Pierluigi Paganini
May 12, 2017
Linux on Windows – Microsoft is, even more, Linux friendly, the IT giant announced that three free Linux distro will be included in its official app store. Last year the tech giant announced the support for the Bash shell and Ubuntu Linux binaries into Windows 10, news of the day is that Microsoft has announced […]
Pierluigi Paganini
April 17, 2017
Microsoft published the biannual transparency report – The number of US foreign intelligence surveillance requests more than doubled. Microsoft shared data included in the biannual transparency report, the IT giant received more than double what the company said it received under the Foreign Intelligence Surveillance Act (FISA) during the preceding six months. Microsoft Corp announced […]
Pierluigi Paganini
April 12, 2017
Today Microsoft Patch Tuesday fixed the zero-day Word vulnerability that has been actively exploited in attacks in the wild. Microsoft today patched the zero-day Word vulnerability that has been exploited in attacks in the wild. Just yesterday I wrote about a phishing campaign leveraging the flaw to deliver the Dridex banking Trojan. Microsoft published security […]
Pierluigi Paganini
April 11, 2017
Millions of people were targeted by a phishing campaign exploiting a Microsoft Word 0day and aimed to spread the Dridex Banking Trojan. Recently security experts from firms McAfee and FireEye warned of a Microsoft Word zero-day exploited by attackers in the wild. Just opening an MS Word document could put Windows users at risk, the exploitation of the flaw could […]
Pierluigi Paganini
April 10, 2017
Security researchers from firms McAfee and FireEye are warning of a Windows zero-day attack in the wild that put Microsoft users at risk of hack. Security researchers from security firms McAfee and FireEye are warning of hackers exploiting a Windows zero-day vulnerability in the wild. Just opening an MS Word document could put you at risk, […]
Pierluigi Paganini
March 29, 2017
Millions of websites are affected by a buffer overflow zero-day vulnerability, tracked as CVE-2017-7269, that resides in the IIS 6.0. The II6 6.0 zero-day flaw was discovered by two researchers with the Information Security Lab & School of Computer Science & Engineering, South China University of Technology Guangzhou, China who published a PoC code exploit on GitHub. […]
Pierluigi Paganini
March 28, 2017
Thousands of users of the Microsoft searchable Docs.com service have inadvertently exposed passwords and other private information on the Internet. Bad news for thousands of users of the Microsoft searchable Docs.com service who have inadvertently exposed passwords and other private information on the Internet. The Docs.com service allows people to easily exchange documents, it implements a useful […]
Pierluigi Paganini
November 07, 2016
Enterprises running Exchange Server using two-factor authentication on Outlook Web Access (OWA) could be hacked due to a design flaw. New troubles for enterprises running Exchange Server, two-factor authentication implementations on Outlook Web Access (OWA) could be easily bypassed due to a design flaw. An attacker can bypass two-factor authentication to access email inboxes, calendars, contacts and […]
Pierluigi Paganini
September 14, 2016
Are you still using Adobe Flash Player? Are you browsing the web with IE or Edge? Does your company use an Exchange Server? Apply security updates asap! It’s time to patch your systems, especially if you have installed Adobe Flash Player. Adobe has released Security updates to fix critical Flash vulnerabilities that affect any OS (Windows, Mac, […]
Pierluigi Paganini
August 11, 2016
Once again Microsoft failed in fixing a severe Secure Boot vulnerability that can be exploited to install rootkits on Windows devices. Microsoft has accidentally leaked the Secret keys to Bypass UEFI Secure Boot. The Secure Boot is a UEFI (Unified Extensible Firmware Interface) feature that should prevent the execution of unauthorized code during the boot process. The […]
