Pierluigi Paganini
April 20, 2018
Security researchers at the 360 Core Security observed an APT group exploiting a zero-day vulnerability in IE, dubbed ‘double play’. The flaw is still unfixed. Security researchers at the 360 Core Security uncovered a zero-day vulnerability in IE, dubbed ‘double play’, that was triggered by weaponized MS Office documents. The experts have been observing an APT group targeting a […]
Pierluigi Paganini
February 15, 2018
Bitmessage developers have issued an emergency update for the PyBitmessage client that patches a critical remote code execution vulnerability that has been exploited in attacks. Bitmessage development team has rolled out an emergency patch to address a zero-day vulnerability in the PyBitmessage client for Bitmessage, which a Peer-to-Peer (P2P) communications protocol used to send encrypted […]
Pierluigi Paganini
January 19, 2018
The industrial giant Schneider discovered that the Triton malware exploited a zero-day vulnerability in Triconex Safety Instrumented System (SIS) controllers in an attack aimed at a critical infrastructure organization. In December 2017, a new malicious code dubbed Triton malware (aka Trisis) was discovered by researchers at FireEye, it was specifically designed to target industrial control […]
Pierluigi Paganini
January 10, 2018
Microsoft has released the January 2018 Patch Tuesday security updates, containing fixes for 56 vulnerabilities including the zero-day vulnerability CVE-2018-0802 in MS Office. Microsoft has released the January 2018 Patch Tuesday security updates, containing fixes for 56 vulnerabilities including a zero-day vulnerability in MS Office. 16 security updates are rated as critical, 38 as important, 1 […]
Pierluigi Paganini
January 09, 2018
Dell EMC informed its customers that its Avamar Server, NetWorker Virtual Edition and Integrated Data Protection Appliance products are affected by 3 zero-day flaws. Dell EMC informed its customers that its Avamar Server, NetWorker Virtual Edition and Integrated Data Protection Appliance products are affected by vulnerabilities that can be chained by an attacker to take complete control of a […]
Pierluigi Paganini
December 14, 2017
Security researchers at Trend Micro have publicly disclosed an unpatched zero-day flaw in the firmware of AT&T DirecTV WVB kit after manufactured failed to patch it Security researchers at Trend Micro have discovered an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit after the manufacturer failed to patch this flaw over the past few months. […]
Pierluigi Paganini
October 31, 2017
A flaw in the Google Issue Tracker, also known as the “Buganizer,” might have exposed details about unpatched flaws listed in the database. A vulnerability in the Google Issue Tracker, also known as the “Buganizer,” might have exposed details about unpatched flaws listed in the database. The flaw was reported by the bug hunter Alex Birsan […]
Pierluigi Paganini
October 14, 2017
Researchers with Counter Threat Unit at SecureWorks continues to monitor the Bronze Butler cyberespionage group (aka Tick). Researchers with Counter Threat Unit at SecureWorks are monitoring the Bronze Butler cyberespionage group (aka Tick). The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the […]
Pierluigi Paganini
October 11, 2017
Microsoft October Patch Tuesday addresses the CVE-2017-11826 Office Zero-Day vulnerability that has been exploited in the wild in targeted attacks. Yesterday we discussed Microsoft’s October Patch Tuesday addressed three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Going deep in the analysis of the Patch Tuesday updates for October 2017 we can see that Microsoft addressed […]
Pierluigi Paganini
October 10, 2017
Microsoft’s October Patch Tuesday addresses three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Microsoft’s October Patch Tuesday addresses three critical security vulnerabilities in the Windows DNS client in Windows 8, Windows 10, and Windows Server 2012 and 2016. The vulnerabilities affect the Microsoft’s implementation of one of the data record features used in the secure […]
