Pierluigi Paganini
May 29, 2016
A couple of experts demonstrated how to wirelessly change the time on NTP servers over long distances using an inexpensive equipment. The HACK IN THE BOX conference is a hotbed of interesting hacks, today I will present you the results of a research conducted by the researchers Yuwei Zheng and Haoqi Shan from Qihoo360 firm that explained […]
Pierluigi Paganini
May 28, 2016
Hacker interview – Today I have the honor to interview Claudio Guarnieri, aka Nex, one of the most talented hackers and security researchers. Claudio is known as one of the most active civil rights advocate, he is known for his researchers at the Citizenlab, he is creator of the @cuckoosandbox and @malwr. Enjoy the interview! Hi Claudio, […]
Pierluigi Paganini
May 28, 2016
The hacker Peace is offering for sale hundred Million stolen MySpace Passwords on the black marketplace. This is one of the greatest leaks of ever. A few days ago a hacker with the nickname “Peace” offered for sale on the black market 117 million LinkedIn account credentials. The same hacker is offering for sale 360 million emails and […]
Pierluigi Paganini
May 28, 2016
PaloAlto Networks has spotted a new campaign conducted by the Wekby APT that leverages on a malware that uses DNS requests for C2 communications. Security experts at Palo Alto Networks have spotted a China-linked APT group that has been using a strain of malware that leverages DNS requests for command and control (C&C) communications. The group […]
Pierluigi Paganini
May 27, 2016
A fourth Bank in Philippines was a victim of the SWIFT hackers and experts at Symantec confirmed the malware shares code with tools used by the Lazarus group. The list of banks victims of the SWIFT hackers is lengthening, a fourth bank in the Philippines has been a victim of the crew that targeted the SWIFT interbank transfer system. […]
Pierluigi Paganini
May 27, 2016
This article is an excerpt from the book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own. Click here to see what’s included in the book… When speaking with someone new to ISO 27001, very often I encounter the same problem: this person thinks the standard will describe in detail everything […]
Pierluigi Paganini
May 27, 2016
Today I propose you an interview with Sneaker, one of the members of the GhostSec crew. The Sneaker is a very intriguing expert involved in counterterrorism operations against the ISIL members online. Ghost Security (GhostSec) is an internationally-based counterterrorism group that specializes in intel collection, threat analysis and digital weapons. Its cyber operations consist of collecting actionable […]
Pierluigi Paganini
May 27, 2016
The security expert Chilik Tamir from Mi3 Security has devised a new attack dubbed SandJacking to install rogue apps on iOS devices. The security expert Chilik Tamir from Mi3 Security has devised some new attack methods that can be exploited by threat actors to install malicious apps on non-jailbroken iOS devices. Tamir presented his attack methods at […]
Pierluigi Paganini
May 26, 2016
Dozens of HTTPS-protected websites belonging to Visa are vulnerable to Forbidden Attack, nearly 70,000 servers are at risk. A new attack technique dubbed ‘Forbidden attack’ expose dozens of HTTPS Visa sites vulnerable to cyber attacks and roughly another 70,000 servers are at risk. A group of international researchers (Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, […]
Pierluigi Paganini
May 26, 2016
Leaked WPAD queries could result in domain name collisions with internal network naming schemes exposing corporate to MITM attacks. The U.S. Computer Emergency Readiness Team(US-CERT) issued the Alert (TA16-144A) to warn of leaked WPAD queries could result in domain name collisions with internal network naming schemes. The WPAD queries are intended for resolution on private or enterprise DNS […]
