Breaking News

Pierluigi Paganini April 12, 2017
Watch out! Shadow Brokers dump includes remote root exploits for Solaris boxes

The security expert Matthew Hickey has discovered two tools dubbed EXTREMEPARR and EBBISLAND which were specifically designed to target Solaris systems. After the mysterious Shadow Brokers group has leaked the archive containing the stolen NSA hacking tools and exploits, security experts started analyzing the huge trove of data. Experts discovered that NSA operators developed an attack […]

Pierluigi Paganini April 12, 2017
Microsoft Patch Tuesday fixes three flaws actively exploited in attacks in the wild

Today Microsoft Patch Tuesday fixed the zero-day Word vulnerability that has been actively exploited in attacks in the wild. Microsoft today patched the zero-day Word vulnerability that has been exploited in attacks in the wild. Just yesterday I wrote about a phishing campaign leveraging the flaw to deliver the Dridex banking Trojan. Microsoft published security […]

Pierluigi Paganini April 12, 2017
The Mirai botnet is back and includes a Bitcoin Mining component

Experts at IBM X-Force security firm warn of a new Mirai Botnet implementing Bitcoin crypto-currency mining capabilities. The Mirai botnet was first spotted in august 2016 by the security researcher MalwareMustDie, it was specifically designed to compromise vulnerable or poorly protected IoT. Once Mirai malware compromises an IoT device it recruits it into a botnet primarily used for […]

Pierluigi Paganini April 11, 2017
2017 OWASP Top 10 is out, you can submit your comment until June

The Open Web Application Security Project (OWASP) presented the first release candidate for the 2017 OWASP Top 10, it includes 2 new categories. This week the Open Web Application Security Project (OWASP) presented the first release candidate for the 2017 OWASP Top 10, the principal novelty is the presence of two new vulnerability categories. The […]

Pierluigi Paganini April 11, 2017
G7 DECLARATION ON RESPONSIBLE STATES BEHAVIOR IN CYBERSPACE

Presented the voluntary, non-binding norms of State behavior during peacetime in the G7 DECLARATION ON RESPONSIBLE STATES BEHAVIOR IN CYBERSPACE. The risk of escalation and retaliation in cyberspace, the increasing number of cyber attacks and cyber threats even more sophisticated could have a destabilizing effect on international peace and security. The risk of conflict between states […]

Pierluigi Paganini April 11, 2017
Dridex banking Trojan campaign exploited Microsoft Word 0day recently revealed

Millions of people were targeted by a phishing campaign exploiting a Microsoft Word 0day and aimed to spread the Dridex Banking Trojan. Recently security experts from firms McAfee and FireEye warned of a Microsoft Word zero-day exploited by attackers in the wild. Just opening an MS Word document could put Windows users at risk, the exploitation of the flaw could […]

Pierluigi Paganini April 11, 2017
Symantec confirms that Longhorn group is tied to CIA operators detailed in Vault 7

Symantec reportedly linked the CIA hacking tools to several cyber attacks powered over the years by the Longhorn group. Security experts analyzed the alleged CIA hacking tools included in the Vault 7 dump that have been used against at least 40 governments and private organizations across 16 countries. Researchers at company firm Symantec reportedly linked the CIA […]

Pierluigi Paganini April 10, 2017
Alleged Russian hacker arrested in Spain reportedly over US Presidential Election Hack

Spanish law enforcement arrested in Barcellona the Russian hacker Pyotr Levashov who is suspected of being involved in attacks on 2016 US Election. Spanish law enforcement arrested in Barcelona the Russian hacker and alleged spam kingpin Pyotr Levashov (36). The man is suspected of being involved in hacking attacks against entities linked to the 2016 US Presidential Election. […]

Pierluigi Paganini April 10, 2017
How to get admin credentials from TP-Link M5350 3G/Wi-Fi modem with a text message

A German security researcher discovered how to retrieve the admin credentials from a TP-Link M5350 3G/Wi-Fi modem with an evil text message Some bugs are very strange and dangerous, this is the case of a flaw affecting the TP-Link’s M5350 3G/Wi-Fi router that can expose admin credentials to an evil text message. The bug was discovered […]

Pierluigi Paganini April 10, 2017
Researchers warn of a Windows Zero-Day Attack observed in the wild

Security researchers from firms McAfee and FireEye are warning of a Windows zero-day attack in the wild that put Microsoft users at risk of hack. Security researchers from security firms McAfee and FireEye are warning of hackers exploiting a Windows zero-day vulnerability in the wild. Just opening an MS Word document could put you at risk, […]