Pierluigi Paganini
October 21, 2017
Operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection leveraging the DDE protocol. Security experts are continuing to observe the Locky ransomware spreading via spam campaigns that rely on the Necurs botnet. Now operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection. One of the new techniques adopted by the crooks is the use of […]
Pierluigi Paganini
October 20, 2017
Malware researchers at Check Point have uncovered a new massive IoT botnet that presented many similarities with the dreaded Mirai. The new thing bot emerged at the end of September and appears much more sophisticated, according to the experts the malware already infected more than one million organizations worldwide. The malicious code tries to exploit many known-vulnerabilities […]
Pierluigi Paganini
October 20, 2017
Some kid smartwatches available for sale in Europe pose security and privacy risks, including potentially allowing hackers to take control over them. The European Consumer Organisation (BEUC) warns that most children’s GPS-tracking smartwatches represent a threat for them. Many devices are affected by security vulnerabilities that could be exploited by an attacker to take control over […]
Pierluigi Paganini
October 20, 2017
Google has launched Google Play Security Reward, the bug bounty program that will pay $1,000 rewards for flaws in popular apps. Google has officially launched a bug bounty program for Android apps on Google Play Store, a measure that aims to improve the security of Android apps. The initiative, called Google Play Security Reward, will involve the […]
Pierluigi Paganini
October 20, 2017
Cisco patched critical and high severity vulnerabilities in several products, including the Cloud Services Platform (CSP). Cisco patched critical and high severity vulnerabilities in several products, including the Cloud Services Platform (CSP), the Firepower Extensible Operating System (FXOS) and NX-OS software, and some Small Business IP phones. The most severe vulnerability patched in this round […]
Pierluigi Paganini
October 19, 2017
Threat actors in the wild are mass-scanning websites for directories containing SSH private keys to hack them. The SSH allows a secure way to connect to servers hosting the websites, it allows administrators to get a terminal on them and enter commands. The SSH authentication could rely on login credentials (username and password), or on a […]
Pierluigi Paganini
October 19, 2017
Microsoft’s Offensive Security Research (OSR) team disclosed a remote code execution vulnerability in the Chrome web browser. Microsoft’s Offensive Security Research (OSR) team has disclosed a remote code execution vulnerability in the Chrome web browser that was discovered by its experts. The flaw, tracked as CVE-2017-5121, was addressed by Google last month with the release of Chrome 61, but […]
Pierluigi Paganini
October 19, 2017
Security researchers at Proofpoint spotted a cyber espionage campaign conducted by a group previously linked to China. The hackers have been using a recently patched .NET vulnerability, tracked as CVE-2017-8759, in attacks aimed at organizations in the United States. “Proofpoint researchers are tracking an espionage actor targeting organizations and high-value targets in defense and government. […]
Pierluigi Paganini
October 19, 2017
Oracle released the October 2017 Critical Patch Update (CPU) that addresses a total of 252 security vulnerabilities that affect multiple products. Most of the vulnerabilities fixed by Oracle could be remotely exploitable without authentication. This is the last Oracle Critical Patch Update of 2017, this year the tech giant already resolved 1119 vulnerabilities, or 22% […]
Pierluigi Paganini
October 18, 2017
Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]
Security / December 19, 2025
