Pierluigi Paganini
April 14, 2015
The Redirect to SMB vulnerability affects all supported versions of Windows and could be exploited to steal users’ credentials for various services. Experts at Cylance have discovered a new credential hijacking vulnerability dubbed Redirect to SMB that affects all versions of Windows OSs, including the upcoming Windows 10. The Redirect to SMB could be exploited by an attacker […]
Pierluigi Paganini
March 07, 2015
Researchers hack NSA’s website with only $104 and 8 hours of Amazon’s cloud computing power using the #FREAK vulnerability A team of researchers demonstrated that it is possible to exploit the FREAK vulnerability to hack the official NSA website by using 8 hours of Amazon’s cloud computing power and spending only $104. The researcher made […]
Pierluigi Paganini
March 06, 2015
According to a security advisory published by Microsoft all supported versions of Windows are affected by the recently discovered FREAK vulnerability FREAKÂ is major security SSL/TLS vulnerability recently discovered that for more than a decade left users of Apple and Google devices vulnerable to hacking when they visited millions of legitimate and secure websites. The critical […]
Pierluigi Paganini
February 24, 2015
CVE-2015-0240 is a critical security flaw in Samba that resides in the smbd file server daemon and can be exploited by a malicious Samba client remotely. Linux administrators urge to update their systems due to the discovery of a critical vulnerability the open source Linux-and-Windows-compatibility software Samba. The vulnerability in Samba, coded as CVE-2015-0240, affects versions […]
Pierluigi Paganini
November 30, 2014
A researcher at Google discovered a critical flaw in Windows Acrobat Reader 11 Sandbox that could be exploited to access a system and gain higher privileges Google security researcher James Forshaw claims that the Acrobat Reader Windows sandbox is affected by critical vulnerability that could allow attackers to compromise a system and gain higher privileges. “The […]
Pierluigi Paganini
November 22, 2014
Security companies have started detecting attacks that leverage a critical remote code execution (RCE) vulnerability in Windows, which Microsoft patched last week. On November 11th Microsoft has released that exploit the Unicorn (CVE-2014-6332) critical remote code execution vulnerability in Windows systems, which Microsoft patched on November 11th. The Unicorn vulnerability is addressed in one of the 14 security […]
Pierluigi Paganini
November 12, 2014
MS14-066 – A critical vulnerability affects all versions of Microsoft Windows systems, its exploitation could have catastrophic consequences. Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems, the flaw is particularly dangerous for users that servers that expose website. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability […]
Pierluigi Paganini
September 01, 2014
Experts at Dr.Web detected a Linux DDoS Trojan designed to infect also Windows OS, the circumstance is considered rare in the criminal ecosystem. The Russian antivirus company Dr. Web discovered that a Chinese DDoS Trojan written for Linux operating system seems have jumped to Windows, an event considered rare. “Cases of Linux malware being tailored by […]
Pierluigi Paganini
August 19, 2014
Microsoft is investigating on potentially faulty Windows security update that is causing some systems to crash with bluescreen error. Last Friday, Microsoft urged its users to uninstall the latest security updates issued by the company because they are causing the unpleasant bluescreen, also know as  “Blue Screens of Death” or BSoD. Microsoft released its usual […]
Pierluigi Paganini
August 03, 2014
Experts at IBM discovered a new variant of Citadel banking malware which includes different remote management tools to maintain persistence on victims’ PC. Researchers at IBM discovered a new variant of the Citadel banking malware which includes a new interesting feature that allows attackers to maintain persistence in the victim’s machine through remote management tools. Citadel is directly […]
