Pierluigi Paganini
February 24, 2016
Japanese commercial and critical infrastructure organizations have been targeted a long-running campaign dubbed Operation Dust Storm. Security firm Cylance have uncovered a long-running hacking campaign dubbed ‘Operation Dust Storm’ targeting commercial and critical infrastructure organizations in Japan. Threat actors behind the Operation Dust Storm have been active since at least 2010, the hackers targeted several organizations in Japan, […]
Pierluigi Paganini
February 17, 2016
A new documentary titled Zero Days revealed that the Stuxnet cyber weapon was just a small part of a much bigger Information Warfare operation (code named “NITRO ZEUS”) against the Iranian civilian infrastructure. A new documentary titled Zero Days has revealed more disconcerting news on the Stuxnet worm, the first malware recognized by security industry as a […]
Pierluigi Paganini
January 14, 2016
Microsoft patched a Silverlight zero-day discovered by analyzing internal emails stolen to Hacking Team about Silverlight exploit. Microsoft recently fixed a number of vulnerabilities with the MS16-006 critical bulletin, including a Silverlight flaw CVE-2016-0034 that could be exploited for remote code execution. The Silverlight flaw discovered by the experts at Kaspersky Lab as a result of an investigation on the Hacking Team arsenal disclosed in […]
Pierluigi Paganini
January 06, 2016
The zero-day exploit broker Zerodium is offering up to $100,000 to security experts who can provide an exploit for bypassing the Flash heap isolation. Once again, the zero-day exploit trader Zerodium is in the headlines, this time the company is offering $100,000 for the Flash Exploit Mitigation bypass. Adobe announced in December the introduction of several Recently Adobe […]
Pierluigi Paganini
December 30, 2015
The Tor officially announced to launch the Tor Bug Bounty Program in the next year, a great news for the Tor community. The non-profit organization that is maintaining the TOR project plans to launch very soon a Tor Bug Bounty Program for researchers who find vulnerabilities in the popular anonymizing platform. This is a great for all the […]
Pierluigi Paganini
December 28, 2015
Experts at Symantec discovered that hackers quickly take advantage of CVE-2015-8562 remote code execution to compromise Joomla servers. Joomla recently patched the CVE-2015-8562 vulnerability that could be exploited by attackers for remote code execution. According to the security expert Daniel Cid from Sucuri, hundreds of attacks are now taking place. “What is very concerning is that this […]
Pierluigi Paganini
December 16, 2015
The websites based on the popular Joomla CMS need to be updated as soon as possible due to a critical remote code execution vulnerability. The websites based on the popular Joomla CMS need to be updated as soon as possible, Joomla has just released a security patch to fix a critical eight-year-old remote code execution vulnerability. […]
Pierluigi Paganini
November 12, 2015
The Director of the Tor Project Roger Dingledine has accused the FBI of commissioning to the Carnegie Mellon boffins a study on methods to de-anonymize Tor users. The experts at the Tor Project have collected more information about the attack launched last year by Carnegie Mellon researchers on the popular anonymizing system. The Director of the […]
Pierluigi Paganini
November 05, 2015
Rumors on the Internet says that the hackers who breached vBulletin forum website exploited a zero-day flaw, the company issued emergency security patches. On Sunday, the vBulletin official website has been hacked, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of users’ records. The hacker published screenshots […]
Pierluigi Paganini
November 03, 2015
A team of hackers has received a million-dollar payout for disclosing a iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone. Bad news for the Apple users, a team of hackers have received a million-dollar payout for disclosing an iOS zero-day vulnerability that could allow an attacker to remotely hack any Phone […]
