Hacking

Pierluigi Paganini July 30, 2015
BLEkey – How to Clone RFID cards with a $10 device

Accuvant researchers will be releasing an open source piece of hardware dubbed BLEkey that can be used to circumvent these RFID card readers. Do you require to pass a card into a device to enter in your company’s office?  Most probably you are using a card based on Radio-Frequency Identification (RFID) technology to grant the […]

Pierluigi Paganini July 30, 2015
United Airlines reportedly hacked by same APT that breached OPM, Anthem

United Airlines reportedly hacked by same APT that breached OPM, Anthem. Let’s try to understand why and which are the risks for the US citizens. A Chinese APT group  believed to be responsible for a series of high-profile data breaches that affected the U.S. Office of Personnel Management, the Anthem, and more recently the United Airlines. According the media […]

Pierluigi Paganini July 30, 2015
A part of an unclassified Pentagon email network taken down over suspicious activity

Part of a Pentagon email network taken down over suspicious activity, the US authorities are investigating on the alleged intrusion. New problems for the White House emerges from the cyberspace, a portion of the Department of Defence’s email network has been taken down over suspicious activity. According to Pentagon spokeswoman, the unclassified email network used by […]

Pierluigi Paganini July 29, 2015
Bitphone, the “untraceable” voIP service

Let’s explain what makes the new Bitphone VoIP service, a perfect tool to perform some social engineering calls. Bitphone is a new VoIP service, a perfect tool to perform some social engineering calls, but why? Bitphone is like a Payphone, the only difference is that in this case you need to pay it with bitcoins […]

Pierluigi Paganini July 29, 2015
Disclosed critical vulnerabilities affecting the PHP file Manager

PHP File Manager was affected by several critical vulnerabilities for nearly 5 years, according to the security consultant Sijmen Ruwhof. In July 2010 Ruwhof was looking for a web base file manager that he could use in his own web server when he came across with PHP file Manager. At the time, he found out […]

Pierluigi Paganini July 29, 2015
Experts discovered a new Google Drive phishing campaign

Experts discovered a new Google Drive phishing campaign in which the threat actors deployed phishing web pages on Google Drive. Once again phishers exploited Google’s reputation running a phishing campaign aimed to steal user Google credentials and access to the multitude services offered by the company. The new phishing campaign was discovered by the security […]

Pierluigi Paganini July 28, 2015
Darkode black market back online with security improvements

The administrator of the popular Darkode hacking forum announced that the platform will back online soon with new security improvements. A few days ago Darkode, a black market specialized in the sale of exploit kits and hacking tool was shut down by an international operation of law enforcement. A joint operation run by the FBI and other […]

Pierluigi Paganini July 28, 2015
Just a basic low-end mobile phone needed to hack Air-Gapped computer

Security researchers from Israel proved that hacking most secure Air-gapped computers that typically are used in sensitive work environments, is possible just via a low end basic phone. Mostly nuclear power plants and other sensitive work environments that tend to have strict security, go with making use of the air-gapped computers and preventing their workers […]

Pierluigi Paganini July 27, 2015
Stagefright, just a message to hack 950 Million Android devices

Android users are threatened by a new vulnerability dubbed Stagefright in the popular Google mobile OS, which allows hackers to gain control of the system without raising suspicion.  Another disconcerting aspect of the Stagefright flaw is that it potentially affects 95% of Android devices running version 2.2 to 5.1 of the Google OS (roughly 950 million smartphones […]

Pierluigi Paganini July 26, 2015
Security Affairs newsletter Round 19 – Best of the week from best sources

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. Russian APT launched a new phishing campaign on the Pentagon Dead NIS agent left note denying spying on SK population Microsoft to spoofed Skype users: Change your account passwords […]