US-CERT

Pierluigi Paganini July 26, 2018
US-CERT warns of ongoing cyber attacks aimed at ERP applications

US-CERT warns of cyber attacks on ERP applications, including Oracle and SAP, and refers an interesting report published by Digital Shadows and Onapsis. US-CERT warns of cyber attacks on Enterprise resource planning (ERP) solutions such as Oracle and SAP, both nation-state actors and cybercrime syndicates are carrying out hacking campaign against these systems. The report published by […]

Pierluigi Paganini July 02, 2017
US-CERT published an alert on the last variant of Petya ransomware, including countermeasures

The Department of Homeland Security’s (DHS) US Computer Emergency Readiness Team (US-CERT) published the Alert (TA17-181A) on the Petya Ransomware. The US-CERT urges organizations of updating their software and avoiding use unsupported applications and OSs. The US-CERT confirmed it has received multiple reports of Petya ransomware infections related the recent massive attack. The ransomware leverages the ETERNALBLUE […]

Pierluigi Paganini July 22, 2016
Many enterprise apps affected by flaws in Oracle OIT libraries

18 out of 276 vulnerabilities fixed by Oracle with the last Patch Update resides in the OIT libraries that are used by products of numerous major vendors. The last critical Patch Update released by Oracle this week is in the headlines for the number of patches it includes. It includes the fixes for 276 vulnerabilities, 19 of […]

Pierluigi Paganini May 30, 2016
US-CERT warns MEDHOST medical app contains hard-coded credentials

The US Computer Emergency Response Team has issued a warning after the discovery a security issue the popular medical application MEDHOST PIMS (PIMS). Many security experts believe that medical industry lack of a proper security posture, despite it is a high-tech sector the vast majority of medical equipment was not designed with a security by design […]

Pierluigi Paganini May 26, 2016
US-CERT: Leaked WPAD queries could expose corporate to MitM attacks

Leaked WPAD queries could result in domain name collisions with internal network naming schemes exposing corporate to MITM attacks. The U.S. Computer Emergency Readiness Team(US-CERT) issued the Alert (TA16-144A) to warn of leaked WPAD queries could result in domain name collisions with internal network naming schemes. The WPAD queries are intended for resolution on private or enterprise DNS […]

Pierluigi Paganini April 02, 2015
mDNS can be abused to amplify the traffic of DDoS attack

A security researcher discovered that the improper configuration of some multicast DNS (mDNS) implementations could be used to amplify DDoS attacks. The multicast Domain Name System, also known as mDNS,  is a multiplatform service designed to resolve host names to IP addresses within small networks that doesn’t have a local name server. The mDNS can work in a […]

Pierluigi Paganini October 27, 2014
Backoff infections rise up to 57 percent increase in Q3

Security firm Damballa issued the ‘State of Infections Report Q3 2014’ that highlights a 57% increase in infections of the notorious Backoff POS malware. Security experts at Damballa security firm detected a 57% increase in infections of the popular Backoff malware in the third quarter, the number of infections was jumped high from August to September and […]

Pierluigi Paganini February 12, 2014
Largest Ever 400Gbps Distributed Denial of Service NTP Amplification attack hit Cloudfare

Largest Ever 400Gbps Distributed Denial of Service NTP Amplification attack hits Europe servers of anti-DDoS protection firm Cloudfare. Despite  the Distributed Denial of Service (DDoS) attack is a type of offensive easy to arrange, it is a very insidious threat for web services. A recent analysis revealed that the Distributed Denial of Service attack are increasing in magnitude […]