Pierlugi Paganini

Pierluigi Paganini January 27, 2019
Using steganography to obfuscate PDF exploits

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. “Shortly after last week’s discovery of a PDF exploit which used the […]

Pierluigi Paganini November 15, 2018
Kaspersky Lab opens first Transparency Center in Zurich

Kaspersky Lab starts data processing for European users in Zurich and also launched the first Transparency Cente under the announced Transparency Initiative From today, malicious and suspicious files shared by users of Kaspersky Lab products in Europe will start to be processed in data centers in Zurich, initiating the first part of a relocation commitment […]

Pierluigi Paganini September 11, 2018
Zerodium disclose exploit for NoScript bug in version 7 of Tor Browser

Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. Zero-day broker Zerodium has disclosed a NoScript vulnerability that could be exploited by attackers to execute arbitrary JavaScript code in the Tor Browser. NoScript is a popular Firefox extension that protects users against malicious scripts, it only allows […]

Pierluigi Paganini February 16, 2018
DELL EMC addressed two critical flaws in VMAX enterprise storage systems

Dell EMC addressed two critical vulnerabilities that affect the management interfaces for its VMAX enterprise storage systems. The Dell EMC’s VMAX Virtual Appliance (vApp) Manager is an essential component of a wide range of the enterprise storage systems. The first flaw tracked as CVE-2018-1215 is an arbitrary file upload vulnerability that could be exploited by a […]

Pierluigi Paganini November 24, 2017
Advanced cyber attack hits Saudi Arabia to disrupt government computers

Saudi Arabia announced to have detected an “advanced” cyber attack targeting the kingdom with the intent to disrupt government computers. On Monday, Saudi authorities announced to have detected an “advanced” cyber attack targeting the kingdom. According to the experts at the Saudi National Cyber Security Centre, the attackers aimed to disrupt government computers. The attackers […]

Pierluigi Paganini September 23, 2014
iOS 7_1 exploit for CVE-2014-4377 critical flaw publicly available

Users which haven’t upgraded their systems to the Apple iOS 8 could be victims of a new iOS 7.1 exploit targeting the CVE-2014-4377 vulnerability. Security experts at Binamuse firm have discovered the availability online of the exploit kit which targets the vulnerability coded CVE-2014-4377, a memory corruption issue in iOS’s core graphics library. The exploitation of CVE-2014-4377 could […]