Hacking

Pierluigi Paganini November 13, 2014
BadUSB update, it is hard to discriminate patchable USB devices

The researcher Karsten Nohl and his team presented an update on their BadUSB study.It is impossible to discriminate patchable devices from unpatchable ones. Earlier August 2014 the security expert Karsten Nohl and his team discovered that an attacker could exploit a new class of attacks based on a USB device to compromise a targeted machine. […]

Pierluigi Paganini November 10, 2014
Manual phishing attacks are the simplest and most effective hacking technique

A study published by Google demonstrates that manual phishing attacks are the simplest and most effective method for hacking email accounts. A study recently published by Google demonstrates that so-called manual phishing attacks are the simplest and most effective method for hijacking users’ email address. Let’s consider that the manual phishing attacks, as suggested by the name, doesn’t use […]

Pierluigi Paganini November 08, 2014
Belkin n750 router affected by a serious root access flaw. Upgrade the firmware now

The security researcher Marco Vaz discovered a serious vulnerability in Belkin n750 router that could be exploited to gain root access on affected devices. A serious flaw in a Belkin router could be exploited locally by an unauthenticated attacker to gain full control over affected devices. The company has already issued a patch to fix […]

Pierluigi Paganini November 05, 2014
Two Linksys routers running SMART Wi-Fi Firmware are still vulnerable to remote attacks

Two models of Linksys routers running SMART Wi-Fi Firmware remain vulnerable to a pair of vulnerabilities recently patched by the company. Linksys EA2700 and EA3500 are the two routers running Linksys SMART Wi-Fi firmware that are still affected by a couple of vulnerabilities recently patched in different models of the Belkin-owned networking gear. On October 31th, […]

Pierluigi Paganini November 04, 2014
uIP and lwIP DNS resolver exposed to cache poisoning attacks

The DNS resolver implemented in the open source TCP/IP stacks uIP and lwIP is vulnerable to cache poisoning, the flaw could be exploited to divert traffic to malicious websites. The security researcher Allen D. Householder has reported  a serious vulnerability related to the uIP and lwIP DNS resolver, according to the Vulnerability Note VU#210620 it is exposed to cache […]

Pierluigi Paganini November 04, 2014
China unveils laser defense system that could shoot down small drones in a few seconds

Chinese authorities unveil the development of a new highly accurate laser defense system that is able to shoot down small drones in a few seconds. The Chinese Government has completed the development of a new weapon that is able to hit and shoot down small drones and aircraft in a few seconds. The China has successfully tested a highly […]

Pierluigi Paganini November 03, 2014
A security audit reveals that TextSecure app is vulnerable to Unknown Key-Share Attack

A group of researcher that audited the popular TextSecure Private Messenger app discovered that it is vulnerable to Unknown Key-Share attacks. The documents disclosed by Eduard Snowden on surveillance activities has caused a spike in the demand of privacy tools and solutions like the TextSecure Private Messenger app that we sill discuss in this post. TextSecure is a […]

Pierluigi Paganini October 31, 2014
ASUS Wireless Routers RT Series updates vulnerable to a Man in the Middle attack

The security expert David Longenecker discovered that the update process for ASUS Wireless Routers RT Series is vulnerable to Man-in-the-Middle attacks.  The security expert David Longenecker discovered that ASUS Wireless Routers RT Series are vulnerable to Man-in-the-Middle attacks. The researcher explained that that the routers download updates via HTTP without an encryption protocols as explained in the blog post by Longenecker. […]

Pierluigi Paganini October 30, 2014
Drupal community under attack due to a critical SQL injection flaw

A security advisory issued by Drupal assumes that every installation of the popular CMS based in the version 7.x was compromised unless patched. Earlier this month, Drupal patched a critical SQL injection vulnerability (CVE-2014-3704) that exists in all Drupal core 7.x versions up to the recently-released 7.32 version, which fixed the issue. There is an emergency in the […]

Pierluigi Paganini October 27, 2014
The Fappening part 6 is out … a boring saga

The part 6 of the Fappening archive is online, it includes image of Nicola Peltz, Krysten Ritter, Angie Miller, Aubrey Cleland and Tobie Perciva. The effects of the Fappening, aka the iCloud Hack, are still evident in the cyberspace. Relentless hackers have released over the weekend a new archive, it is the part 6 of the […]