Security

Pierluigi Paganini August 16, 2018
SAP Security Notes August 2018, watch out for SQL Injection

SAP released security notes for August 2018 that address dozens patches, the good news is that there aren’t critical vulnerabilities. SAP issues 27 Security Notes, including 14 Patch Day Notes and 13 Support Package Notes. Seven notes are related to previously published patches. “On 14th of August 2018, SAP Security Patch Day saw the release of 12 Security Notes. […]

Pierluigi Paganini August 16, 2018
Piping botnet: Researchers warns of possible cyberattacks against urban water services

Piping botnet – Israeli researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously. Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water […]

Pierluigi Paganini August 15, 2018
Foreshadow Attacks – experts found 3 new Intel CPU side-channel flaws

Foreshadow Attacks – Security researchers disclosed the details of three new speculative execution side-channel attacks that affect Intel processors. The new flaws, dubbed Foreshadow and L1 Terminal Fault (L1TF), were discovered by two independent research teams. An attacker could exploit the Foreshadow vulnerabilities attacks to gain access to the sensitive data stored in a computer’s memory or third-party clouds. […]

Pierluigi Paganini August 15, 2018
August 2018 Microsoft Patch Tuesday fixes two flaws exploited in attacks in the wild

Microsoft Patch Tuesday update for August 2018 addresses a total of 60 vulnerabilities, two of which are actively exploited in attacks in the wild. After Adobe, also Microsoft released the Patch Tuesday update for August 2018 that addresses a total of 60 vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange […]

Pierluigi Paganini August 15, 2018
Adobe August 2018 Patch Tuesday addresses 11 vulnerabilities in its products

Adobe released the August 2018 Patch Tuesday updates that address 11 vulnerabilities in Flash Player, the Creative Cloud Desktop Application, Experience Manager, and Acrobat and Reader. Adobe August 2018 Patch Tuesday updates have addressed eleven vulnerabilities in eleven products, five of them in Flash Player. Below vulnerability details: Vulnerability Category Vulnerability Impact Severity CVE Number Out-of-bounds read Information […]

Pierluigi Paganini August 13, 2018
Oracle warns of CVE-2018-3110 Critical Vulnerability in Oracle Database product, patch it now!

Last week Oracle disclosed a critical vulnerability in its Oracle Database product, the issue tracked as CVE-2018-3110 has received a CVSS score of 9.9, On Friday, Oracle released security patches to address a critical vulnerability affecting its Database product, the company is urging install them as soon as possible. The vulnerability resides in the Java VM component […]

Pierluigi Paganini August 11, 2018
Quiet Skies, TSA surveillance program targets Ordinary U.S. Citizens

Journalists revealed a new surveillance program that targets US citizens, the program was previously-undisclosed and code named ‘Quiet Skies’. According to the Transportation Security Administration (TSA), that has admitted the  Quiet Skies, the program has monitored about 5,000 U.S. citizens on domestic flights in recent months. Quiet Skies was criticized by privacy advocates because the […]

Pierluigi Paganini August 09, 2018
BIND DNS software includes a security feature that could be abused to cause DoS condition

The Internet Systems Consortium (ISC) announced the presence of a serious flaw in the BIND DNS software that can be exploited by remote attackers to cause a denial-of-service (DoS) condition. The vulnerability tracked as CVE-2018-5740 was discovered by Tony Finch of the University of Cambridge. The flaw has been assigned a CVSS score of 7.5, the […]

Pierluigi Paganini August 08, 2018
GitHub started warning users when adopting compromised credentials

In order to improve the security of its users, the popular software code hosting service GitHub is now alerting account holders whenever it detects that a password has been exposed by data breaches on other services. Last week the popular software code hosting service GitHub has introduced a new feature to protect its users, it […]

Pierluigi Paganini August 07, 2018
Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. Security experts from Group-IB, an international company specializing in preventing cyberattacks and developing information security solutions, has investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. Within a year, the number […]