MITRE has challenged the security community to devise new methods that could help in detecting rogue IoT devices on a network. The non-profit research and development organization MITRE has challenged security researchers to propose new methods and technologies that could help in detecting rogue Internet of Things (IoT) devices on a network. The goal of […]
A German nuclear plant suffered a disruptive cyber attack, the news was publicly confirmed by the IAEA Director Yukiya Amano. According to the head of the United Nations nuclear watchdog, the International Atomic Energy Agency (IAEA) Director Yukiya Amano, a nuclear power plant in Germany was hit by a “disruptive” cyber attack two to three […]
The UK Government has decided to ban Apple Watches ban from the Cabinet over foreign eavesdropper fears, in 2013 occurred with the iPad. The political fears cyber espionage, the recent string of cyber attacks against the US Presidential election and the constant pressure of Chinese hackers urge a major awareness on the cyber threats. In 2013, cabinet ministers were banned from bringing […]
Simone Margaritelli has done a reverse engineering of the Smarter Coffee IoT Machine Protocol to control the machine from his terminal. What is the lesson? While security industry is stressing the need to adopt a security by design approach for IoT devices, security researchers continue to find flawed and poorly designed smart objects. Clearly, such kind of devices […]
The security researcher Matt Weeks discovered a way to abuse the Microsoft Just Enough Administration (JEA) technology to escalate user profiles. Just Enough Administration aka JEA is a Microsoft technology that enables the delegated administration for carry on task with PowerShell. With JEA in place, it is possible to properly configure a role for administrators giving […]
Law enforcement and security experts have dismantled the Encryptor RaaS architecture by localizing one of its servers with Shodan. Shodan is a search engine for internet-connected devices, it is a precious instrument for IT experts and hackers that use it to find assess systems exposed on the Internet. The information gathered via Shodan could allow attackers […]
The users of the free version of the popular Spotify online music service have been served malicious advertisements. Spotify users have been targeted by a malvertising campaign, the malicious advertising served to the victims could automatically open a web browser and redirect victims websites hosting malware. Spotify is a popular online music service that allows its […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html THANK YOU! DefecTor â Deanonymizing Tor users with the analysis of DNS traffic from Tor exit relays […]
As the Hurricane Matthew batters the South Carolina coast, authorities are warning of a series of cyber attacks against residents. Cyber criminals have no scruples and are ready to bring in any tragic event in their favor. In the past crooks exploited the media interest in tragic events like the Boston Marathon attack and the […]
Cisco has rolled out several critical software patches for the CISCO Nexus 7000-series switches and the related NX-OS software. According to the Cisco Security Advisory, an attacker could exploit the vulnerabilities to gain remote access to vulnerable systems and execute code or commands. According to Wednesdayâs Cisco Security Advisory, both the Nexus 7000 and 7700 […]