Pierluigi Paganini
May 13, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · European Central Bank announced a framework for cyber attack simulation on financial firms […]
Pierluigi Paganini
May 13, 2018
Security experts have discovered a vulnerability in the Electron software framework that has been used for building a large number of popular desktop applications. Popular desktop applications, including Skype, Slack, GitHub Desktop, Twitch, WordPress.com, and others, are potentially affected. Electron is a node.js, V8, and Chromium open-source framework that allows developers to use web technologies such as […]
Pierluigi Paganini
May 13, 2018
The EE operator, the British largest cell network in the UK with some 30 million customers, has left a critical code system exposed online with a default password. EE, a British mobile network giant owned by BT Group has been accused of leaving a critical code repository on an open-source tool protected by a default username and […]
Pierluigi Paganini
May 12, 2018
WannaCry ransomware outbreak anniversary – According to researchers from ESET, the popularity of EternalBlue increase significantly over the past months. Exactly one year ago, on May 12, the WannaCry ransomware infected hundreds of thousands of computers worldwide. The success of the malware was the use of the EternalBlue exploit that was stolen by Shadow Brokers […]
Pierluigi Paganini
May 12, 2018
Google released an updated version of Chrome 66 that addresses a Critical security vulnerability that could be exploited by an attacker to take over a system. Google released an updated version of Chrome 66 (version 66.0.3359.170) for Windows, Mac, and Linux systems that addressed 4 security vulnerabilities. “This update includes 4 security fixes. Below, we highlight fixes that were contributed […]
Pierluigi Paganini
May 11, 2018
Security experts devised a new attack technique dubbed Throwhammer that could be exploited by attackers to launch Rowhammer attack on a system in a LAN. A few days ago we discussed the GLitch attack that leverages graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. Now security experts devised a new attack […]
Pierluigi Paganini
May 11, 2018
Trello, when an error in the publishing strategy is able to put at risk the private data of a huge community of unaware users. A “Security enthusiastic” found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from dozens of public Trello boards. Our […]
Pierluigi Paganini
May 11, 2018
On May 4th Tech giant Telstra discovered a vulnerability in its service that could potentially expose customers of its cloud who run self-managed resources. Telstra is a leading provider of mobile phones, mobile devices, home phones and broadband internet. On May 4th, the company has discovered a vulnerability in its service that could potentially expose […]
Pierluigi Paganini
May 10, 2018
Security experts at Flashpoint confirmed the availability online for the source code of the TreasureHunter PoS malware since March. The researchers found evidence that the threat has been around since at least late 2014. TreasureHunt was first discovered by researchers at the SANS Institute who noticed the malware generating mutex names to evade detection. TreasureHunt enumerates the processes running on the […]
Pierluigi Paganini
May 10, 2018
Recently, the Advanced Threat Response Team of 360 Core Security Division detected an APT attack exploiting a 0-day vulnerability tracked as CVE-2018-8174. Now the experts published a detailed analysis of the flaw. I Overview Recently, the Advanced Threat Response Team of 360 Core Security Division detected an APT attack exploiting a 0-day vulnerability and captured the world’s […]
APT / February 05, 2026
