Pierluigi Paganini
March 14, 2018
Security researchers at Israel-based CTS-Labs have discovered 13 critical vulnerabilities and exploitable backdoors in various AMD chips. The flaws could be potentially exploited to steal sensitive data, install malicious code on AMD-based systems, and gain full access to the compromised systems. The flaws expose servers, workstations, and laptops running vulnerable AMD Ryzen, Ryzen Pro, Ryzen Mobile or […]
Pierluigi Paganini
March 13, 2018
Security experts at firm Preempt Security discovered a critical vulnerability in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date. The flaw, tracked as CVE-2018-0886, could be used by a remote attacker to exploit RDP (Remote Desktop Protocol) and Windows Remote Management (WinRM) to steal data and run malicious code. The vulnerability is […]
Pierluigi Paganini
March 13, 2018
Maintainers at the Samba project have released new versions of the popular networking software to fix two critical vulnerabilities. Maintainers at the Samba project have released new versions of the popular open-source networking software to address two critical vulnerabilities that could be exploited by unprivileged remote attackers to launch DoS attacks against servers and […]
Pierluigi Paganini
March 13, 2018
According to a new study conducted by American and Czech researchers, the trade of code-signing certificates is a flourishing business. Code-signing certificates are precious commodities in the dark web, according to a new study conducted by American and Czech researchers and Symantec Labs technical director Christopher Gates their trade is a flourishing business. The experts pointed out […]
Pierluigi Paganini
March 12, 2018
China-Linked APT15 used new backdoors is an attack that is likely part of a wider operation aimed at contractors at various UK government departments and military organizations. Last week Ahmed Zaki, a senior malware researcher at NCC Group, presented at the Kaspersky’s Security Analyst Summit (SAS), details of a malware-based attack against the service provider for the […]
Pierluigi Paganini
March 12, 2018
Besides being known about corruption scandals, South America is a reference to the development of ATM malware spreading globally with Brazil, Colombia, and Mexico leading the way. A research conducted by KASPERSKY has revealed a convergence on attacks against financial institutions, where traditional crimes and cybercrime join forces together to target and attack ATM (Automated […]
Pierluigi Paganini
March 12, 2018
Researchers from the ISC SANS group and the Anti-DDoS company Imperva discovered two distinct campaigns targeting Windows Server, Redis and Apache Solr servers online. Last week new mining campaigns targeted unpatched Windows Server, Apache Solr, and Redis servers, attackers attempted to install the cryptocurrency miner Coinminer. Two campaigns were spotted by researchers from the ISC SANS group and the […]
Pierluigi Paganini
March 11, 2018
According to Citizen Lab, some governments are using Sandvine network gear installed at internet service providers to deliver spyware and cryptocurrency miners. Researchers at human rights research group Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites (i.e. Avast Antivirus, CCleaner, Opera, and 7-Zip) […]
Pierluigi Paganini
March 10, 2018
Slingshot spyware – Security researchers at Kaspersky have spotted a new sophisticated APT group that has been operating under the radar at lease since at least 2012. Security researchers at Kaspersky have spotted a new sophisticated APT group that has been operating under the radar at lease since at least 2012. Researchers tracked the group […]
Pierluigi Paganini
March 10, 2018
McAfee Advanced Threat Research team discovered that the Hidden Cobra APT group is targeting financial organizations in Turkey. North Korea-linked APT group Hidden Cobra (aka Lazarus Group) is targeting the Turkish financial system. Experts from McAfee observed the hackers using the Bankshot implant in targeted attacks against the financial organizations in Turkey. The attack resembles previous attacks conducted […]
Hacking / November 10, 2025
Hacking / November 09, 2025
