Pierluigi Paganini
October 24, 2015
How much cost a zero-day for an industrial control system? Where is to possible to buy them and who are the main buyers of these commodities? We have discussed several times about the importance of zero-day in cyber attacks against computer systems, the exploitation of previously unknown vulnerabilities is a prerogative of well-funded hacking groups such as state-sponsored crews. […]
Pierluigi Paganini
October 23, 2015
The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, Flight MH17, traveling from Amsterdam to Kuala Lumpur, was shot down by a missile in mysterious circumstances. Flight MH17 was flying over a conflict zone in eastern Ukraine […]
Pierluigi Paganini
October 16, 2015
Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobe’s latest update. Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobe’s latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans […]
Pierluigi Paganini
October 15, 2015
Researchers at Trend Micro discovered a new Adobe Flash Zero-Day used in Pawn Storm Campaign Targeting Foreign Affairs Ministries across the world. Once again Flash in the headlines, beware next emergency Flash Player update is critical for everybody as explained by the experts at Trend Micro. The researchers at the security firm explained that the update […]
Pierluigi Paganini
October 13, 2015
The NSA SHARKSEER Program is a project that aims to detect and mitigate web-based malware Zero-Day and Advanced Persistent Threats using COTS technology. Every day, thousands of cyber attack rely on exploitation of zero-day exploits, even more sophisticated ATP groups trigger unknown vulnerabilities to compromise systems across the world. Intelligence agencies and research groups are investing […]
Pierluigi Paganini
October 09, 2015
The vulnerability allows a local unprivileged user of a Windows guest to gain Local and/or Domain Administrator access when VeeamVixProxy is active, the de-facto default in VMWare and Hyper-V environments. Pasquale `sid` Fiorillo, Francesco `ascii` Ongaro from ISGroup, an Italian Security firm, and Antonio `s4tan` Parata from ush team, have just released a critical security […]
Pierluigi Paganini
September 26, 2015
Apple recently released its first update to the new iOS 9, but experts noticed that it doesn’t fix the lock screen bypass vulnerability. Apple has already released its first update for the release iOS, the version iOS 9.0.1 was issued last week to fix a number of bugs. Last week Jose Rodriguez reported the lock screen bypass vulnerability affecting […]
Pierluigi Paganini
September 22, 2015
A hacker has found a way to access images and contacts stored on Apple iOS 9 devices even if they are protected with a passcode or Touch ID. A few hours ago I have posted the news on the decision of the Security firm Zerodium to pay a 1 Million Dollars prize for zero-day exploits and jailbreak […]
Pierluigi Paganini
September 22, 2015
Zerodium is an Exploit trader and it’s offering a million dollar prize to any person that finds zero-day flaws in iOS 9, and you can imagine the motivation. Zerodium is an Exploit trader and it’s offering a million dollar prize to any person that finds unknown, unpatched bug in iOS 9 with the main purpose to […]
Pierluigi Paganini
September 19, 2015
The popular group of hackers dubbed w0rm breached the hacking forum “Monopoly” offering for sale all data present in its database. This is the classic example of the lack of rules within underground communities, today we will speak about a group of hackers who targeted another group and is offering their data for sale at $500. […]
