Security

Pierluigi Paganini July 09, 2018
HP iLO servers running outdated firmware could be remotely hacked

Hewlett Packard Integrated Lights-Out 4 (HP iLO 4) servers are affected by a critical Bypass Authentication vulnerability, technical details and a PoC code have been published online. The flaw, tracked as CVE-2017-12542, received a severity score of 9.8 out of 10 because it is very simple to exploit. “Integrated Lights-Out, or iLO, is a proprietary embedded server management […]

Pierluigi Paganini July 08, 2018
Smart Speaker Banking Is Coming to a Device Near You, But Is It Secure?

Smart speaker Banking Is coming to a device near you, Which are the cyber risks associated with their use? Are they a new opportunity for attackers? The popularity of voice-activated smart speakers like the Google Home and Amazon Echo has made brands, and industries realize there’s adequate demand for introducing technology that lets people accomplish […]

Pierluigi Paganini July 06, 2018
Google July 2018 Android patches fixes critical vulnerabilities

This week Google released the July 2018 Android patches that address tens of vulnerabilities in the popular mobile operating system. Google released the July 2018 Android patches that address a total of 11 vulnerabilities, including three Critical issues and 8 High-risk flaws that affect the framework, media framework, and system. The critical vulnerabilities are remote code […]

Pierluigi Paganini July 05, 2018
Thunderbird Version 52.9 addresses several issues, including the EFAIL flaw

The Thunderbird team released a new version of the popular email client that addresses many security issued, including the EFAIL vulnerability. Thunderbird has released a new version to address a dozen security vulnerabilities, including the EFAIL encryption issue that was discovered in May. The new version addresses two EFAIL-related issues in the way Thunderbird handles […]

Pierluigi Paganini July 05, 2018
Why Banning Risks to Cybersecurity Doesn’t Actually Improve Cybersecurity

There’s a prevailing mindset that suggests if organizations ban all the things that pose risks to overall cybersecurity, they’re taking the most effective approach to make their organizations secure. Initially, that line of thinking seems sensible in some regards. After all, if the aspects that threaten cybersecurity aren’t allowed at all, the problems they pose […]

Pierluigi Paganini June 29, 2018
Twitter shared details about its strategy for fighting spam and bots

Twitter provided some details on new security processes aimed at preventing malicious automation and spam. The tech giant also shared data on the success obtained with the introduction of the new security measures. Social media platform are a privileged tool for psyops and malicious campaign, for this reason, Twitter rolled out new features to detect and […]

Pierluigi Paganini June 26, 2018
The Wi-Fi Alliance announced the launch of the WPA3 security standard

The Wi-Fi Alliance announced late on Monday the launch of the WPA3 security standard that promises to increase the Wi-Fi security. The Wi-Fi Alliance officially launched the WPA3, the new Wi-Fi security standard that will address all known security issues affecting the precious standards and will mitigate wireless attacks such as the KRACK attacks and DEAUTH attacks. The Wi-Fi […]

Pierluigi Paganini June 25, 2018
Oracle issued security patches for recently discovered Spectre and Meltdown issues

Last week Oracle started releasing software and microcode updates for products affected by the recently disclosed variants of the Spectre and Meltdown flaws. In May, tech giants Intel, AMD, ARM, IBM, Microsoft and other tech firms teamed to disclose two new variants of both Meltdown and Spectre issues. The so-called Variant 4 (CVE-2018-3639) relies on a Speculative Store Bypass (SSB), […]

Pierluigi Paganini June 24, 2018
A hacker devised a method to unlock any iPhone and iPad device

A security researcher has devised a method to brute force a passcode on every Apple iPhone or iPad, even the up-to-date ones. Since iOS 8 rolled out in 2014, iPhone and iPad devices are protected with encryption, without providing passcode it is quite impossible to unlock the device. If the user enters more than 10 times […]

Pierluigi Paganini June 21, 2018
Cisco security updates address five critical issues in NX-OS Software

Cisco released security patches for more than 30 vulnerabilities, including five Critical arbitrary code execution issues affecting the NX-OS Software Cisco released security patches for more than 30 vulnerabilities including five Critical arbitrary code execution issues affecting the NX-API feature of NX-OS Software (CVE-2018-0301) and the Fabric Services component of FXOS Software and NX-OS Software […]