Pierluigi Paganini
October 14, 2014
A security expert defined a new attack technique dubbed Reflected File Download that allows to serve a ‘Zero-Day’ Worm without possibility of defense. The security expert Oren Hafif has invented a new attack technique dubbed Reflected File Download (RFD) that could be adopted to hack victim’s computer when he tries and logs in to popular and trusted website like Google and […]
Pierluigi Paganini
October 06, 2014
A zero-day in Bugzilla bug-tracking tool allows anyone to view detailed reports about unfixed vulnerabilities in a wide range of vulnerability repositories. A new vulnerability in Bugzilla is scaring the security industry, it affects the Mozilla’s bug-tracking software, and could have a serious impact. The vulnerability in Bugzilla could be exploited by attackers to view […]
Pierluigi Paganini
September 06, 2014
Security Experts at FireEye Lab discovered a new variant of the XSLCmd backdoor that has been used in targeted attacks infecting Mac OX based systems. Experts at FireEye Labs have discovered a previously unknown variant of the APT backdoor XSLCmd, OSX.XSLCmd, which is used by a group of hackers known for past cyber espionage activities against the U.S. […]
Pierluigi Paganini
August 29, 2014
US law enforcement and private security firms are investigating on a series of cyber attacks which hit JPMorgan and other financial institutions. The FBI announced that the Bureau is investigating media reports of cyber attacks on US banks and financial firms, but law enforcement hasn’t provided further information on the incidents neither on the affected companies. […]
Pierluigi Paganini
August 19, 2014
Experts at Kaspersky discovered that Stuxnet exploits targeting a Windows Shell Vulnerability is still largely used in cyber attacks. Stuxnet has changed the history of malware development, it is considered the fist cyber weapon used by a government in an act of Information Warfare. As remarked by most popular security experts, the militarization of the […]
Pierluigi Paganini
July 31, 2014
Pen Testers at Offensive Security discovered Zero-day flaws in Symantec Endpoint Protection that could be exploited to gain full system access. Yesterday I reported the results of the study conducted by the security researcher Joxean Koret which publicly revealed a series of flaws affecting 14 of 17 major antivirus engines. The security experts remarked that antivirus products are […]
Pierluigi Paganini
July 26, 2014
The co-creator of the Tor network confirmed that the Tor Project team is working to identify and fix the bug announced by researchers at Carnegie Mellon. Tor network is a system designed to anonymize user’s experience on the web, allowing the publishing of content in the part of web non indexed by search engines, dubbed DeepWeb. A […]
Pierluigi Paganini
July 24, 2014
A researchers at the Exodus Intelligence firm has discovered a series of zero day vulnerabilities in the popular Tails Linux-based distribution. A researcher at Exodus Intelligence has discovered critical zero-day vulnerabilities in the popular Tails live operating system. Tails is considered by security experts an indispensable tool to preserve the privacy and security of users that intend to […]
Pierluigi Paganini
July 16, 2014
Project Zero is the new initiative announced by Google. The company is hiring the top security experts to make the Internet a more secure place. Google has publicly announced a new program called “Project Zero,” an ambitious project which involves a team of Star Hackers and Bug Hunters with the purpose to improve security of the […]
Pierluigi Paganini
June 06, 2014
Microsoft has announced the official patch for the critical vulnerability discovered recently in the Internet Explorer. Microsoft has published the “Microsoft Security Bulletin Advance Notification for June 2014” in which are released seven security Bulletins addressing different vulnerabilities in the company’s products. The notification includes two critical Remote Code Execution vulnerabilities affecting the products Microsoft Windows, Internet Explorer, MS […]
