Pierluigi Paganini
January 12, 2015
Security Experts at ESET firm discovered that Windigo campaign is still active and that bad actors are changing their tactics to remain under the radar. Windigo is a sophisticated malware-based campaign uncovered by security Experts at ESET in March 2014, hackers behind the campaign that exploited the Linux/Ebury backdoor compromising more than 500,000 computers and 25,000 dedicated servers. The […]
Pierluigi Paganini
October 22, 2014
Security experts at Google and McAfee have discovered a new Zero-day vulnerability in Microsoft OLE being exploited in targeted attacks. Early this week, Microsoft issued the security advisory 3010060 to warn its customer of a new Zero-Day vulnerability that affects all supported versions of Windows OS except, Windows Server 2003. The OLE Packager is the component that is affected by the zero-day, […]
Pierluigi Paganini
October 15, 2014
Researcher explains that vulnerable code re-use of zero-day in Android’s CyanogenMod exposes million users to Man-In-The-Middle attacks. Security experts always discourage jailbreaking and rooting of mobile devices due to the risk related to the installation of not authorized applications that could hide malware and serious bugs. At the Ruxcon Security Conference in Australia, an unnamed security […]
Pierluigi Paganini
October 14, 2014
iSIGHT Partners firm uncovered a Russian hacking team dubbed Sandworm that was running a cyber espionage campaign on NATO and other Government entities. According to a new report issued by the cyber security firm iSIGHT Partners a group of Russian hackers has been exploiting a previously unknown flaw in Microsoft’s Windows operating system to spy on […]
Pierluigi Paganini
October 14, 2014
A security expert defined a new attack technique dubbed Reflected File Download that allows to serve a ‘Zero-Day’ Worm without possibility of defense. The security expert Oren Hafif has invented a new attack technique dubbed Reflected File Download (RFD) that could be adopted to hack victim’s computer when he tries and logs in to popular and trusted website like Google and […]
Pierluigi Paganini
October 06, 2014
A zero-day in Bugzilla bug-tracking tool allows anyone to view detailed reports about unfixed vulnerabilities in a wide range of vulnerability repositories. A new vulnerability in Bugzilla is scaring the security industry, it affects the Mozilla’s bug-tracking software, and could have a serious impact. The vulnerability in Bugzilla could be exploited by attackers to view […]
Pierluigi Paganini
September 06, 2014
Security Experts at FireEye Lab discovered a new variant of the XSLCmd backdoor that has been used in targeted attacks infecting Mac OX based systems. Experts at FireEye Labs have discovered a previously unknown variant of the APT backdoor XSLCmd, OSX.XSLCmd, which is used by a group of hackers known for past cyber espionage activities against the U.S. […]
Pierluigi Paganini
August 29, 2014
US law enforcement and private security firms are investigating on a series of cyber attacks which hit JPMorgan and other financial institutions. The FBI announced that the Bureau is investigating media reports of cyber attacks on US banks and financial firms, but law enforcement hasn’t provided further information on the incidents neither on the affected companies. […]
Pierluigi Paganini
August 19, 2014
Experts at Kaspersky discovered that Stuxnet exploits targeting a Windows Shell Vulnerability is still largely used in cyber attacks. Stuxnet has changed the history of malware development, it is considered the fist cyber weapon used by a government in an act of Information Warfare. As remarked by most popular security experts, the militarization of the […]
Pierluigi Paganini
July 31, 2014
Pen Testers at Offensive Security discovered Zero-day flaws in Symantec Endpoint Protection that could be exploited to gain full system access. Yesterday I reported the results of the study conducted by the security researcher Joxean Koret which publicly revealed a series of flaws affecting 14 of 17 major antivirus engines. The security experts remarked that antivirus products are […]
