MUST READ

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks

 | 

Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud

 | 

U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Hacking

Pierluigi Paganini July 05, 2017
AV-TEST: The number of malware decreases, but their complexity increases

According to the AV-TEST Security Report 2016/2017 published by the independent anti-virus testing outfit AV-TEST, the number of malware decreases, but … According to the AV-TEST Security Report 2016/2017 published by the independent anti-virus testing outfit AV-TEST, the number of malware samples detected in 2016 decreased compared to 2015, but they have been more sophisticated. The recent NotPetya and WannaCry ransomware-based massive attacks, IoT […]

Pierluigi Paganini July 05, 2017
Ukrainian cyberpolice seized MeDoc servers while hackers withdrawn Bitcoin from NotPetya wallet

The Ukraine’s cyber police seized the MeDoc servers after detecting a new suspicious activity and fearing new malware-based attacks. The Ukrainian authorities have seized equipment from the online accounting firm MeDoc which is suspected to have had a significant role in the recent NotPetya attack. The Ukraine’s cyber police have seized the servers after detecting a new suspicious activity, the […]

Pierluigi Paganini July 05, 2017
Bithumb, the fourth largest Bitcoin exchange has been hacked

Bithumb, one of the world’s largest Bitcoin and Ether crypto currencies exchanges, has been hacked. Over $1 Million worth Bitcoin and Ether stolen. Bithumb, one of the world’s largest Bitcoin and Ether crypto currencies exchanges, has been hacked. The hackers have stolen more than $1 Million in crypto currencies from the accounts of several users of the […]

Pierluigi Paganini July 04, 2017
Vulnerabilities in Pre-Installed Software expose Dell Systems to hack

According to experts from Talos, security vulnerabilities in pre-installed software expose Dell systems to code execution attacks. Security vulnerabilities in pre-installed software expose Dell systems to code execution attacks. Hackers can exploit the flaws to disable security mechanisms, escalate privileges and execute arbitrary code within the context of the application user. According to the experts […]

Pierluigi Paganini July 04, 2017
Hacker Interview Mubix “Rob” Fuller – Security Affairs

Today I have the pleasure to interview Mubix “Rob” Fuller (@mubix ) one of the most prominent experts in the hacking community. Rob has over 11 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks […]

Pierluigi Paganini July 04, 2017
How to chain flaws in Lenovo VIBE smartphones to gain root privileges

Researchers from Mandiant found a way to gain root privileges on Lenovo VIBE smartphones by chaining three vulnerabilities. The Lenovo VIBE smartphones were affected by security vulnerabilities that could allow an attacker with physical access to the device to gain root privileges. Researchers from Lenovo confirmed that the vulnerabilities could be exploited only on devices that […]

Pierluigi Paganini July 03, 2017
The NotPetya ransomware is a Brick Through Your Windows

The recent global outbreak of the “NotPetya” malware has some very curious features that have left security officials puzzled. Despite the press coverage, NotPetya is not really a ransomware attack to hold your data hostage. It’s a killbot. Several information security specialists have pointed a finger directly at Moscow; citing circumstantial evidence the source of […]

Pierluigi Paganini July 02, 2017
NATO CCD COE attributed the massive NotPetya attack to a ‘state actor’ and call for a joint investigation

NATO attributed the massive NotPetya attack to a ‘state actor,’ NotPetya and WannaCry Call for a Joint Response from International Community. According to NATO CCD COE, the recent massive attack based on NotPetya ransomware was powered by a “state actor.” The malware infected over 12,000 devices in around 65 countries, the malicious code hit major […]

Pierluigi Paganini July 01, 2017
Wikileaks – CIA developed OutlawCountry Malware to hack Linux systems

WikiLeaks released a new batch of documents that detail the CIA tool OutlawCountry used to remotely spy on computers running Linux operating systems. WikiLeaks has released a new batch of documents from the Vault 7 leak that details a CIA tool, dubbed OutlawCountry, used by the agency to remotely spy on computers running Linux operating systems. According to the […]

Pierluigi Paganini June 30, 2017
Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices

Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing. Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while conducting internal testing. “The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Security / December 06, 2025

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

Uncategorized / December 05, 2025

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

Intelligence / December 05, 2025

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

Hacking / December 04, 2025