Pierluigi Paganini
November 06, 2016
The databases of the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya were leaked online by two grey hat hackers. Today I was contacted by a security pentester who goes online with the moniker Kapustkiy who revealed me to have breached the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya. Kapustkiy and his friend Kasimierz (@Kasimierz_) told […]
Pierluigi Paganini
November 06, 2016
Experts from Heimdal Security reported a recent LinkedIn phishing campaign aiming to collect confidential information from unsuspecting users. Phishing attacks continue to be a serious threat, crooks exploit paradigms such as social medial platforms and mobile in the attempt of stealing sensitive data.According to 2015 Verizon Data Breach Investigation Report, 23% of email recipients open […]
Pierluigi Paganini
November 06, 2016
Security researchers at Skycure have discovered a new commodity Android Spyware, dubbed Exaspy, targeting high-level executives. While in many countries the number of Smartphone and Tables is greater of desktop PC, new threats are targeting mobile devices. Researchers at Skycure have discovered a new strain of Android spyware, dubbed Exaspy, that has been used in targeted attacks against […]
Pierluigi Paganini
November 03, 2016
Cisco Talos group analyzed the evolution of the Sundown exploit kit that over the past six months has become responsible for a large number of infections. Over the past months, the threat landscape for exploit kits is rapidly changing. Angler EK, Neutrino EK, and Nuclear EK that for years monopolized the criminal underground disappeared. Now, […]
Pierluigi Paganini
November 01, 2016
The British Government announces an active defence posture in response to nation-state cyber attacks, Chancellor warns UK will retaliate against attacks. Hacking back, or “active defence” as security experts prefer to call it, is becoming a high debated argument. While the number of cyber attacks continues to increase and attackers are using even more sophisticated techniques, many Governments […]
Pierluigi Paganini
November 01, 2016
Google has disclosed a Windows zero-day vulnerability after 7-day deadline it gives vendors when the flaw is actively exploited in the wild by hackers. Google has once again publicly disclosed a zero-day vulnerability affecting current versions of Windows operating system  and Microsoft still hasn’t issued a patch. Yes, you’ve got it right! There is a […]
Pierluigi Paganini
November 01, 2016
A former employee of the Office of the Comptroller of the Currency downloaded 10,000 records onto thumb drives before his retirement in November 2015. On Friday, the USÂ banking regulator told Congress about a potential “major information security incident” after it discovered that a former employee has downloaded a large number of files onto thumb drives […]
Pierluigi Paganini
October 31, 2016
The Chinese APT Lotus Blossom is trying to lure victims with fake invitations to Palo Alto Networksâ upcoming Cybersecurity Summit. The Chinese APT Lotus Blossom, also known as Elise and Esile, is behind a new cyber espionage campaign that is trying to lure victims with fake invitations to Palo Alto Networksâ upcoming Cybersecurity Summit. With this […]
Pierluigi Paganini
October 31, 2016
Experts from the firm Sucuri observed a spike in the number of attacks in less than 24 hours after Joomla released patches for two critical flaws. On October 25, Joomla released the version 3.6.4 to fix two high severity vulnerabilities, CVE-2016-8870, and CVE-2016-8869. The first flaw, tracked as CVE-2016-8870, could be exploited by attackers to create user accounts even if […]
Pierluigi Paganini
October 31, 2016
An 18-year-old man from Arizona, Meetkumar Hiteshbhai Desai, was arrested this week because he is suspected for the severe disruption of 911 service. A few weeks ago, a group of researchers from Ben-Gurion University of the Negev’s Cyber-Security Research Center demonstrated how it is possible to significantly disrupt the US’ 911 emergency call system. An attacker […]
