Hacking

Pierluigi Paganini May 23, 2019
PoC Exploits for CVE-2019-0708 wormable Windows flaw released online

Several security experts have developed PoC exploits for wormable Windows RDS flaw tracked as CVE-2019-0708 and dubbed BlueKeep. Experts have developed several proof-of-concept (PoC) exploits for the recently patched Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and dubbed BlueKeep. One of the PoC exploits could be used for remote code execution on vulnerable […]

Pierluigi Paganini May 23, 2019
UK provided evidence to 16 NATO allies of Russia hacking campaigns

UK Government has provided to 16 NATO allies evidence of malicious Russia ‘s cyber activity in their countries over the last 18 months. According to the foreign minister Jeremy Hunt, the UK Government has provided to 16 NATO allies evidence of cyber attacks carried out by Russia against their countries over the last 18 months. […]

Pierluigi Paganini May 23, 2019
SandboxEscaper disclosed 3 Microsoft zero-day flaws in 24 hours

Yesterday SandboxEscaper publicly disclosed a Windows zero-day vulnerability, now she disclosed other two unknown issues in less than 24 hours. Just Yesterday, the popular developer SandboxEscaper publicly disclosed a Windows zero-day vulnerability in the Task Manager, now in less than 24 hours the revealed two more unpatched Microsoft zero-day flaws. The two new zero-day issues […]

Pierluigi Paganini May 22, 2019
ActiveX Controls in South Korean websites are affected by critical flaws

Security experts discovered tens of critical vulnerabilities were found in 10 South Korean ActiveX controls as part of a short research project. Security researchers at Risk Based Security have discovered tens of critical vulnerabilities in 10 South Korean ActiveX controls as part of a research project. The experts discovered that many South Korean websites still […]

Pierluigi Paganini May 22, 2019
SandboxEscaper is back with a new Windows Zero-Day in Task Scheduler

SandboxEscaper is back with a new Windows Zero-Day in Win 10 Task Scheduler The developer SandboxEscaper makes the line again, this time he publicly released the exploit code for a Windows zero-day that affect the Windows 10 Task Scheduler. Since August 2018, the expert already revealed other four Windows zero-day vulnerabilities without reporting them to […]

Pierluigi Paganini May 22, 2019
The Satan Ransomware adds new exploits to its arsenal

A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible. The Satan ransomware first appeared […]

Pierluigi Paganini May 21, 2019
MuddyWater BlackWater campaign used new anti-detection techniques

A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros).  The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques, […]

Pierluigi Paganini May 20, 2019
Linux kernel privilege escalation flaw CVE-2019-11815 affects RDS

Experts discovered a privilege escalation vulnerability in the Linux Kernel, tracked as CVE-2019-11815, that affects the implementation of RDS over TCP. Experts discovered a memory corruption vulnerability in Linux Kernel that resides in the implementation of the Reliable Datagram Sockets (RDS) over TCP. The vulnerability tracked as CVE-2019-11815 could lead to privilege escalation, it received a […]

Pierluigi Paganini May 20, 2019
Defiant Tech firm who operated LeakedSource pleads guilty

The Royal Canadian Mounted Police (RCMP), announced that the company behind LeakedSource, Defiant Tech Inc., pleads guilty in Canada. Defiant Tech Inc., the company behind the LeakedSource.com website, pleaded guilty in Canada. The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. It reported some of […]

Pierluigi Paganini May 20, 2019
Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software. The Israeli firm is now […]