannaCry overall costs. The UK’s Department of Health and Social Care provided an update on the spent to secure the IT infrastructure in a report titled “Securing cyber resilience in health […]
Pierluigi Paganini
October 12, 2018
Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released a joint report that details some popular hacking tools. Experts from cybersecurity agencies from Five Eyes intelligence alliance have issued a report that provides technical details on most popular hacking tool families and the way to detect and […]
Pierluigi Paganini
October 12, 2018
A group of hackers is targeting Drupal vulnerabilities, including Drupalgeddon2, patched earlier this year to install a backdoor on compromised servers. Security experts from IBM are targeting Drupal vulnerabilities, including the CVE-2018-7600 and CVE-2018-7602 flaws, aka Drupalgeddon2 and Drupalgeddon3, to install a backdoor on the infected systems and tack full control of the hosted platforms. According to the IBM experts, this last […]
Pierluigi Paganini
October 12, 2018
Our team of security researchers was researching dating apps client-side security, and one of the main focus targets was the social search mobile app Tinder. After initial reconnaissance steps were done, a Tinder domain with multiple client-side security issues was found – meaning hackers could have access to users’ profiles and details. Immediately after finding these vulnerabilities, we […]
Pierluigi Paganini
October 11, 2018
Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system. This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website. The most severe flaw is probably the  CVE-2018-0049, which could be exploited by an attacker to […]
Pierluigi Paganini
October 11, 2018
A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape. According to researchers from Symantec, who first spotted the threat actor, the group has launched attacks on several overseas embassies […]
Pierluigi Paganini
October 11, 2018
SAP released its October 2018 set of patches, it includes the first Hot News security note for SAP BusinessObjects in over five years. SAP released its October 2018 set of patches that included 11 security notes, the company also released 4 updates to previously released notes. The patches include 15 notes, 2 rated Hot News and one of […]
Pierluigi Paganini
October 10, 2018
According to a new report published by the Government Accountability Office (GAO) almost any new weapon systems in the arsenal of the Pentagon is vulnerable to hack. The new generation of weapon systems developed by the Pentagon is heavily computerized and for this reason more exposed to cyber attacks. According to a new 50-page report […]
Pierluigi Paganini
October 10, 2018
A Windows zero-day flaw addressed by Microsoft with its latest Patch Tuesday updates is exploited by an APT group in attacks aimed at entities in the Middle East. The Windows zero-day vulnerability tracked as CVE-2018-8453 is a privilege escalation flaw that was exploited by an APT group in attacks against entities in the Middle East. The flaw, tracked as […]
