A group of experts  has conducted a research that demonstrates the type of data that can be gathered through the forensic study of WhatsApp. A new research conducted by forensic researchers at the University of New Haven (F. Karpisek of Brno University of Technology in the Czech Republic, and Ibrahim Baggili and Frank Breitinger, co-directors of the Cyber […]
The Google Project Zero hacker  James Forshaw assessed Windows 10 analyzing the big risks related with the new OS from Microsoft. James Forshaw, a member of the Google Project Zero hacking crew, was given the task to asses Windows 10, and see if there were big risks related with the new OS from Microsoft. Forshaw talked […]
A hacker belonging to the alleged group LulzSec has claimed responsibility for a DDoS attack that hit UK telecom TalkTalk this week, but … I’m following the events related to the data breach suffered by the TalkTalk company, this week the British company has publicly disclosed that four million subscribers  have been impacted by a âsustained […]
Researchers demonstrated how disable the airbags on a Audi TT (and others models) and other functions by exploiting a zero-day flaw in third-party software. Lately, many researchers proved that car manufacturers havenât addressed security vulnerabilities in modern vehicles properly and use of lots of embedded controllers and providing different external interfaces made it possible to […]
How much cost a zero-day for an industrial control system? Where is to possible to buy them and who are the main buyers of these commodities? We have discussed several times about the importance of zero-day in cyber attacks against computer systems, the exploitation of previously unknown vulnerabilities is a prerogative of well-funded hacking groups such as state-sponsored crews. […]
Now that it is known a critical flaw in the Diffie-Hellman key-exchange protocol was exploited by the NSA to break the internet encryption, how to stop it? Recently a group of researchers has revealed how the NSA has cracked HTTPS, SSH, and VPNs rely on the Diffie-Hellman encryption by exploiting a wrong implementation of the cryptographic algorithm. The […]
Imperva has discovered that attackers hijack CCTV cameras to launch powerful DDoS attacks exploiting weak credentials and poor configurations of IoT devices. Internet of Things devices are becoming privilege targets of threat actors that daily abuse of their resources to run cyber attacks or to organize frauds or to spy on unaware users. Unfortunately, most IoT devices […]
A security expert conducted a series of tests on the Fitbit trackers discovering how they can be infected with a malware in just 10 seconds. The security researcher Axelle Apvrille revealed that infect Fitbit trackers with a malware is too easy. Axelle Apvrille has managed to infect FitBit Flex fitness tracker and uses them as infection […]
Serious flaws in the Network Time Protocol can be exploited to cause severe outages, eavesdrop encrypted communications, bypass authentication processes. Bad news for network administrators, new attacks on Network Time Protocol can defeat HTTPS and create serious problems. The bugs exploited in the attacks was discovered by the experts at the Cisco’s Talos group that has been working […]
Experts at Netcraft discovered that nearly a million SSL SHA-1 certificates were signed with the potentially vulnerable SHA-1 hashing algorithm. Businesses Using Millions of Flawed Certificates, the news is shocking and refers the adoption of SHA-1 certificates, despite the algorithm is considered no more secure. Many big businesses, including firms like Deloitte, are still using SHA-1 certificates, […]