Breaking News

Pierluigi Paganini October 08, 2015
Iranian Cleaver hackers exploit LinkedIn for cyber espionage

The Cleaver group is once again in the headlines managing a well-developed network of fake LinkedIn profiles for cyber espionage purpose. Do you remember the Iran-based APT Cleaver? In December the security firm Cylance released a detailed report on the hacking Operation Cleaver that was run by state-sponsored hackers linked to the Iran. The Iranian hackers targeted critical infrastructure worldwide, ten of which […]

Pierluigi Paganini October 08, 2015
Researcher claims Microsoft CID exposed in plain text

Microsoft web applications, such as Outlook or OneDrive and account pages, expose visitors’ Microsoft Identifier (CID) in plain text. A Chinese developer, which uses the pseudonym of ramen-hero, discovered that Outlook.com, OneDrive, and Microsoft’s account pages use a unique user identifier known, also known as CID, in their web applications. The Microsoft CID is a 64-bit integer used […]

Pierluigi Paganini October 07, 2015
Hacking enterprise wireless Printers with a drone or a vacuum cleaner

A group of researchers from the iTrust has demonstrated how to use a Drone to intercept wireless printer transmissions from outside an office building. Recently I wrote a blog post on the Infosec Institute titled “Modern Physical Security Awareness Is More Than Dumpster Diving” where I explain how the concept of physical security is evolving […]

Pierluigi Paganini October 07, 2015
Don’t throw away your old Boarding Pass, it may contain personal information

Don’t throw away your old Boarding Pass, it may contain personal information that could allow attackers to run targeted attacks on you! Don’t throw away your old Boarding Pass, it may contain personal information. After finishing your trip, the boarding pass becomes useless, but does that mean that you should throw it in the garbage? […]

Pierluigi Paganini October 07, 2015
The Angler Exploit Kit Exposed: Making $60 Million Annually by Delivering Ransomware

The Cisco Talos Group has performed in-depth research on the threat actors behind the Angler Exploit Kit, and even had behind-the-scenes access. The Cisco Talos Group has performed in-depth research on the threat actors behind the Angler Exploit Kit, and even had behind-the-scenes access, allowing statistical information as well as Angler’s inner-workings to be examined. Note that […]

Pierluigi Paganini October 07, 2015
Experts discovered the attack platform used by the Winnti Group

Experts at Kaspersky have discovered that Winnti Group has enhanced its attack platform infecting organizations in South Korea, UK and Russia. In 2013, security experts at Kaspersky Lab uncovered a cyber espionage that targeted the gaming industry with a malware signed with a valid digital certificate. The threat actor behind the campaign was dubbed the Winnti group, […]

Pierluigi Paganini October 06, 2015
The Smurf Suite – GCHQ can hack your phone with a text message

Snowden told the BBC’s Panorama that the GCHQ has developed a hacking suite dubbed Smurf Suite, it can hack any mobile by sending an encrypted text message. There is no way to stop secret services spying on users’ Smartphones, this is the last revelation of the US whistleblower Edward Snowden. Snowden told the BBC’s Panorama that the […]

Pierluigi Paganini October 06, 2015
Civil nuclear facilities worldwide at risk of cyber attack

The nuclear industry is still unprepared to respond cyberattacks exposing civil nuclear facilities worldwide at risk of cyber attacks. Civil nuclear facilities worldwide are privileged targets for cyber attacks, according to a new report published this week by the Chatham House. The Stuxnet attack that targeted Iranian nuclear facilities demonstrated the risks for cyberattacks, for the first […]

Pierluigi Paganini October 06, 2015
Attackers hack into Outlook Web App (OWA) Server for access to organization network

Researchers have discovered an advanced malware that can breach organizations by infecting their Outlook Web Application (OWA) mail server. According to the experts at the Cybereason security firm threat actors breached an unnamed organization network and maintained persistence for months via a webmail server. The victim was a midsize public services company based in the […]

Pierluigi Paganini October 06, 2015
Is the North Korea behind the attack on the Seoul Subway Operator?

According to the Government of Seoul, the North Korea is the main suspect for a cyber attack that last year hit the South Korean capital’s subway system. The attack, staged between March and August 2014, affected several servers of Seoul Metro, which runs four major subway lines, According to the ruling party legislator Ha Tae-Kyung […]