Pierluigi Paganini
December 10, 2017
Security expert discovered severe flaws in most popular programming languages that could expose to hack any secure application built on top of them. Last week, IOActive Senior Security Consultant Fernando Arnaboldi presented at the Black Hat Europe 2017 security conference the results of an interesting research about vulnerabilities in several popular interpreted programming languages. Arnaboldi […]
Pierluigi Paganini
January 03, 2017
The security expert Dawid Golunski from Legal Hackers has reported critical RCE flaws in the popular PHP libraries SwiftMailer, PhpMailer and ZendMail. Recently the security expert Dawid Golunski from Legal Hackers has reported a critical RCE vulnerability, tracked as CVE-2016-10033, in one of the popular open source PHP library, the PHPMailer. The critical vulnerability in the […]
Pierluigi Paganini
April 19, 2016
IBM Security has warned the WordPress community about a spike in the number of attacks leveraging a specific variant of the PHP C99 Webshell. Security experts at IBM reported a spike in the number of cyber attacks pushing a variant of the popular C99 webshell in February and March, a 45 percent increase compared to the previous period. […]
Pierluigi Paganini
July 29, 2015
PHP File Manager was affected by several critical vulnerabilities for nearly 5 years, according to the security consultant Sijmen Ruwhof. In July 2010 Ruwhof was looking for a web base file manager that he could use in his own web server when he came across with PHP file Manager. At the time, he found out […]
Pierluigi Paganini
September 14, 2014
Ubuntu has issued a security notice to inform users about flaws in php5 exploitable to crash or run programs if it received specially crafted network traffic. According to the recent Ubuntu Security Notice php5 could be made to crash or run arbitrary code if it received specially crafted network traffic. “Summary -php5 could be made […]
Pierluigi Paganini
April 28, 2014
Securi firm has published an interesting post to explain how malware authors could hide a backdoor using PHP Callback functions. Security expert Peter Gramantik at Security Firm has written an interesting blog post to describe how it is possible to hide a backdoor using common PHP callback functions. The technique could surprise the laymen, but malware authors are […]
Pierluigi Paganini
March 24, 2014
Cisco observed 400 hosts were infected on daily base and more than 2,700 URLs have been used in a multistage attack against websites running older OS versions. In the last months a growing number of large-scale attacks hit systems all over the world, many of them, like the Snake campaign, are attributable to state-sponsored hackers […]
Pierluigi Paganini
November 28, 2013
Symantec security experts have discovered a new Linux worm that was designed to target the âInternet of thingsâ infecting Intel x86-powered Linux devices. Symantec security experts have detected across a worm that exploits various vulnerabilities in PHP to infect Intel x86-powered Linux devices. Home internet kits with x86 chips are exposed to the risk of […]
Pierluigi Paganini
September 12, 2013
Imperva security researchers observed Web attacks involving PHP SuperGlobal variables are gaining popularity within the hacking community. Security researchers sounded the alarm for the possible abuse of PHP SuperGlobal variables by attackers, it is very frequent to read on PHP application that are hacked cyber cybercriminals. Security experts from Imperva sustains that PHP applications are vulnerable due the […]
