targeted attacks

Pierluigi Paganini October 18, 2017
Google introduces new Advanced Protection feature to protect its users

Google continues working to improve the security of its users, the last measure introduced by the company it the ‘Advanced Protection’ feature. The Advanced Protection feature was designed to improve the security of users, who are at high risk of targeted attacks. “We took this unusual step because there is an overlooked minority of our users that […]

Pierluigi Paganini November 01, 2016
Google discloses Windows zero-day that has been exploited in the wild

Google has disclosed a Windows zero-day vulnerability after 7-day deadline it gives vendors when the flaw is actively exploited in the wild by hackers. Google has once again publicly disclosed a zero-day vulnerability affecting current versions of Windows operating system  and Microsoft still hasn’t issued a patch. Yes, you’ve got it right! There is a […]

Pierluigi Paganini October 26, 2016
CVE-2016-7855 flaw in Adobe Flash Player exploited in targeted attacks

Adobe has issued a security patch for its Flash Player that fixes a critical vulnerability, tracked as CVE-2016-7855, used in targeted attacks. Adobe has released a security update for its Flash Player that address a critical vulnerability, tracked as CVE-2016-7855,  that has been exploiting in the wild by threat actors. According to the security advisory issued […]

Pierluigi Paganini June 19, 2016
Adobe patches Flash Zero-Day exploited by ScarCruft APT

Adobe Flash Player 22.0.0.192 release fixes the Flash Player zero-day vulnerability (CVE-2016-4171) exploited by the APT group dubbed ScarCruft. Adobe has issued the Flash Player 22.0.0.192, a release that fixes the Flash Player zero-day vulnerability (CVE-2016-4171) exploited by the APT group dubbed ScarCruft in attacks on high-profile targets. The Flash Player flaw CVE-2016-4171 affects versions 21.0.0.242 and earlier for […]

Pierluigi Paganini June 15, 2016
ScarCruft APT Group exploited Flash Zero-Day in High-Profile attacks

Security experts from Kaspersky Lab revealed that an APT group dubbed ScarCruft exploited the zero day vulnerability (CVE-2016-4171) in Adobe Flash Player. According to the experts from Kaspersky Lab, an APT group dubbed ScarCruft exploited a zero day vulnerability (CVE-2016-4171) in Adobe Flash Player. The group launched a series of attacks against high-profile targets against entities in […]

Pierluigi Paganini June 15, 2016
CVE-2016-4171 – Another Flash Zero-Day exploited in targeted attacks

Adobe states that the Flash Player zero-day vulnerability (CVE-2016-4171) has been exploited in targeted attacks. It will be fixed later this week. Once again Adobe Flash Player is the target of hackers in the wild. Adobe has released security updates for several of its products announcing that the fix for a critical Flash Player zero-day vulnerability […]

Pierluigi Paganini May 16, 2016
CVE-2016-4117 – FireEye revealed the exploit chain of recent attacks

The FireEye researcher Genwei Jiang revealed the exploit chain related to phishing attacks leveraging CVE-2016-4117 flaw recently fixed by Adobe. Security experts at FireEye have recently spotted an attack leveraging on an Adobe zero-day vulnerability (CVE-2016-4117) recently patched. The CVE-2016-4117 flaw affects older versions of the Adobe Flash, a few days ago the company was informed of a new zero-day […]

Pierluigi Paganini May 11, 2016
CVE-2016-4117 Adobe Flash Zero-Day is being exploited in the wild

CVE-2016-4117 is a zero-day vulnerability affecting the Adobe Flash Player that is being exploited to launch malware-based attacks in the wild. According to Adobe, a new zero-day vulnerability in the Flash Player software is being exploited in cyber attacks in the wild, and the worrisome new is that it will not be patched until May 12th. […]

Pierluigi Paganini November 11, 2015
88 percent of company networks vulnerable to privileged account hacks

A research published by CyberArk Labs focuses on targeted attacks against organizational networks, analyzing hackers’ methods, tools and techniques. Bad news for network administrators, according to the security company CyberArk, 88 percent of networks are susceptible to privileged account hacks. The report published by CyberArk entitled “Analyzing Real-World Exposure to Windows Credential Theft Attacks” reveals that corporate […]

Pierluigi Paganini August 26, 2015
SysAdmin admin tool AutoIt used in targeted attacks to serve malware

Security experts at Cisco have uncovered a targeted attack leveraging on AutoIt to serve a RAT and other malware by evading detection. Security experts at Cisco uncovered a targeted hacking campaign that leveraged AutoIt to spread RAT and other malware via Word documents. The RATs were used to compromise computer of a small number of organizations. “AutoIt […]