Pierluigi Paganini
September 07, 2015
Security experts at Vulnerability Lab have discovered a restriction filter bypass vulnerability affecting the PayPal mobile app. Under specific conditions, PayPal can ask users to confirm their identity to prevent frauds. When users are asked to verify their identity, their account is not accessible and in order to unblock it PayPal request them to make […]
Pierluigi Paganini
September 07, 2015
The Government of Beijing has arrested nearly 15,000 people involved in cybercrime as part of the operation “Cleaning the Internet.” The Chinese authorities have arrested nearly 15,000 people involved in criminal activities online as part of the operation against the cybercrime is dubbed “Cleaning the Internet.” The Chinese Government accused the suspect to have “jeopardized Internet security.” According […]
Pierluigi Paganini
September 07, 2015
The expert Kristian Erik Hermansen disclosed a zero-day flaw in the FireEye core appliance that could be exploited to gain remote root file system access. Yesterday security researcher Kristian Erik Hermansen disclosed a zero-day vulnerability in the FireEye core appliance that could be exploited to gain remote root file system access. Hermansen told to CSOonline that he […]
Pierluigi Paganini
September 07, 2015
The CERT_org issued an alert on Seagate wireless disks because they contain multiple flaws that could be exploited to download their entire content. CERT.org issued a warning related Seagate wireless disk because they include a hidden login, most exactly a Telnet services that is not documented. This security issue allows anonymous attackers to download every file on […]
Pierluigi Paganini
September 07, 2015
Fiat Chrysler has recalled nearly 8,000 Jeep Renegade SUVs in the US to update the software that could be exploited by attackers to hack the vehicles. No peace for Fiat Chrysler Automobiles after the disclosure of the attack against its Jeep Cherokee model made by the popular hackers Charlie Miller and Chris Valasek. The duo of […]
Pierluigi Paganini
September 07, 2015
Security researchers have observed a spike in extortion attempts and phishing campaigns against the Ashley Madison users … are they effective? The hack of the Ashley Madison website has demonstrated us how much dangerous could be a cyber attack against a website that manage sensitive and confidential information of millions users. The disclosure of the Ashley Madison dump has […]
Pierluigi Paganini
September 06, 2015
The US Justice Department issued guidelines for StingRay Surveillance devices, new rules define aim to ensure privacy protection and transparency. Do you know what is a StingRay? If you want further details give a look to a post I wrote for the Infosec Institute on the StingRay Technology: “StingRay is an IMSI-catcher (International Mobile Subscriber […]
Pierluigi Paganini
September 06, 2015
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. Report: How Iranian hackers attempt to takeover your Gmail How Employees Become Pawns for Hackers Point-of-Sale Payment Security Teenagers arrested after using the Lizard Squad DDoS tool Friday beers […]
Pierluigi Paganini
September 06, 2015
The CSIS Security Group has spotted a new version of the notorious Carbanak Trojan in the wild targeting financial organizations in Europe and US. Do you remember the Carbanak gang? In February, researchers from Kaspersky discovered that a multinational gang of hackers dubbed Carbanak that swiped 1 Billion dollars from 100 financial institutions across 30 countries, most of the […]
Pierluigi Paganini
September 06, 2015
The decision of Fiat Chrysler for providing a software update via Mailed USB is considered disconcerting for the security industry. Do you remember the hack of the Fiat Chrysler Jeep? In response to the disclosure of the details of the successful attack, the company recalled nearly 1.4 vehicles in the US in order to update the firmware running […]
