Pierluigi Paganini
October 19, 2017
Microsoft’s Offensive Security Research (OSR) team disclosed a remote code execution vulnerability in the Chrome web browser. Microsoft’s Offensive Security Research (OSR) team has disclosed a remote code execution vulnerability in the Chrome web browser that was discovered by its experts. The flaw, tracked as CVE-2017-5121, was addressed by Google last month with the release of Chrome 61, but […]
Pierluigi Paganini
October 19, 2017
Security researchers at Proofpoint spotted a cyber espionage campaign conducted by a group previously linked to China. The hackers have been using a recently patched .NET vulnerability, tracked as CVE-2017-8759, in attacks aimed at organizations in the United States. “Proofpoint researchers are tracking an espionage actor targeting organizations and high-value targets in defense and government. […]
Pierluigi Paganini
October 19, 2017
Oracle released the October 2017 Critical Patch Update (CPU) that addresses a total of 252 security vulnerabilities that affect multiple products. Most of the vulnerabilities fixed by Oracle could be remotely exploitable without authentication. This is the last Oracle Critical Patch Update of 2017, this year the tech giant already resolved 1119 vulnerabilities, or 22% […]
Pierluigi Paganini
October 18, 2017
Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]
Pierluigi Paganini
October 18, 2017
Hacking ATM could be very easy thanks to the availability of the CUTLET MAKER ATM malware on an underground hacking forum. Wannabe crooks can buy an ATM malware on a Darknet market for around $5000, the discovery was made by researchers at Kaspersky Lab that noticed a forum post advertising the malicious code dubbed Cutlet Maker. […]
Pierluigi Paganini
October 17, 2017
ROCA vulnerability (CVE-2017-15361) allows attackers to recover users Private RSA Keys, billion devices potentially impacted. While security experts are discussing the dreaded KRACK attack against WiFi networks IT giants, including Fujitsu, Google, HP, Lenovo, and Microsoft are warning their customers of a severe flaw in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. The vulnerability, tracked […]
Pierluigi Paganini
October 17, 2017
Another day, another news about a clamorous data breach, this time the Reuters agency revealed that Microsoft suffered a major security breach back in 2013. According to five former employees, hackers broke into the company vulnerabilities and bug reports database, but the news was never disclosed. The former employees explained that Microsoft addressed all the […]
Pierluigi Paganini
October 16, 2017
The KRACK attack allows an attacker to decrypt information included in protected WPA2 traffic. WPA2 standard has been compromised! Boffins have discovered several key management flaws in the core of Wi-Fi Protected Access II (WPA2) protocol that could be exploited by an attacker to hack into Wi-Fi network and eavesdrop on the Internet communications stealing sensitive […]
Pierluigi Paganini
October 16, 2017
Pizza Hut U.S. notified customers over the weekend a “temporary security intrusion” on PizzaHut.com that exposed payment card and contact information. Pizza Hut U.S. notified customers over the weekend a “temporary security intrusion” on PizzaHut.com, the security breach might have exposed payment card and contact information. The popular restaurant chain notified users via email, according to Pizza […]
Pierluigi Paganini
October 16, 2017
Cisco issued a security advisory on a local privilege escalation vulnerability in the Linux Kernel, patch it as soon as possible. On Friday, Cisco issued a security advisory on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). The vulnerability in the Linux Kernel, tracked as CVE-2017-15265, is due to a use-after-free memory […]
Data Breach / September 29, 2025
