Windows

Pierluigi Paganini March 07, 2015
Just $104 to exploit the FREAK flaw and hit the NSA website

Researchers hack NSA’s website with only $104 and 8 hours of Amazon’s cloud computing power using the #FREAK vulnerability A team of researchers demonstrated that it is possible to exploit the FREAK vulnerability to hack the official NSA website by using 8 hours of Amazon’s cloud computing power and spending only $104. The researcher made […]

Pierluigi Paganini March 06, 2015
All Windows systems are vulnerable to the FREAK attack

According to a security advisory published by Microsoft all supported versions of Windows are affected by the recently discovered FREAK vulnerability FREAK is major security SSL/TLS vulnerability recently discovered that for more than a decade left users of Apple and Google devices vulnerable to hacking when they visited millions of legitimate and secure websites. The critical […]

Pierluigi Paganini February 24, 2015
A critical remote execution flaw spotted in Samba Win-Linux interop code

CVE-2015-0240 is a critical security flaw in Samba that resides in the smbd file server daemon and can be exploited by a malicious Samba client remotely. Linux administrators urge to update their systems due to the discovery of a critical vulnerability the open source Linux-and-Windows-compatibility software Samba. The vulnerability in Samba, coded as CVE-2015-0240, affects versions […]

Pierluigi Paganini November 30, 2014
Acrobat Reader Windows sandbox is affected by critical flaw

A researcher at Google discovered a critical flaw in Windows Acrobat Reader 11 Sandbox that could be exploited to access a system and gain higher privileges Google security researcher James Forshaw claims that the Acrobat Reader Windows sandbox is affected by critical vulnerability that could allow attackers to compromise a system and gain higher privileges. “The […]

Pierluigi Paganini November 22, 2014
Windows Unicorn vulnerability exploited in the wild

Security companies have started detecting attacks that leverage a critical remote code execution (RCE) vulnerability in Windows, which Microsoft patched last week. On November 11th Microsoft has released that exploit the Unicorn (CVE-2014-6332) critical remote code execution vulnerability in Windows systems, which Microsoft patched on November 11th. The Unicorn vulnerability is addressed in one of the 14 security […]

Pierluigi Paganini November 12, 2014
MS14-066 – A critical bug potentially affects all Windows versions. Patch it!

MS14-066 – A critical vulnerability affects all versions of Microsoft Windows systems, its exploitation could have catastrophic consequences. Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems, the flaw is particularly dangerous for users that servers that expose website. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability […]

Pierluigi Paganini September 01, 2014
The case of Linux DDoS Trojan ported to Windows

Experts at Dr.Web detected a Linux DDoS Trojan designed to infect also Windows OS, the circumstance is considered rare in the criminal ecosystem. The Russian antivirus company Dr. Web discovered that a Chinese DDoS Trojan written for Linux operating system seems have jumped to Windows, an event considered rare. “Cases of Linux malware being tailored by […]

Pierluigi Paganini August 19, 2014
Microsoft confirmed that a faulty patch is causing BlueScreen

Microsoft is investigating on potentially faulty Windows security update that is causing some systems to crash with bluescreen error. Last Friday, Microsoft urged its users to uninstall the latest security updates issued by the company because they are causing the unpleasant bluescreen, also know as  “Blue Screens of Death” or BSoD. Microsoft released its usual […]

Pierluigi Paganini August 03, 2014
A new Citadel trojan variant includes different remote management tools to maintain persistence on victims PC

Experts at IBM discovered a new variant of Citadel banking malware which includes different remote management tools to maintain persistence on victims’ PC. Researchers at IBM discovered a new variant of the Citadel banking malware which includes a new interesting feature that allows attackers to maintain persistence in the victim’s machine through remote management tools. Citadel is directly […]

Pierluigi Paganini June 23, 2014
Impact of Windows XP End of life on Critical Infrastructure

Which is the impact of the Windows XP End of Life on the critical infrastructure? Which are the risks and the mitigation strategies that could be adopted? This week I had the pleasure and the honor to participate as a speaker for a seminar at Rome Security Summit 2014, the theme of the event was “Impact […]