Pierluigi Paganini
September 05, 2015
Mozilla said that data stolen from its bug tracking system was used to attack Firefox users in the wild, but attackers probably have had access since 2013. A threat actor that stole sensitive vulnerability information from the Mozilla’s Bugzilla bug tracking system last year has likely used it to target Firefox users. Mozilla explained that it did […]
Pierluigi Paganini
August 19, 2015
Microsoft has pushed an emergency patch to remediate a zero-day vulnerability in Internet Explorer that is actively being exploited in-the-wild. Today, August 18th, 2015, Microsoft released an emergency patch after being notified of a critical vulnerability in all supported versions of Internet Explorer. All versions of Microsoft Internet Explorer from IE7 to IE11 are affected by this zero-day vulnerability. […]
Pierluigi Paganini
August 17, 2015
An Italian security researcher has discovered two zero-day vulnerabilities in Apple MAC OS X that could be exploited to gain remote access to a PC. An Italian teenager, Luca Todesco, has found a couple of critical zero-day vulnerabilities in Apple OS X operating system that could be exploited to gain remote access to a PC. The […]
Pierluigi Paganini
August 15, 2015
MWR Labs have disclosed information on an unpatched vulnerability that allows an attacker to easily bypass the Android sandbox. Other problems for the popular Android OS, after the discovery of the Stagefright vulnerabilities and other security flaws recently revealed by security researchers, now experts at MWR Labs have disclosed information on an unpatched vulnerability that allows […]
Pierluigi Paganini
July 24, 2015
The HP Zero Day Initiative has disclosed four new zero-day vulnerabilities in Internet Explorer that can be exploited by attackers to remotely execute code. The HP’s Zero Day Initiative has disclosed four new zero-day vulnerabilities in Internet Explorer that can be exploited by attackers to remotely execute code. The four zero-day flaws affect different components of the browser […]
Pierluigi Paganini
July 20, 2015
A recent FBI memo warns phishing attacks targeted government agencies trying to exploit the CVE-2015-5119 vulnerability linked to Hacking Team data breach. According to an FBI warning, hackers have targeted US Government agencies using a recently patched Adobe Flash vulnerability (CVE-2015-5119). The Adobe Flash vulnerability was one of the flaws discovered by analyzing the 400Gb archive […]
Pierluigi Paganini
July 14, 2015
Following the Hacking Team data breach, the security researchers discovered the third Adobe Flash Player zero-day vulnerability. A third Adobe Flash Player zero-day has been discovered since the HackingTeam breach. Thanks to the breach of the Hacking Team‘s private files, the third Adobe Flash zero-day has been made publicly accessible. “After two Adobe Flash player zero-days disclosed […]
Pierluigi Paganini
July 12, 2015
Following the Hacking Team data breach, yet another Adobe Flash Player zero-day vulnerability has been found actively exploited in-the-wild. Another Flash Zero-Day: CVE-2015-5122 Yet another Adobe Flash Player zero-day has been found actively exploited in-the-wild. Thanks to the breach of the HackingTeam’s private files, another Adobe Flash zero-day has been made publicly accessible and hackers […]
Pierluigi Paganini
July 12, 2015
Security Researchers at Trend Micro have discovered a second Zero-Day Vulnerability that arises from Hacking Team cyber attack. Just Three days ago, Adobe released a new version of Flash to patch the zero-day vulnerability that was disclosed as part of the Hacking Team hack. Security experts at Trend Micro confirmed that the Adobe Flash vulnerability […]
Pierluigi Paganini
July 11, 2015
According to the experts at Volexity the Flash Player exploit has been leveraged in spear phishing campaign launched by the Wekby APT. As anticipated, several criminal gangs included the code for the exploitation of CVE-2015-5119 vulnerability in their exploit kits, let’s remember that the exploits code was disclosed as the result of the attack against the Hacking […]
