NEWS

  • 27/06/2019 12:54:04

    Esce oggi il Cybersecurity Act, nuovo strumento normativo europeo che punta a stabilire delle regole per una sicurezza informatica più coesa e comunitaria. Si tratta di un Regolamento che ha lo scopo di creare un quadro europeo ben definito sulla certificazione della sicurezza informatica di...

  • 20/06/2019 10:34:54

    Mozilla ha corretto Type Confusion, un bug che consentiva attacchi in remoto di un'efficacia devastante.

    SI trattava di una vulnerabilità zero-day che consentiva di avviare esecuzione di codice in remoto semplicemente attirando le vittime su un sito Internet sotto il controllo dei pirati...

  • 12/06/2019 12:16:12

    Niccolò Maggioni (corso di laurea in Informatica UniFi),  Ion Farima  (corso di laurea in Informatica UniFi), Lorenzo Coppi (ITIS Antonio Meucci, Firenze), Riccardo Degli Esposti (ITIS Antonio Meucci, Firenze) sono i quattro “hacker” toscani che hanno vinto le selezioni regionali per partecipare...

  • 07/06/2019 16:59:44

    Scoperta una grave vulnerabilità di sicurezza (CVE-2019-0708) che affligge i sistemi Windows versioni 7, Vista, XP, Server
    2008R2, e Server 2003.
    La vulnerabilità in questione ha un potenziale impatto paragonabile a quello di EternalBlue sfruttato dal malware WannaCry e simili....

  • 11-10-2019 09:00 to 17:00
    Officine Garibaldi,Via Vincenzo Gioberti, 39, 56124 Pisa PI

    Un evento tutto dedicato alla cybersecurity a cui parteciperanno esperti di settore, ricercatori, rappresentanti del mondo delle imprese. Nel corso della giornata saranno presentate le attività di...

SERVICES

This service identifies typical ransomware behaviours such as file ciphering. Differently from signature-based anti-...

The service shows a 3D representation of network traffic related to attacks on a honeypot in Pisa. In addition, the...

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

An onthology represents an important resource for the organisation of a domain's knowledge in a more detailed way by...

LATEST CVE

Published Description
CVE-2019-12820
19-07-2019 14:15:11
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Actions performed on the app such as changing a password, and personal information it communicates with the server, use unencrypted HTTP. As an example, while logging in through the app to a Jisiwei account, the login request is being sent in cleartext. The vulnerability exists in both the Android and iOS version of the app. An attacker could exploit this by using an MiTM attack on the local network to obtain someone's login credentials, which gives them full access to the robot vacuum cleaner.
CVE-2019-12945
19-07-2019 13:15:12
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2019-12453
19-07-2019 13:15:12
In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.
CVE-2019-1010238
19-07-2019 13:15:11
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.
CVE-2018-17792
19-07-2019 13:15:11
MDaemon Webmail (formerly WorldClient) has CSRF.

Pages

LATEST EXPLOIT

Date Title Platform Author
17-07-2019
WinMPG iPod Convert 3.0 - 'Register' Denial of Service windows stresser
17-07-2019
Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME linux Google Security Research
16-07-2019
Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection windows hyp3rlinx
16-07-2019
CentOS Control Web Panel 0.9.8.838 - User Enumeration linux Pongtorn Angsuchotmetee_ Nissana Sirijirakal_ Narin Boonwasanarak
16-07-2019
Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit) windows Metasploit

Pages