Pierluigi Paganini
November 02, 2017
OpenSSL patches two low and medium severity vulnerabilities that were discovered by using Googleâs open source OSS-Fuzz fuzzing service. The medium severity vulnerability tracked as CVE-2017-3736 was addressed with the release of OpenSSL 1.1.0g and 1.0.2m. The flaw is a carry propagating bug in the x86_64 Montgomery squaring procedure, it affects processors that support BMI1, BMI2 and […]
Pierluigi Paganini
November 02, 2017
Let’s see what has happened at Mobile Pwn2Own 2017 competition organized by Trend Microâs Zero Day Initiative (ZDI) at the PacSec conference in Tokyo. Here we are discussing once again of the Mobile Pwn2Own competition organized by Trend Microâs Zero Day Initiative (ZDI) at the PacSec conference in Tokyo. White hat hackers earned more than half a million […]
Pierluigi Paganini
November 02, 2017
46.2 Million Malaysian Mobile phone numbers leaked online, authorities confirmed data were stolen from government servers and databases at a dozen telcos. Millions of Malaysians have been affected by a major data breach, hackers have accessed 46.2 million cellphone accounts after they broke into government servers and databases at a dozen telcos in the country. Considering that the population […]
Pierluigi Paganini
November 01, 2017
A cybercrime gang called Silence targeted at least 10 banks in Russia, Armenia, and Malaysia borrowing hacking techniques from the Carbanak group. A cybercrime gang called Silence targeted at least 10 banks in Russia, Armenia, and Malaysia borrowing hacking techniques from the dreaded Carbanak hacker group that stole as much as $1 billion from banks worldwide. […]
Pierluigi Paganini
November 01, 2017
WordPress developers fixed a serious SQL injection vulnerability on Tuesday with the release of version 4.8.3.. Apply it as soon as possible. WordPress developers fixed a serious SQL injection vulnerability that was reported by the researcher Anthony Ferrara, VP of engineering at Lingo Live. The issue was addressed on Tuesday with the release of version 4.8.3. The vulnerability […]
Pierluigi Paganini
November 01, 2017
Oracle fixed a flaw in Oracle Identity Manager that was rated with a CVSS v3 score of 10.0 and can result in complete compromise of the software via an unauthenticated network attack. Oracle issued an emergency patch for a vulnerability in Oracle Identity Manager, the flaw tracked as CVE-2017-10151 was rated 10 in severity on the CVSS scale. […]
Pierluigi Paganini
November 01, 2017
MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns. MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to […]
Pierluigi Paganini
October 31, 2017
Security experts from Fortinet spotted a new strain of the Sage ransomware that included new functionalities, such as anti-analysis capabilities. Sage 2.0 is a new ransomware first observed in December and not now it is distributed via malicious spam. Sage is considered a variant of CryLocker ransomware, it is being distributed by the Sundown and RIG exploit kits. The […]
Pierluigi Paganini
October 31, 2017
Early this week FireEye released a managed password cracking tool, dubbed GoCrack, that is able to execute tasks across multiple GPU servers. Early this week FireEye released a managed password cracking tool, dubbed GoCrack, that is able to execute tasks across multiple GPU servers. GoCrack is an open source tool developed by FireEye’s Innovation and Custom Engineering […]
Pierluigi Paganini
October 31, 2017
A flaw in the Google Issue Tracker, also known as the âBuganizer,â might have exposed details about unpatched flaws listed in the database. A vulnerability in the Google Issue Tracker, also known as the âBuganizer,â might have exposed details about unpatched flaws listed in the database. The flaw was reported by the bug hunter Alex Birsan […]
