Pierluigi Paganini
July 04, 2018
Siemens disclosed several vulnerabilities in some of its SICLOCK central plant clocks, including ones that have been rated as “critical.” Siemens is warning of the presence of six vulnerabilities in some of its SICLOCK central plant clocks that used to synchronize time in industrial environments. “In the event of failure or loss of reception from the […]
Pierluigi Paganini
July 03, 2018
This week researchers demonstrated that most Android phones released since 2012 are still vulnerable to the RAMpage attack. In 2012, security researchers identified a bug in modern DRAM (dynamic random access memory) chips that could lead to memory corruption. In 2015, Google Project Zero researchers demonstrated “rowhammer“, a working exploit of this attack providing privilege […]
Pierluigi Paganini
July 03, 2018
Iranian APT groups continue to very active, recently Charming Kitten cyber spies attempted to pose as an Israeli cyber-security firm that uncovered previous hacking campaigns. The Iranian Charming Kitten ATP group, aka Newscaster or Newsbeef, launched spear phishing attacks against people interested in reading reports about it. The Newscaster group made the headlines in 2014 when experts at iSight issued a report describing the […]
Pierluigi Paganini
July 03, 2018
Microsoft published technical details of 2 zero-days that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. Security researchers from Microsoft have published technical details of two zero-day vulnerabilities that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. The two issues were addressed by Microsoft with […]
Pierluigi Paganini
July 02, 2018
The maintainers of the Trezor multi-cryptocurrency wallet service reported a phishing attack against some of its users that occurred during the weekend. I had some issues yesterday, when accessing your site. It seems to be related with DNS. Is https://t.co/wGje8x5lRN legit? — Carsten 🇹🇭 ⚡ (@CarstenBKK) July 1, 2018 The attack appears more complex respect […]
Pierluigi Paganini
July 02, 2018
A sample of CryptoCurrency Clipboard Hijackers discovered this week by BleepingComputer monitors for more than 2.3 million addresses. Almost any people that have to send cryptocurrency coins use to copy the recipient wallet address into memory from one application and use it to make the transaction. Crooks’ interest in cryptocurrency continues to grow and new malware was specifically […]
Pierluigi Paganini
July 01, 2018
The sale of Zero-day exploits is a prolific business, zero-day broker Zerodium offers rewards of up to $500,000 FreeBSD, OpenBSD, NetBSD, Linux Zero-Days. The sale of Zero-day exploits is a prolific business that most people totally ignore, to better understand its evolution let’s analyze together the offer of the popular exploit broker Zerodium. To have […]
Pierluigi Paganini
July 01, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · A hacker devised a method to unlock […]
Pierluigi Paganini
July 01, 2018
Security issues in the LTE mobile device standard could be exploited by persistent attackers to spy on users’ cellular networks and hijack data traffic. A team of from Ruhr-Universität Bochum and New York University Abu Dhabi has discovered some security issues in the LTE mobile device standard that could be exploited by persistent attackers (i.e. intelligence […]
Pierluigi Paganini
June 30, 2018
Typeform, the popular online survey platform, has suffered a data breach that exposed partial data of some users, no payment card data was stolen. Typeform, the popular online survey platform, is the last victim of a data breach. Typeform software is widely adopted by businesses worldwide to easily arrange surveys, it allows easy creation of […]
APT / February 05, 2026
