Pierluigi Paganini
December 25, 2017
Experts from Elttam discovered a flaw in GoAhead tiny web server that affects hundreds of thousands IoT devices, it could be exploited to remotely execute malicious code on affected devices. A vulnerability in the GoAhead tiny web server package, tracked as CVE-2017-17562, affects hundreds of thousands of IoT devices. The GoAhead solution is widely adopted by tech giants, including Comcast, […]
Pierluigi Paganini
December 25, 2017
Schneider Electric recently released a firmware update for its Pelco VideoXpert Enterprise product that addresses several vulnerabilities, including a high severity code execution flaw, tracked as CVE-2017-9966. The Pelco VideoXpert solution is widely used in commercial facilities worldwide. The security researcher Gjoko Krstic has found two directory traversal bugs and an improper access control flaw that […]
Pierluigi Paganini
December 24, 2017
Security experts spotted a new variant of the CryptoMix ransomware that uses a different extension (.FILE) and a new set of contact emails. Security experts from BleepingComputer discovered a new variant of the CryptoMix ransomware that uses a different extension (.FILE) to append to the file names of the encrypted files and uses new contact emails. For example, a file encrypted by […]
Pierluigi Paganini
December 24, 2017
Researchers at security firm Proofpoint collected evidence of the significant interest of the Lazarus APT group in cryptocurrencies, the group’s arsenal of tools, implants, and exploits is extensive and under constant development. Researchers at security firm Proofpoint collected evidence of the significant interest of the Lazarus APT group in cryptocurrencies. The North Korea-Linked hackers launched several multistage attacks that […]
Pierluigi Paganini
December 23, 2017
Satori botnet, Mirai variant, is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The Mirai botnet makes the headlines once again, a new variant dubbed Satori is responsible for hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers. The activity […]
Pierluigi Paganini
December 22, 2017
Researchers from security firm Trend Micro observed crooks spreading a new cryptocurrency mining bot dubbed Digmine via Facebook Messenger. Watch out for video file (packed in zip archive) sent by your friends via Facebook messenger, according to the researchers from security firm Trend Micro crooks are using this technique to spread a new cryptocurrency mining bot dubbed Digmine. The bot […]
Pierluigi Paganini
December 22, 2017
Nissan Finance Canada announced on Thursday that the personal information of 1.13 million customers may have been exposed as a result of a data breach. Nissan Finance Canada has been hacked, personal information of 1.13 million customers may have been exposed as a result of a data breach discovered by the company on December 11 (The […]
Pierluigi Paganini
December 21, 2017
VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and version 6.5 U1d of vCSA. Some of the flaws could be exploited by an attacker […]
Pierluigi Paganini
December 20, 2017
Experts discovered that the Windows 10 facial recognition security feature Hello can be spoofed using a photo of an authorized user. Security experts at pen-test firm Syss have discovered that the Windows 10 facial recognition security feature dubbed Hello can be spoofed in the simplest way, using a photo of an authorized user. “Microsoft face authentication in Windows 10 is an enterprise-grade identity […]
Pierluigi Paganini
December 20, 2017
Experts discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. Security experts at WordFence have discovered that the popular WordPress Captcha plugin installed on over 300,000 sites was recently updated to deliver a hidden backdoor. The WordPress team promptly removed the plugin from the official WordPress […]
Hacking / November 06, 2025
