Pierluigi Paganini
August 18, 2017
Experts discovered a flaw in CAN protocol that could be exploited by an attacker to disable safety systems of connected cars, including power-steering. Almost any function in modern vehicles, from brakes to accelerator, is electronically controlled, this means that the surface of attack is dramatically enlarging. We discussed car hacking several times, experts have demonstrated on different occasions […]
Pierluigi Paganini
August 17, 2017
Drupal maintainers this week released security updates to fix several access bypass vulnerabilities in Drupal 8. Update your installation. On Wednesday Drupal maintainers released security updates to fix several access bypass vulnerabilities in Drupal 8. The flaws affect several components, including the entity access system, the REST API and some views. The most severe vulnerability patched by Drupal 8.3.7 is a critical issue, tracked as CVE-2017-6925 that affects […]
Pierluigi Paganini
August 17, 2017
Developer accounts of popular chrome extensions being hijacked by cyber criminals, over 4.7 million users are at a risk of cyber attack. Over 4.7 million users could be at risk after being exposed to malicious adverts and credentials theft due to developer accounts of popular chrome extensions being hijacked by cyber criminals. A phishing campaign […]
Pierluigi Paganini
August 17, 2017
The transportation giant Maersk announced that it would incur hundreds of millions in U.S. dollar losses due to the NotPetya ransomware massive attack. A.P. Moller-Maersk, the transportation and logistics firm, announced Tuesday that it would incur hundreds of millions in U.S. dollar losses due to the NotPetya ransomware massive attack. According to the second quarter earnings report, there were expecting losses between […]
Pierluigi Paganini
August 17, 2017
The Scottish Parliament has been targeted by a “brute force” attack, the assault is still ongoing and is similar to the one that hit the British Parliament. The Scottish Parliament is under attack, crooks are brute-forcing email accounts in the attempt to access members’ emails. The attack appears similar to the one that in June […]
Pierluigi Paganini
August 16, 2017
Researchers at Cybereason have discovered a new strain of the Cerber ransomware that implements a new feature to avoid triggering canary files. The canary files are a security measure for the early detection of threat like ransomware. These files are located in specific positions of systems and an anti-ransomware application watches for any modification. If the […]
Pierluigi Paganini
August 16, 2017
During Defcon 25 hacking conference held in Las Vegas on July, a new eavesdropping attack technique was introduced, it was dubbed DitM (Dog In The Middle). During Defcon 25 one of the biggest information security event that took place in Las Vegas on July 27-30 this year, a new eavesdropping attack technique was introduced. At […]
Pierluigi Paganini
August 16, 2017
Kaspersky Lab discovered attackers were able to modify the NetSarang software update process to include a malware tracked as ShadowPad backdoor. Software update mechanism could be an efficient attack vector, news of the day is that hackers compromised the update process for a popular server management software package developed by NetSarang. Attackers were able to […]
Pierluigi Paganini
August 16, 2017
Some models of LockState smart locks also used by AirBnB customers were bricked by an OTA firmware update leaving guests unable to access their rentals. At the last Black Hat hacker conference, security experts demonstrated how to hack electronic locks, and the news I’m going to tell you demonstrates how annoying could be an incident to […]
Pierluigi Paganini
August 15, 2017
To fight phishing attacks, Google has introduced a security measure for its Gmail app for iOS that will help users identify and delete phishing emails. Phishing continues to be one of the most dangerous threats, crooks continue to devise new techniques to trick victims into providing sensitive information. The technique is still the privileged attack vector for […]
