Il Blog di Michele Pinassi

Il massiccio blackout che ieri ha colpito Spagna, una parte del Portogallo e una parte della Francia è stato un evento devastante. Ecco perché. https://arstechnica.com/science/2025/04/why-restarting-a-power-grid-is-so-hard/

Browser Use WebUI 反序列化漏洞 Browser Use WebUI 反序列化漏洞 by SeeBug - https://r.zerozone.it/post/A3xq1XtTDyXGmW63Z

CentreStack & Triofox 反序列化漏洞(CVE-2025-30406) CentreStack & Triofox 反序列化漏洞(CVE-2025-30406) by SeeBug - https://r.zerozone.it/post/Tx5zduDFabwwSS0zr

European Vulnerability Database https://euvd.enisa.europa.eu/

Campagne di Phishing a tema PagoPA – false sanzioni stradali Il CERT-AGID sta registrando un numero crescente di segnalazioni relative a una nuova ondata di phishing, attualmente in forte espansione, che sfrutta in modo fraudolento il nome PagoPA. I messaggi, diffusi via email o SMS, mirano a ingannare gli utenti inducendoli a effettuare pagamenti non dovuti attraverso falsi solleciti di [...] by CERT-AgID - https://r.zerozone.it/post/rgC06xWprvrDjmP8t

IoT Network Security: Analyzing Decrypted Zigbee Traffic Data - Rackenzik https://rackenzik.com/enhancing-iot-network-security-and-performance-insights-from-decrypted-zigbee-traffic-data/

Sintesi riepilogativa delle campagne malevole nella settimana del 12 – 18 aprile In questa settimana, il CERT-AGID ha riscontrato ed analizzato, nello scenario italiano di suo riferimento un totale di 57 campagne malevole, di cui 26 con obiettivi italiani e 31 generiche che hanno comunque interessato l’Italia, mettendo a disposizione dei suoi enti accreditati i relativi 767 indicatori di compromissione (IoC) individuati. by CERT-AgID - https://r.zerozone.it/post/bp3cVeCNUmR9vjHtQ

During this investigation, a threat actor was observed using known vulnerabilities (e.g. FG-IR-22-398, FG-IR-23-097, FG-IR-24-015) to gain access to Fortinet devices. The targeting of known, unpatched vulnerabilities by a threat actor is not new and has been previously examined; this specific finding is the result of a threat actor taking advantage of a known vulnerability with a new technique to maintain read-only access to vulnerable FortiGate devices after the original access vector was locked down. https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity

Solidarietà alla redazione di Basilicata24 per quello che si configura come un atto intimidatorio, sproporzionato nella sua esecuzione, nei confronti degli organi di stampa e di informazione. https://www.articolo21.org/2025/04/perquisizione-nella-redazione-di-basilicata24-solidarieta-da-articolo-21/

I boosted several posts about this already, but since people keep asking if I've seen it.... MITRE has announced that its funding for the Common Vulnerabilities and Exposures (CVE) program and related programs, including the Common Weakness Enumeration Program, will expire on April 16. The CVE database is critical for anyone doing vulnerability management or security research, and for a whole lot of other uses. There isn't really anyone else left who does this, and it's typically been work that is paid for and supported by the US government, which is a major consumer of this information, btw. I reached out to MITRE, and they confirmed it is for real. Here is the contract, which is through the Department of Homeland Security, and has been renewed annually on the 16th or 17th of April. https://www.usaspending.gov/award/CONT_AWD_70RCSJ23FR0000015_7001_70RSAT20D00000001_7001 MITRE's CVE database is likely going offline tomorrow. They have told me that for now, historical CVE records will be available at GitHub, https://github.com/CVEProject Yosry Barsoum, vice president and director at MITRE's Center for Securing the Homeland, said: “On Wednesday, April 16, 2025, funding for MITRE to develop, operate, and modernize the Common Vulnerabilities and Exposures (CVE®) Program and related programs, such as the Common Weakness Enumeration (CWE™) Program, will expire. The government continues to make considerable efforts to support MITRE’s role in the program and MITRE remains committed to CVE as a global resource.” https://infosec.exchange/@briankrebs/114343835430587973