Breaking News

Pierluigi Paganini November 07, 2016
Tesco Bank suspended all online transactions due to a cyber heist

Tesco Bank halted all online transactions after a cyber heist affected thousands of its customers. An investigation is ongoing. Tesco Bank is going to adopt a strong measure in response to a cyber attack, the financial institution will freeze customers’ online transactions. The measure was announced by the chief executive Benny Higgins, the bank has admitted […]

Pierluigi Paganini November 07, 2016
Cisco data leak – Job applications portal leaked personal information

Cisco data leak – Cisco has fixed a security vulnerability in the company Professional Careers portal that exposed personal information of the users. Cisco data leak – Cisco has fixed a security vulnerability existing in the company Professional Careers portal that may have leaked personal information. Cisco has notified the issue to the affected users […]

Pierluigi Paganini November 07, 2016
Bypassing Two-Factor Authentication on Outlook Web Access

Enterprises running Exchange Server using two-factor authentication on Outlook Web Access (OWA) could be hacked due to a design flaw. New troubles for enterprises running Exchange Server, two-factor authentication implementations on Outlook Web Access (OWA) could be easily bypassed due to a design flaw. An attacker can bypass two-factor authentication to access email inboxes, calendars, contacts and […]

Pierluigi Paganini November 06, 2016
Databases of Indian embassies leaked online. Too easy hack them

The databases of the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya were leaked online by two grey hat hackers. Today I was contacted by a security pentester who goes online with the moniker Kapustkiy who revealed me to have breached the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy and his friend Kasimierz (@Kasimierz_) told […]

Pierluigi Paganini November 06, 2016
How to Exploit Belkin WEMO gear to hack Android devices

Belkin’s WeMo home automation firmware that’s in use in several IoT devices has recently been found vulnerable to an SQL injection. Belkin’s WeMo home automation firmware that’s in use in its light bulbs, switches, security cameras, coffee makers and room heaters has recently been found vulnerable to an SQL injection. The hack allows root privileges […]

Pierluigi Paganini November 06, 2016
Watch out! A new LinkedIn Phishing campaign is spreading in the wild

Experts from Heimdal Security reported a recent LinkedIn phishing campaign aiming to collect confidential information from unsuspecting users. Phishing attacks continue to be a serious threat, crooks exploit paradigms such as social medial platforms and mobile in the attempt of stealing sensitive data.According to 2015 Verizon Data Breach Investigation Report, 23% of email recipients open […]

Pierluigi Paganini November 06, 2016
Security Affairs newsletter Round 85 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html THANK YOU! AV-TEST study sees search engine results even more poisoned with malicious links LDAP as attack […]

Pierluigi Paganini November 06, 2016
Commercial Exaspy spyware used to target high-level executives

Security researchers at Skycure have discovered a new commodity Android Spyware, dubbed Exaspy, targeting high-level executives. While in many countries the number of Smartphone and Tables is greater of desktop PC, new threats are targeting mobile devices. Researchers at Skycure have discovered a new strain of Android spyware, dubbed Exaspy, that has been used in targeted attacks against […]

Pierluigi Paganini November 05, 2016
The US Government is ready to hack back if Russia tries to hit Presidential Election

Documents and testimonials collected by the NBC news confirm US Government cyber army is ready to hack back if Russia tries to disrupt Presidential Election The alleged interference of Russian state-sponsored hackers into the 2016 Presidential election is triggering the response of the US. For the first time, a member of the US Presidential Staff has treated another country […]

Pierluigi Paganini November 05, 2016
One oAuth 2.0 hack, 1 Billion Android App Accounts potentially exposed

Security researchers demonstrated that a Wrong oAuth 2.0 implementation allows a remote simple hack that exposes more than 1 Billion Android App Accounts. A remote simple hack devised by a group of security researchers threatens an amazing number of Android and iOS apps. An attacker can use the technique to sign into any victim’s mobile […]