Pierluigi Paganini
April 05, 2017
Cyber criminals launched a sophisticated cyber heist that compromised the entire DNS infrastructure of a major Brazilian Bank. A cyber criminal organization took over online service of a major Brazilian bank for five hours. The hackers compromised the bank DNS system and intercepted all the connections to the financial institution. According to Kaspersky Lab who […]
Pierluigi Paganini
April 05, 2017
Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group have demonstrated this week a new proof of concept ransomware attack aiming to erase (clear) the ladder logic diagram in Programmable Logic Controllers (PLCs). The ransomware a.k.a ClearEnergy affects a massive […]
Pierluigi Paganini
April 05, 2017
The firmware running on the Schneider Modicon TM221CE16R (Firmware 1.3.3.3) has a hardcoded password, and there is no way to change it. I believe it is very disconcerting to find systems inside critical infrastructure affected by easy-to-exploit vulnerabilities while we are discussing the EU NIS directive. What about hard-coded passwords inside critical systems? Unfortunately, it’s happened […]
Pierluigi Paganini
April 05, 2017
A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency patch update […]
Pierluigi Paganini
April 05, 2017
Security experts at CISCO Talos have spotted a new insidious remote access tool dubbed ROKRAT that implements sophisticated anti-detection measures. The ROKRAT RAT targets Korean users, people using the popular Korean Microsoft Word alternative Hangul Word Processor (HWP). In the past, we saw other attacks against people using the HWP application. The ROKRAT RAT was used […]
Pierluigi Paganini
April 04, 2017
Chrysaor spyware is an Android surveillance malware that remained undetected for at least three years, NSO Group Technology is suspected to be the author. Security experts at Google and Lookout spotted an Android version of one of the most sophisticated mobile spyware known as Chrysaor that remained undetected for at least three years. due to its […]
Pierluigi Paganini
April 04, 2017
Experts at Cylance disclosed two UEFI flaws that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. Experts at security firm Cylance have disclosed two UEFI vulnerabilities that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. The experts tested the latest firmware […]
Pierluigi Paganini
April 04, 2017
Experts at Kaspersky presented the findings of its research that definitively connect the Moonlight Maze cyber espionage campaigns to the Turla APT group. One year ago, the researcher Thomas Rid at the Security Analyst Summit disclosed the alleged links between the Moonlight Maze cyber espionage operation of mid 1990s and the Turla APT. Today at […]
Pierluigi Paganini
April 03, 2017
[By Cesare Burei, Margas on courtesy of @CLUSIT – Rapporto Clusit 2017 – All right reserved] Until the corporate Risk Managers dealing with Cyber Risk, and there are not many of these, start working at all levels, who shall be entrusted with the management of Cyber Risks and, more specifically, with the transfer of risk […]
Pierluigi Paganini
April 03, 2017
Japan plan to develop a hack proof satellite system to protect transmissions between satellites and ground stations with a dynamic encryption of data. Japan’s Internal Affairs and Communications Ministry plans to develop a communications system to protect satellites from cyber attacks. The hack proof satellite system will protect transmissions between satellites and ground stations implementing […]
