Pierluigi Paganini April 23, 2022
Are you using Java 15/16/17 or 18 in production? Patch them now!

A researcher has released proof-of-concept (PoC) code for a digital signature bypass vulnerability in Java. Security researcher Khaled Nassar released a proof-of-concept (PoC) code for a new digital signature bypass vulnerability, tracked as CVE-2022-21449 (CVSS score: 7.5), in Java. The vulnerability was discovered by ForgeRock researcher Neil Madden, who notified Oracle on November 11, 2021. An […]

Pierluigi Paganini August 20, 2018
Malware researcher reverse engineered a threat that went undetected for at least 2 years

The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many […]

Pierluigi Paganini February 22, 2017
FTP Injection flaws in Java and Python allows firewall bypass

The two programming languages, Java and Python, are affected by serious FTP Injection flaws that can be exploited by hackers to bypass any firewall. Attackers can trick Java and Python applications to execute rogue FTP commands that would open ports in firewalls The unpatched flaws reside in the way the two programming languages handle File Transfer […]

Pierluigi Paganini March 24, 2016
Patch Java immediately or attackers can hack you

The CVE-2016-0636 flaw affects Java SE running in web browsers on desktops, attackers can trigger it remotely to takeover your PC. Once again a serious security vulnerability affects the Java Oracle software, the new flaw coded as CVE-2016-0636 scored a 9.3 on the Common Vulnerability Scoring System bug severity rating. The CVE-2016-0636 vulnerability affects Java SE running in […]

Pierluigi Paganini March 14, 2016
CVE-2013-5838 Java flaw is back two-year later due to broken patch

The patch for the critical Java CVE-2013-5838 vulnerability released by Oracle in 2013 is ineffective and can be easily bypassed. Bad news for Java users, in 2013 Oracle released a patch to fix the CVE-2013-5838 vulnerability, but security experts discovered that it could be easily bypassed to compromise the latest versions of the software. This means […]

Pierluigi Paganini April 18, 2015
Java – New vulnerabilities affects million applications

Oracle warned that a dozen of new Java security vulnerabilities could be exploitable remotely to gain access to a target application without login. Once again Java vulnerabilities are worrying the security community, a series of vulnerabilities could be exploitable remotely to gain access to a target application without authentication. Every application running on any of […]

Pierluigi Paganini January 28, 2015
Java poses the biggest security risks to PCs in US

According to a new series of reports published by Secunia firm, Oracle Java poses the biggest security risks to Desktop machines in the US. According to the a new report published by Secunia security vendor, Oracle Java software represents the principal source of problems for private US desktops, followed by Apple Quicktime 7.x. Oracle Java is […]

Pierluigi Paganini June 19, 2014
Security issues found in USCIS RFID Card production system

The system used to produce RFID identification cards including permanent resident IDs by the USCIS has a number of serious security issues. A report from the Office of the Inspector General (OIG) at DHS titled “Radio Frequency Identification Security at USCIS Is Managed Effectively, But Can Be Strengthened” confirms the presence of serious security issues in the […]

Pierluigi Paganini February 26, 2014
YouTube ads network serving Caphaw Banking Trojan

YouTube users were targeted by a classic drive-by download attack by exploiting client Java software vulnerabilities and serving Caphaw Banking Trojan. What about using YouTube to spread malware? YouTube is a video-sharing website on which users can upload, view and share videos, it has great appeal to the users and represents one of the bastions of the Internet. The website was […]

Pierluigi Paganini February 12, 2014
JackPOS malware presented as a Java Update Scheduler

JackPOS was detected by security experts at IntelCrawler firm several days ago and it seemed based on code from “Alina”. Attacks on POS are on the rise. A new strain of Point-of-Sale malware named “JackPOS” was discovered by IntelCrawler, a cyber intelligence firm from Los Angeles, confirming the growing trend of Point-of-Sales malware after the Target data breach. JackPOS was detected several days ago […]