Pierluigi Paganini January 28, 2023
ISC fixed high-severity flaws in DNS software suite BIND

The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service (DoS). BIND is a suite of software for interacting with the Domain Name System (DNS) maintained by the Internet Systems Consortium (ISC). The ISC released security patches to address multiple high-severity denial-of-service DoS vulnerabilities in the DNS software suite. Threat actors can exploit […]

Pierluigi Paganini May 21, 2018
Internet Systems Consortium rolled out security updates to address 2 flaws in BIND DNS Software

On Friday, the Internet Systems Consortium (ISC) announced security updates for BIND DNS software that address two vulnerabilities rated with a “medium” severity rating. Both vulnerabilities could be exploited by attackers to cause a denial-of-service (DoS) condition, the first issue tracked as CVE-2018-5737 can also cause severe operational problems such as degradation of the service. “A problem […]

Pierluigi Paganini January 17, 2018
Internet Systems Consortium rolled out a patch for a BIND security flaw caused DNS Servers Crash

The Internet Systems Consortium (ISC) has issued security updates for BIND to address a high severity vulnerability that could cause DNS servers crash. The Internet Systems Consortium (ISC) has rolled out security updates for BIND to address a high severity vulnerability that could be remotely exploited to crash DNS servers. The flaw discovered by Jayachandran […]

Pierluigi Paganini September 07, 2017
Dragonfly 2.0: the sophisticated attack group is back with destructive purposes

While the first Dragonfly campaigns appear to have been a more reconnaissance phase, the Dragonfly 2.0 campaign seems to have destructive purposes. Symantec has spotted a new wave of cyber attacks against firms in the energy sector powered by the notorious Dragonfly group. The Dragonfly group, also known as Energetic Bear, has been active since at […]

Pierluigi Paganini July 20, 2014
Discovered a new Havex variant which hit SCADA via OPC

Researchers at FireEye have detected a new variant of Havex RAT, which scans SCADA network via Object linking and embedding for Process Control (OPC). Security experts at F-Secure and Symantec have recently announced a surge of malicious campaigns based on “Havex” malware against critical infrastructure. The bad actors behind the Havex campaign mainly targeted companies in the energy […]

Pierluigi Paganini July 02, 2014
Dragonfly gang is targeting Western energy industry

Security experts at Symantec have detected a new series of attacks worldwide conducted by the Dragonfly gang on SCADA/ICS in critical infrastructure. The energy industry is under attack, more than one thousand companies in Europe and North America are constantly under attack. ICS/SCADA systems are privileged targets of state-sponsored hackers and cyber criminals, last week I wrote […]

Pierluigi Paganini June 09, 2014
ICS-CERT warns on the rise in attacks on online ICS

A reading of the data issued by the ISC-CERT in its Monthly Monitor (ICS-MM201404) on the attacks against ICS (industrial control systems) exposed on line. Do you have exposed your Industrial control system (ICS) on the Internet? “If ICS is connected to the Internet, it comes with an almost 100% guarantee of its being hacked on […]

Pierluigi Paganini July 19, 2012
UK cyber strategy discussed in ISC report 2011/2012

The elaboration of a proper cyber strategy is one the main target of intelligence services all around the world. We often discuss of US and Israel, but also European governments are pushing to reinforce their presence in the cyber space. The fear of cyber attacks against critical infrastructures is high, it is a common strategy […]