Pierluigi Paganini
August 28, 2018
According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2. The PoC code was published on GitHub and experts were warning of […]
Pierluigi Paganini
August 28, 2018
A security researcher has publicly disclosed the details of zero-day privilege escalation vulnerability affecting all Microsoft’s Windows operating systems A security researcher who handles the Twitter account @SandboxEscaper has disclosed the details of zero-day privilege escalation vulnerability affecting Microsoft’s Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges on […]
Pierluigi Paganini
August 28, 2018
Experts from SecureWorks discovered a large phishing campaign targeting universities carried out by an Iran-linked threat actor COBALT DICKENS. Security firm SecureWorks has uncovered a new phishing campaign carried out by COBALT DICKENS APT targeting universities worldwide, it involved sixteen domains hosting more than 300 spoofed websites for 76 universities in 14 countries, including Australia, Canada, China, Israel, […]
Pierluigi Paganini
August 28, 2018
Security experts from Securonix have published a report that attributes the attack against on the Cosmos Bank to the Lazarus APT group. Cosmos Bank is one of the largest Indian cooperative banks, it was the victim of a cyberheist a couple of weeks ago when hackers stole over 940 million rupees ($13.5 million) in just three […]
Pierluigi Paganini
August 27, 2018
The Exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2 was published on GitHub, experts fear massive attacks. The CVE-2018-11776 vulnerability affects Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and potentially unsupported versions of the popular Java framework. âPossible Remote Code Execution when using results with no namespace and […]
Pierluigi Paganini
August 27, 2018
A group of researchers has conducted an interesting study on AT commands attacks on modern Android devices discovering that models of 11 vendors are at risk A group of researchers from the University of Florida, Stony Brook University, and Samsung Research America, has conducted an interesting research on the set of AT commands that are […]
Pierluigi Paganini
August 27, 2018
A Google security researcher disclosed a vulnerability in the newcome Fortnite Android App that exposes it to Man-in-the-Disk attacks. After a long wait, Fortnite Android app has finally arrived but it hides an ugly surprise, it is vulnerable to Man-in-the-Disk (MitD) attacks that can allow a third-party application to crash it or run malicious code. The […]
Pierluigi Paganini
August 26, 2018
A team of security experts has devised a rogue USB charging cable named USBHarpoon that can be used to compromise a computer in just a few seconds. The team was composed of Olaf Tan and Dennis Goh of RFID Research Group, Vincent Yiu of SYON Security, and the popular Kevin Mitnick. The USBHarpoon takes inspiration on the BadUSB project built by […]
Pierluigi Paganini
August 25, 2018
The restaurant chain Cheddar’s Scratch Kitchen suffered a payment card breach, hackers hacked the company network between Nov. 3, 2017 and Jan. 2, 2018 Once again here we are to discuss of a data breach suffered by a restaurant chain this time the victim is Cheddar’s Scratch Kitchen. The news has been confirmed by the […]
Pierluigi Paganini
August 24, 2018
A new cross-platform Mirai variant appeared in the threat landscape, this one has been created using an open-source project. Security experts from Symantec have spotted a new cross-platform Mirai variant that has been created with an open-source project. Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive […]
Security / November 14, 2025
