Breaking News

Pierluigi Paganini March 24, 2015
Chinese CA issued bogus digital certificates for Google domains

Google security team has recently discovered and blocked fraudulent digital certificates issued for several Google domains by a Chinese CA. On March 20, Google security team has discovered and blocked fraudulent digital certificates issued for several Google domains. The investigation revealed that a Chinese certificate authority was using an intermediate CA, MCS Holdings, that issued the bogus […]

Pierluigi Paganini March 24, 2015
A Large Number of Hacking Vulnerable Routers Have Been Released to the Public

Thousands of routers exposed on the Internet by the ISPs are vulnerable to hacking and consequence of attacks on a large scale could be dramatic. ISPs have provided at least 700,000 ADSL routers to the public and unfortunately these kinds of routers have been really vulnerable to every possible hacker who wants to gain the […]

Pierluigi Paganini March 24, 2015
Adobe CVE-2011-2461 flaw is exploitable by 4 years although it was fixed

Security experts discovered that the Adobe CVE-2011-2461 vulnerability is exploitable by at least four years despite the company has issued a patch. Four years ago Adobe released a patch for the vulnerability CVE-2011-2461 that was affecting the Adobe Flex SDK 3.x and 4.x. The flaw was a cross-site scripting (XSS) vulnerability that allowed remote attackers to inject arbitrary […]

Pierluigi Paganini March 23, 2015
Some models of Cisco IP Phones vulnerable to eavesdropping

Chris Watts discovered a security flaw affecting some models of Cisco IP Phones that could be exploited to eavesdrop on conversations and make phone calls. Some models of Cisco IP phones for small businesses are affected by a vulnerability, coded as CVE-2015-0670 that could be exploited by a remote attacker to eavesdrop on conversations and make phone calls […]

Pierluigi Paganini March 23, 2015
Ghost blogging platform affected by multiple vulnerabilities

A group of researchers from Voidsec have found six vulnerabilities in the Ghost blogging platform that allow privilege editing and DoS. Six vulnerabilities have been found affecting Ghost, the blogging platform coded in the Node.js born on October 2013. These vulnerability were discovered on January 26 by a group of researcher from Voidsec (voidsec, bughardy […]

Pierluigi Paganini March 23, 2015
New Dridex malware evades detection with AutoClose function

Security experts at Proofpoint have discovered a new phishing campaign that exploits a Dridex variant that evades detection with AutoClose function. Criminal crews behind the Dridex banking malware are very prolific and are improving the popular malicious code. Recently we have discussed about a Dridex variant which was spread through phishing messages with Microsoft Office documents embedding malicious macros. The attackers exploited social engineering technique to lure […]

Pierluigi Paganini March 23, 2015
ISIS cell calls on supporters to kill 100 US military personnel

A cell of the ISIS has called on its members and backers in the US to kill 100 service members whose names, photos and addresses it posted online. The ISIS continues to scare the West, its operations are supported by a very aggressive media campaign that shares proclamations and recruit new followers in the name […]

Pierluigi Paganini March 22, 2015
CONNECTED CARS: Which are risks for automated vehicles?

Findings reveal that there is a clear lack of appropriate security measures to protect drivers of a connected car against hackers. “Findings reveal that there is a clear lack of appropriate security measures to protect drivers against hackers who may be able to take control of a vehicle or against those who may wish to […]

Pierluigi Paganini March 22, 2015
PoSeidon the most sophisticated PoS malware until now

Cisco Security Team has spotted in the wild a new Point-of-Sale malware dubbed PoSeidon that is more sophisticated than previously detected PoS malware. Expert at Cisco have discovered a new Point-of-Sale (PoS)  malware dubbed PoSeidon. The experts have discovered many similarities with the popular Zeus Trojan and use sophisticated methods to find card data respect other POS malware like BlackPoS, which was used […]

Pierluigi Paganini March 22, 2015
Just a unicode string of 13 characters to crash Mac Chrome tab

A developed has discovered that just visiting a page including an unicode string of 13 characters it is possible to crash Mac Chrome tab. While at last pwn2own hacking competition security experts have demonstrated that is quite easy to hack major browsers, another bad news is circulating online for Apple users using Chrome, a sequence of […]