Pierluigi Paganini
May 22, 2018
Security experts from Qihoo 360 Netlab discovered the operators behind the TheMoon botnet are now leveraging a zero-day exploit to target GPON routers. Researchers from security firm Qihoo 360 Netlab reported that cybercriminals are continuing to target the Dasan GPON routers, they recently spotted threat actors using another new zero-day flaw affecting the same routers and recruit them in […]
Pierluigi Paganini
May 21, 2018
Roaming Mantis malware initially targeting Android devices, now has broadened both its geographic range and its targets. Security experts from Kaspersky Lab discovered that the operators behind the Roaming Mantis campaign continue to improve their malware broadening their targets, their geographic range and their functional scope. Roaming Mantis surfaced in March 2018 when hacked routers in Japan […]
Pierluigi Paganini
May 21, 2018
Google awarded the 18-year-old student Ezequiel Pereira a total of $36,337 for the discovery of a critical remote code execution vulnerability that affected the Google App Engine. The Google App Engine is a framework that allows Google users to develop and host web applications on a fully managed serverless platform. In February, Pereira gained access to […]
Pierluigi Paganini
May 21, 2018
Crooks are exploiting known vulnerabilities in the popular Drupal CMS such as Drupalgeddon2 and Drupalgeddon3 to deliver cryptocurrency miners, remote administration tools (RATs) and tech support scams. Security experts at Malwarebytes reported that compromised Drupal websites are used to deliver cryptocurrency miners, remote administration tools (RATs) and tech support scams. Crooks are exploiting known vulnerabilities in the […]
Pierluigi Paganini
May 21, 2018
On Friday, the Internet Systems Consortium (ISC) announced security updates for BIND DNS software that address two vulnerabilities rated with a “medium” severity rating. Both vulnerabilities could be exploited by attackers to cause a denial-of-service (DoS) condition, the first issue tracked as CVE-2018-5737 can also cause severe operational problems such as degradation of the service. “A problem […]
Pierluigi Paganini
May 21, 2018
Crook faces up to 35 years in prison for operating the popular Scan4You counter anti-virus (CAV) website that helped malware authors to test the evasion capabilities of their codes. Scan4You is a familiar service for malware developers that used it as a counter anti-virus (CAV). Scan4You allowed vxers to check their malware against as many […]
Pierluigi Paganini
May 20, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·     A new flaw in Electron poses a risk to apps based on the […]
Pierluigi Paganini
May 20, 2018
Researchers from Eclypsium proposed a new variation of the Spectre attack that can allow attackers to recover data stored inside CPU System Management Mode. Security experts from Eclypsium have devised a new variation of the Spectre attack that can allow attackers to recover data stored inside CPU System Management Mode (SMM) (aka called ring -2). The SMM is an operating […]
Pierluigi Paganini
May 19, 2018
Security experts from Fortinet have spotted a new variant of the Mirai botnet dubbed ‘Wicked Mirai’, it includes new exploits and spread a new bot. The name Wicked Mirai comes from the strings in the code, the experts discovered that this new variant includes at least three new exploits compared to the original one. “The […]
Pierluigi Paganini
May 19, 2018
DrayTek routers are affected by a zero-day vulnerability that could be exploited by attackers to change DNS settings on some models. Routers manufactured by the Taiwan-based vendor DrayTek are affected by a zero-day vulnerability that could be exploited by attackers to change DNS settings on some of its routers. DrayTek confirmed to be aware that hackers are attempting […]
Malware / November 11, 2025
Hacking / November 11, 2025
