Pierluigi Paganini
April 21, 2018
Security experts at 360 Core Security have recently detected a new type of attack which targets some equihash mining pools. After analysis, they found out the attacked equihash mining pools are using a vulnerable equihash verifier (equihashverify : https://github.com/joshuayabut/equihashverify) to verify miners’ shares. There is a logic vulnerability in this verifier, so attacker can easily fake […]
Pierluigi Paganini
April 21, 2018
UK teenager Kane Gamble (18) who broke into the email accounts of top US intelligence and security officials including the former CIA chief John Brennan. was sentenced to two years in prison. The British hacker Kane Gamble (18) who broke into the email accounts of top US intelligence and security officials including the former CIA chief John Brennan. was […]
Pierluigi Paganini
April 20, 2018
Security researchers at the 360 Core Security observed an APT group exploiting a zero-day vulnerability in IE, dubbed ‘double play’. The flaw is still unfixed. Security researchers at the 360 Core Security uncovered a zero-day vulnerability in IE, dubbed ‘double play’, that was triggered by weaponized MS Office documents. The experts have been observing an APT group targeting a […]
Pierluigi Paganini
April 20, 2018
Google announced that iOS users can now benefit from Google prompt feature via their Gmail application. Security and usability are crucial requirements for Google. Google announced that iOS users can now receive Google prompts via their Gmail application. “In 2017, we made Google prompt the primary choice for G Suite users turning on two-step verification for the first […]
Pierluigi Paganini
April 20, 2018
The researcher Jack Cable (18) has discovered a vulnerability in LinkedIn, the AutoFill functionality, that allowed user data harvesting. While experts and people are discussing the Cambridge Analytica case another disconcerting case made the headlines, the private intelligence agency LocalBlox has left unsecured online an AWS bucket containing 48 million records that were also harvested from Facebook, LinkedIn, and Twitter. […]
Pierluigi Paganini
April 19, 2018
Microsoft announced the new Windows Defender Browser Protection extension that aims to protect them from online threats. Microsoft has a surprise for Chrome users in the Chrome Web Store, it’s the new Windows Defender Browser Protection extension that aims to protect them from online threats. The new extension will help users in avoiding phishing emails, as well as, […]
Pierluigi Paganini
April 19, 2018
Rockwell Automation is warning that its Allen-Bradley Stratix and ArmorStratix industrial switches are exposed to hack due to security vulnerabilities in Cisco IOS. According to Rockwell Automation, eight flaws recently discovered recently in Cisco IOS are affecting its products which are used in many sectors, including the critical manufacturing and energy. The list of flaws includes […]
Pierluigi Paganini
April 19, 2018
Cisco issues a critical patch to address a remote code execution vulnerability in the Cisco WebEx software, hurry up apply it now! Cisco has issued a critical patch to fix a serious vulnerability (CVE-2018-0112) in its WebEx software that could be exploited by remote attackers to execute arbitrary code on target machines via weaponized Flash files. The vulnerability […]
Pierluigi Paganini
April 19, 2018
After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub experts started observing attackers using it to deliver backdoors and crypto miners. At the end of March, the Drupal Security Team confirmed that a “highly critical” vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on March 28th. The […]
Pierluigi Paganini
April 18, 2018
Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in the criminal underground, […]
