Pierluigi Paganini May 07, 2021
Possible attacks on the TCP/IP protocol stack and countermeasures

Let’s look at what types of threats each layer of the TCP/IP protocol stack may be susceptible to. The task of a computer security system is to safeguard the information transmitted over the network and to adequately preserve the data stored in it.  Excluding in this discussion threats due to natural disasters, we can classify […]

Pierluigi Paganini June 09, 2017
CISCO Prime Data Center Network Manager affected by two critical flaws

Cisco èiblished two security advisories to warn customers of the presence of two critical vulnerabilities in the CISCO Prime Data Center Network Manager, Cisco warns its customers of the presence of two critical vulnerabilities in the CISCO Prime Data Center Network Manager (DCNM) that can be exploited by remote attackers for code execution and to access […]

Pierluigi Paganini September 22, 2016
BT Wi-Fi extender, extends to XSS and password changing vulnerabilities

Following an investigation by Pen Test Partners, British Telecom (BT) has released a firmware upgrade for their popular range of Wi-Fi extenders. The investigation uncovered vulnerabilities within the firmware when left the device exposed to possible XSS (Cross Site Scripting) Exploits as well as the ability to change the user’s password without notification. By combining […]

Pierluigi Paganini May 20, 2016
How to trigger DoS flaws in CISCO WSA. Apply fixes asap

Cisco issued a series of patches for the AsyncOS operating on CISCO WSA that fix multiple high severity Denial-of-Service (DoS) vulnerabilities. Cisco has released security patches for the AsyncOS operating system that run on the Web Security Appliance, also called CISCO WSA. The security updates fix multiple high severity Denial-of-Service (DoS) vulnerabilities. Below the details […]

Pierluigi Paganini May 05, 2016
Attackers can hack CISCO TelePresence boxes with an HTTP request

Cisco Systems has found and fixed a critical vulnerability tied to its CISCO TelePresence hardware that allowed attackers to access it via an API bug. Cisco announced it has patched a critical flaw (CVE-2016-1387) affecting its TelePresence systems that allowed unauthorized third-parties to access them by exploiting an API bug. The vulnerability has been rated as […]

Pierluigi Paganini November 17, 2015
A flaw in D-Link Switches opens corporate networks to hack

A flaw in certain D-Link switches can be exploited by remote attackers to access configuration data and hack corporate networks. The independent security researcher Varang Amin and the chief architect at Elastica’s Cloud Threat Labs Aditya Sood have discovered a vulnerability in the D-Link Switches belonging to the DGS-1210 Series Gigabit Smart Switches. The security experts revealed […]

Pierluigi Paganini February 19, 2014
Linksys routers worm – Released the code for exploit the vulnerability

After SANS researchers detected self replicating work The Moon is spreading among a number of different Linksys routers, its exploit appeared in the wild. Last week I reported the news related to a vulnerability in Linksys routers that’s being exploited by a new The Moon worm analyzed by the SANS Institute’s Internet Storm Center. The Moon […]

Pierluigi Paganini February 17, 2014
MOON, the strange worm spreading on Linksys routers

Security researchers at SANS detected a self-replicating malware (dubbed moon worm) is spreading among a number of different Linksys routers. Researchers at the SANS Institute discovered a new self-replicating worm that is infecting different Linksys home and small business routers. The investigation started after an Internet service provider in Wyoming noted an unusual network traffic and decided to alert SANS.  The SANS […]

Pierluigi Paganini January 16, 2014
TP-LINK TD-W8951ND Routers provided by Algerie Telecom are vulnerable

Algerie Telecom TP-LINK TD-W8951ND Routers are vulnerable, they contain a critical vulnerability exploitable to gain unauthorized access and reveal user’s password. Also TP-LINK routers are vulnerable, this is the latest chapter in the saga of the vulnerabilities present in our routers after that a security researcher discovered serious flaw in CISCO, Linksys and Netgear, meanwhile […]

Pierluigi Paganini June 12, 2012
5 Reasons Why You Need Good Patch Management

Patch management is one area where many IT organizations struggle. The operating systems vendors have done a good job with providing easy patching solutions for their products, but there are so many third party applications out there to patch that it can become an impossible task. With new vulnerabilities announced each week, keeping up with […]