Pierluigi Paganini
January 14, 2016
Microsoft patched a Silverlight zero-day discovered by analyzing internal emails stolen to Hacking Team about Silverlight exploit. Microsoft recently fixed a number of vulnerabilities with the MS16-006 critical bulletin, including a Silverlight flaw CVE-2016-0034 that could be exploited for remote code execution. The Silverlight flaw discovered by the experts at Kaspersky Lab as a result of an investigation on the Hacking Team arsenal disclosed in […]
Pierluigi Paganini
January 06, 2016
The zero-day exploit broker Zerodium is offering up to $100,000 to security experts who can provide an exploit for bypassing the Flash heap isolation. Once again, the zero-day exploit trader Zerodium is in the headlines, this time the company is offering $100,000 for the Flash Exploit Mitigation bypass. Adobe announced in December the introduction of several Recently Adobe […]
Pierluigi Paganini
December 30, 2015
The Tor officially announced to launch the Tor Bug Bounty Program in the next year, a great news for the Tor community. The non-profit organization that is maintaining the TOR project plans to launch very soon a Tor Bug Bounty Program for researchers who find vulnerabilities in the popular anonymizing platform. This is a great for all the […]
Pierluigi Paganini
December 28, 2015
Experts at Symantec discovered that hackers quickly take advantage of CVE-2015-8562 remote code execution to compromise Joomla servers. Joomla recently patched the CVE-2015-8562 vulnerability that could be exploited by attackers for remote code execution. According to the security expert Daniel Cid from Sucuri, hundreds of attacks are now taking place. “What is very concerning is that this […]
Pierluigi Paganini
December 16, 2015
The websites based on the popular Joomla CMS need to be updated as soon as possible due to a critical remote code execution vulnerability. The websites based on the popular Joomla CMS need to be updated as soon as possible, Joomla has just released a security patch to fix a critical eight-year-old remote code execution vulnerability. […]
Pierluigi Paganini
November 12, 2015
The Director of the Tor Project Roger Dingledine has accused the FBI of commissioning to the Carnegie Mellon boffins a study on methods to de-anonymize Tor users. The experts at the Tor Project have collected more information about the attack launched last year by Carnegie Mellon researchers on the popular anonymizing system. The Director of the […]
Pierluigi Paganini
November 05, 2015
Rumors on the Internet says that the hackers who breached vBulletin forum website exploited a zero-day flaw, the company issued emergency security patches. On Sunday, the vBulletin official website has been hacked, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of users’ records. The hacker published screenshots […]
Pierluigi Paganini
November 03, 2015
A team of hackers has received a million-dollar payout for disclosing a iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone. Bad news for the Apple users, a team of hackers have received a million-dollar payout for disclosing an iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone […]
Pierluigi Paganini
October 24, 2015
How much cost a zero-day for an industrial control system? Where is to possible to buy them and who are the main buyers of these commodities? We have discussed several times about the importance of zero-day in cyber attacks against computer systems, the exploitation of previously unknown vulnerabilities is a prerogative of well-funded hacking groups such as state-sponsored crews. […]
Pierluigi Paganini
October 23, 2015
The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, Flight MH17, traveling from Amsterdam to Kuala Lumpur, was shot down by a missile in mysterious circumstances. Flight MH17 was flying over a conflict zone in eastern Ukraine […]
