Pierluigi Paganini
May 05, 2018
A group of security researchers has reportedly discovered 8 new varieties of the Spectre vulnerabilities, dubbed Spectre-Next Generation or Spectre-NG, that affect Intel CPUs. A German security website reported that an unnamed team of researchers has discovered the new flaws that exploit the new issues reported in the original Spectre and Meltdown attacks. The new eight Spectre-NG vulnerabilities in Intel CPUs also affect some ARM […]
Pierluigi Paganini
May 04, 2018
The latest variant of the dreaded GandCrab ransomware,version 3, locks the infected systems running on Windows 7. A few days ago, experts from security firm Fortinet uncovered a new spam campaign delivering a new version of the GandCrab ransomware, the version v3. Like other ransomware, such as Locky and Sage, the GandCrab ransomware v3 also changes the wallpapers of the infected […]
Pierluigi Paganini
May 04, 2018
A team of experts has devised the GLitch attack technique that leverages graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. A team of experts has demonstrated how to leverage graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. By exploiting the Rowhammer attackers hackers can obtain higher kernel […]
Pierluigi Paganini
May 03, 2018
Security researchers have discovered a security vulnerability in Oracle Access Manager that can be exploited by a remote attacker to bypass the authentication and take over the account of any user. Security researcher Wolfgang Ettlinger from SEC Consult Vulnerability Lab has discovered a security vulnerability in Oracle Access Manager that can be exploited by a […]
Pierluigi Paganini
May 03, 2018
Microsoft released an out of band update to address a critical remote code execution vulnerability in the Windows Host Compute Service Shim library (hcsshim). Microsoft announced that it has issued a security update to address a critical remote code execution vulnerability in the Windows Host Compute Service Shim library (hcsshim). The Windows Host Compute Service […]
Pierluigi Paganini
May 02, 2018
Konrads Voits, the man who hacked into the computer system of Washtenaw County Jail to alter inmate records and gain early release for his friend, gets 7-Years in prison. In March 2017, Konrads Voits (27), hacked into the computer system of Washtenaw County Jail to alter inmate records and gain early release for his friend. […]
Pierluigi Paganini
May 01, 2018
Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience, FacexWorm targets cryptocurrency users by spreading through Facebook Messenger. Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience. In the last hours, a new threat is spreading through leveraging an apparently […]
Pierluigi Paganini
May 01, 2018
The NATO team is the winner of the Cyber Defence Exercise Locked Shields 2018 that took place on April 23-26 in Tallinn, Estonia. The international live-fire cyber defence exercise Locked Shields 2018 took place on April 23-26 in Tallinn, Estonia, and the figures behind this important competition are impressive. A total of 22 Blue Teams participated […]
Pierluigi Paganini
April 30, 2018
SamSam ransomware made the headlines again, crooks now spreading thousands of copies of the ransomware at once into individual targeted organizations. Ransomware continues to be one of the most dangerous cyber threat and incident like the one suffered by the city of Atlanta demonstrates that their economic impact on victims could be severe. SamSam ransomware […]
Pierluigi Paganini
April 30, 2018
According to a security expert, Oracle appears to have botched the CVE-2018-2628 fix, this means that attackers could bypass it to take over WebLogic servers. Earlier April, Oracle patched the critical CVE-2018-2628 vulnerability in Oracle WebLogic server, but an Alibaba security researcher @pyn3rd discovered that the proposed fix could be bypassed. https://twitter.com/pyn3rd/status/990114565219344384 The CVE-2018-2628 flaw was […]
