Digital ID

Pierluigi Paganini March 13, 2013
Censorship, governments and corporations enemies of internet

The use of technologies to support censorship is deplorable and condemnable but it must be considered that is a sad reality that has sustained the growth of a billionaire market. Many IT companies around the world are specialized in the providing of solutions used by authoritarian regimes to monitor internet use and persecute the opponents. […]

Pierluigi Paganini January 14, 2013
Nokia and the accusation of MITM attack

The charge is heavy, according to some experts, Nokia analyzes user’s traffic officially to increase performance compressing data on some of its mobile devices. According many experts the popular company is responsible of the hijacking of user’s traffic on its servers, that is the case for the Nokia Asha models, for this reason on internet […]

Pierluigi Paganini January 04, 2013
Turkey – Another story on use of fraudulent digital certificates

It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts. Microsoft has been immediately started the […]

Pierluigi Paganini September 30, 2012
Adobe Code Signing Certificate used to sign malware, who to blame?

It’s happened again, cyber criminals have stolen digital certificates related to companies recognized reliable to sign malicious code. This time the victim is Adobe and according its security chief, Brad Arkin, a group of hackers have signed malware using Adobe digital certificate obtained compromising a vulnerable build server that was used to get code validation […]

Pierluigi Paganini July 09, 2012
Cyberoam DPI vulnerability scares Tor

Last week, on was published the news relative to a security vulnerability found in Cyberoam DPI devices (CVE-2012-3372). All is started when a user in Jordan reported seeing a fake certificate to The certificate was issued by Cyberoam companies and the researchers of the Tor project believed that the CA has been tricked  […]

Pierluigi Paganini May 13, 2012
What is a digital signature? Fundamental principles

Private companies and governments agencies all around the word make huge investments for the automation of their processes and in the management of the electronic documentation. The main requirement in the management of digital documentation is its equivalence, from a legal perspective, to paperwork, affixing a signature on a digital document is the fundamental principle […]

Pierluigi Paganini April 13, 2012
Botnets and cyber warfare, a dangerous combination

The US Government is very close to the theme of warfare being among the countries that invest more in the field. In a cyber security context we can enumerate a huge quantity of cyber threats that daily are designed and enhanced, a heterogeneous world and that includes many different options that could harm military and […]

Pierluigi Paganini March 06, 2012
Mud against Anonymous using Zeus malware

Symantec company recently has disclosed the news that the collective Anonymous has deceived his supporters favoring the spread and installing of Zeus malware on their machines. The charge is heavy and would undermine the trust that underpins the recruitment methods of the collective, it seems that all supporters who have participated to various Distributed Denial of Service (DDoS) […]

Pierluigi Paganini February 14, 2012
Trustwave vs Mozilla community for MITM Digital Certificate

After the attacks against certification authorities such as VeriSign, Comodo and DigiNotar the level of confidence in the model based on certificates is in sharp decline. There is widespread accusations addressed to the PKI paradigm (public key infrastructure ) which is based on the concept to request to trusted and credited third parties to guarantee […]

Pierluigi Paganini January 14, 2012
Sykipot attacks U.S PKI infrastructures based on smart cards

In these hours on the web is turning the news of a cyber attack performed by a group of Chinese hackers against some U.S. Government Agencies. Once again, the weapon used against the strategic objectives is a cyber weapon, in particular it has been used a new version of the trojan Sykipot. Chinese hackers have […]