Pierluigi Paganini
August 17, 2018
The security researcher Sam Thomas from Secarma, has discovered a new attack technique that leverages critical deserialization vulnerabilities in PHP programming language. The flaws potentially expose web applications written in the popular language to cyber attacks, including websites running CMSs like WordPress and Typo3. The expert discovered that an attacker can use low-risk functions against Phar archives to trigger […]
Pierluigi Paganini
August 17, 2018
Cosmos Bank, one of the largest Indian cooperative banks, confirmed it was the victim of a cyberheist, over the weekend hackers stole over 940 million rupees ($13.5 million) in three days. Hackers stole over 940 million rupees ($13.5 million) in three days from the Indian cooperative Cosmos bank. The Cosmos bank publicly disclosed the attacks in a […]
Pierluigi Paganini
August 16, 2018
Piping botnet – Israeli researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously. Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water […]
Pierluigi Paganini
August 16, 2018
Security experts from the cloud security firm Avanan have discovered a new technique dubbed PhishPoint, that was used by hackers to bypass Microsoft Office 365 protections. PhishPoint is a new SharePoint phishing attack that affected an estimated 10% of Office 365 users over the last 2 weeks. The experts are warning of the new technique […]
Pierluigi Paganini
August 15, 2018
Hundreds of Instagram accounts were hijacked in what appears to be the result of a coordinated attack, all the accounts share common signs of compromise. Alleged attackers have hijacked Instagram accounts and modified personal information making impossible to restore the accounts. The number of Instagram accounts that was hacked has increased since the beginning of […]
Pierluigi Paganini
August 15, 2018
Foreshadow Attacks – Security researchers disclosed the details of three new speculative execution side-channel attacks that affect Intel processors. The new flaws, dubbed Foreshadow and L1 Terminal Fault (L1TF), were discovered by two independent research teams. An attacker could exploit the Foreshadow vulnerabilities attacks to gain access to the sensitive data stored in a computer’s memory or third-party clouds. […]
Pierluigi Paganini
August 14, 2018
Security expert demonstrated that reusing a key pair across different versions and modes of IPsec IKE open the doors to attacks. Many vendors are affected Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications. The products of several vendors, including Cisco, […]
Pierluigi Paganini
August 14, 2018
Security researcher has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless. Security researcher Aditya K. Sood has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless that can be exploited remotely to take control of affected devices. The affected models are NetComm 4G LTE […]
Pierluigi Paganini
August 13, 2018
A vulnerability in HP OfficeJet all-in-one inkjet printer can be exploited by attackers to gain control of the printer and use it as entry point into the network environment. A critical vulnerability potentially exposes millions of HP OfficeJet printers to hack, according to the experts at Check Point the attackers only need to send a […]
Pierluigi Paganini
August 13, 2018
Last week Oracle disclosed a critical vulnerability in its Oracle Database product, the issue tracked as CVE-2018-3110 has received a CVSS score of 9.9, On Friday, Oracle released security patches to address a critical vulnerability affecting its Database product, the company is urging install them as soon as possible. The vulnerability resides in the Java VM component […]
APT / February 05, 2026
