Pierluigi Paganini
February 15, 2017
The Russian-speaking black hat hacker Rasputin, hacked systems of more than 60 universities and U.S. government agencies. According to the threat intelligence firm Recorded Future, a Russian-speaking black hat hacker, known as ‘Rasputin‘, hacked systems of more than 60 universities and U.S. Government agencies. We met Rasputin in December 2016, when he was offering for sale stolen login […]
Pierluigi Paganini
February 14, 2017
Adobe addressed thirteen highest severity code execution vulnerabilities in Flash Player for Windows, MAC OS, and Chrome. Adobe released security updates that address two dozen vulnerabilities in Flash Player, Digital Editions, and the Campaigns marketing tool. Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. The updates address critical vulnerabilities that could be […]
Pierluigi Paganini
February 14, 2017
Security researchers at Palo Alto Networks spotted a campaign leveraging Microsoft Office loader using malicious macros to drop multiple malware families. The researchers analyzed more than 650 unique samples of this specific loader since early December 2016, accounting for 12,000 phishing email targeting numerous industries. Most affected industries are High Tech, Professional and Legal Services, […]
Pierluigi Paganini
February 13, 2017
According to security experts from Symantec and BAE Systems, the recently discovered attacks aimed at Poland banks are linked to the Lazarus Group. Last week, several Polish banks confirmed their systems were infected with a malware after their staff visited the site of the Polish Financial Supervision Authority. The cyber attack was first reported by […]
Pierluigi Paganini
February 12, 2017
A new serious denial-of-service (DoS) vulnerability was patched this week by the Internet Systems Consortium (ISC) in the BIND DNS software. A security serious denial-of-service (DoS) vulnerability, tracked as CVE-2017-3135, was patched this week by the Internet Systems Consortium (ISC) in the BIND DNS software. The vulnerability in the BIND DNS software was reported by Ramesh Damodaran and Aliaksandr Shubnik of […]
Pierluigi Paganini
February 12, 2017
Prosecutors confirmed that the failed cyber attack on Brussels airport a few hours after 2016 bombings was launched by a US minor. Prosecutors confirmed that the failed cyber attack on Brussels airport a few hours after dramatic 2016 bombings in Belgium’s capital was launched by a US minor. On March 2016, suicide bombers attacked Zaventem […]
Pierluigi Paganini
February 11, 2017
Sports Direct, the UK’s largest sports retail business, was hacked last year, and still hasn’t disclosed the incident to its staff. The Register confirmed that the Sports Direct, the UK’s largest sports retail business, was hacked last year, and still hasn’t disclosed the incident to its staff. In the autumn a hacker broke into the internal systems […]
Pierluigi Paganini
February 10, 2017
Arby’s Restaurant Group, one of the largest fast food sandwich restaurant chains in the US, confirmed that its PoS systems had been breached by crooks. Hundreds of Arby’s Restaurants suffered a card breach, the Arby’s Restaurant Group is the second-largest quick-service fast-food sandwich restaurant chain in the US. Arby’s has more than 3,330 stores in the United States, […]
Pierluigi Paganini
February 10, 2017
Every website that uses jQuery Mobile, and has any open redirect anywhere is vulnerable to cross-site scripting (XSS) attacks. The jQuery Foundation’s jQuery Mobile project is an HTML5-based framework that allows users to design a single responsive web site or application that will work on all popular mobile devices and desktop systems. According to the foundation, […]
Pierluigi Paganini
February 09, 2017
F5 Networks BIG-IP appliances are affected by a serious vulnerability, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’ that exposes it to remote attacks The F5 Networks BIG-IP appliances are affected by a serious flaw, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’, that can be exploited by a remote attacker to extract the content of the memory, including sensitive […]
