Breaking News

Pierluigi Paganini February 23, 2018
Meltdown patch for OpenBSD is available … let’s wait for feedbacks

OpenBSD releases Version 11 code update that addresses the Meltdown vulnerability by implementing the separation between the kernel and the user memory pages. OpenBSD addresses the Meltdown vulnerability with the release of a Version 11 code. The update implements the separation between the kernel and the user memory pages. OpenBSD’s Phillip Guenther provided further details on the implementation. “When […]

Pierluigi Paganini February 23, 2018
Drupal addressed several vulnerabilities in Drupal 8 and 7

The Drupal development team addressed many vulnerabilities in both Drupal 8 and 7, including some flaws rated as “critical”. Drupal maintainers have fixed many vulnerabilities in Drupal 7 and 8, including some flaws rated as “critical.” One of the critical security vulnerabilities is related to partial cross-site scripting (XSS) prevention mechanisms that was addressed with Drupal 8.4.5 and 7.57 […]

Pierluigi Paganini February 22, 2018
Hackers compromised a Tesla Internal Servers with a Cryptocurrency miner

Cloud security firm RedLock discovered that hackers have compromised the Tesla cloud computing platform to mine cryptocurrency. Tesla has confirmed that hackers have compromised its cloud computing platform to mine cryptocurrency, after the incident was discovered by cloud security firm RedLock. The hackers have breached the Tesla cloud servers and have installed a crypto currency […]

Pierluigi Paganini February 22, 2018
The Global cost of cybercrime jumped up to $600 Billion

The tech giants McAfee and Cisco published to reports that providers further info about the global impact of cybercrime. Which is the cost of cybercrime? It is hard to provide an effective a good estimation of the overall impact of the numerous phenomena that happen every day, including cyber attacks, data breaches, scams and so on. The tech […]

Pierluigi Paganini February 22, 2018
Google white hackers disclosed critical vulnerabilities in uTorrent clients

White hackers at Google Project Zero have discovered two critical remote code execution vulnerabilities in versions of BitTorrent’s web-based uTorrent Web client and uTorrent Classic desktop client. With dozens of millions of active users a day, uTorrent is one of the most popular torrent client, the vulnerabilities could be easily exploited by the researchers to deliver a […]

Pierluigi Paganini February 21, 2018
Intel releases Spectre patches for Skylake, Kaby Lake, Coffee Lake

Intel released a stable microcode update to address the Spectre vulnerability for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants. Intel has released microcode to address the CVE-2017-5715 Spectre vulnerability for many of its chips, let’s this time the security updates will not cause further problems. The Spectre attack allows user-mode applications to extract information […]

Pierluigi Paganini February 21, 2018
Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia

Experts from Kaspersky highlighted a shift focus in the Sofacy APT group’s interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia. The Russia-linked APT28 group (aka Pawn Storm, Fancy Bear, Sofacy, Sednit, Tsar Team and Strontium.) made the headlines again, this time security experts from Kaspersky highlighted a shift focus in their interest, from NATO member […]

Pierluigi Paganini February 21, 2018
Control Flow Integrity, a fun and innovative Javascript Evasion Technique

Javascript evasion technique – Security Expert Marco Ramilli detailed a fun and innovative way to evade reverse-engineering techniques based on Javascript technology. Understanding the real code behind a Malware is a great opportunity for Malware analysts, it would increase the chances to understand what the sample really does. Unfortunately it is not always possible figuring […]

Pierluigi Paganini February 21, 2018
North Korean APT Group tracked as APT37 broadens its horizons

Researchers at FireEye speculate that the APT group tracked as APT37 (aka Reaper, Group123, ScarCruft) operated on behalf of the North Korean government. Here we are to speak about a nation-state actor dubbed APT37 (aka Reaper, Group123, ScarCruft) that is believed to be operating on behalf of the North Korean government. APT37 has been active since at least […]

Pierluigi Paganini February 20, 2018
Coldroot RAT cross-platform malware targets MacOS without being detected

The former NSA hacker and malware researcher Patrick Wardle is back, this time he spotted a new remote access Trojan dubbed Coldroot RAT. The Coldroot RAT is a cross-platform that is targeting MacOS systems and the bad news is that AV software is not able to detect it. The malware acts as a keylogger on MacOS systems prior to […]