Heartbleed

Pierluigi Paganini February 09, 2017
Ticketbleed flaw in F5 Networks BIG-IP appliances exposed to remote attacks

F5 Networks BIG-IP appliances are affected by a serious vulnerability, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’ that exposes it to remote attacks The F5 Networks BIG-IP appliances are affected by a serious flaw, tracked as CVE-2016-9244 and dubbed ‘Ticketbleed’, that can be exploited by a remote attacker to extract the content of the memory, including sensitive […]

Pierluigi Paganini January 23, 2017
Roughly 200,000 Devices still affected by the Heartbleed vulnerability

More than two years after the disclosure of the HeartBleed bug, 200,000 services are still affected. Systems susceptible to Heartbleed attacks are still too many, despite the flaw was discovered in 2014 nearly 200,000 systems are still affected. Shodan made a similar search in November 2015 when he found 238,000 results, the number dropped to 237,539 […]

Pierluigi Paganini July 29, 2016
The Detox Ransome hacker stole Democratic National Committee DB in 2015

The notorious hacker Detox Ransome was searching for Heartbleed vulnerable servers when found and stole a Democratic National Committee DB in 2015. According to The Epoch Times, the notorious hacker Detox Ransome stole Democrat Databases in 2015. In September 2015, the hacker breached a service linked to the operations of the Democratic National Committee accessing the internal database. Detox […]

Pierluigi Paganini May 14, 2015
Cybersecurity in the maritime industry, are our ports secure?

Maritime industry heavily depends on technology, a cyber attack against its infrastructure and systems could have dramatic consequences on our society. In a recent post, I talked about attacks targeting SCADA systems will increase, and our ports are among critical infrastructure that makes large use of such systems. Let’s consider that “almost 90% of the […]

Pierluigi Paganini March 27, 2015
Reading the Secunia Vulnerability Review 2015

Secunia firm issued its annual report on vulnerabilities exploited in 2014 in most popular software, a document which includes key figures and facts. Secunia has recently released its annual study of trends in software vulnerabilities, an interesting report that highlights the impact of the presence of flaws in common software and provide useful details on the […]

Pierluigi Paganini March 17, 2015
OpenSSL announced fix for mystery high critical vulnerability

New versions of OpenSSL will be released on Thursday to patch critical security vulnerabilities, one of which is considered very dangerous. The OpenSSL Project Team announced in an advisory published on Monday that new versions of OpenSSL will be released on Thursday to patch several security vulnerabilities. The disconcerting news is that at least one of them […]

Pierluigi Paganini November 30, 2014
Cybercriminals are increasingly targeting web-connecting Devices including Home Appliances

 As we look forward to 2015, it’s had to forget the complex bugs, data breaches and Privacy violations that have marred the Tech world in the ending year.  Symantec Security firm now projects doom for 2015, warning that attacks will get Smarter and sharper. It’s the end of the year, a perfect time to look […]

Pierluigi Paganini September 11, 2014
High-Risk flaws affect the NOAA Satellite System JPSS

The NOAA JPSS System is affected by thousands vulnerabilities, according to a memorandum from the Department of Commerce’s Office of the Inspector General. The Satellite systems at NOAA (National Oceanic and Atmospheric Administration) are affected by thousands of severe vulnerabilities that could be exploited by threat actors hit them. The disconcerting news refers the findings of […]

Pierluigi Paganini July 25, 2014
Mayhem Malware is targeting Linux and FreeBSD servers

A security team at Russian Internet firm Yandex has identified a botnet based on a malware dubbed Mayhem which is targeting Linux and FreeBSD web servers. Security experts at Russian Internet company Yandex have detected a new strain of malware dubbed Mayhem which is targeting server based on Linux and FreeBSD OSs.  Yandex is a Russian company which operates the […]

Pierluigi Paganini July 16, 2014
Project Zero – Google is hiring the hacking excellence to improve Internet security

Project Zero is the new initiative announced by Google. The company is hiring the top security experts to make the Internet a more secure place. Google has publicly announced a new program called “Project Zero,” an ambitious project which involves a team of Star Hackers and Bug Hunters with the purpose to improve security of the […]