Pierluigi Paganini
April 23, 2016
The native Windows command-line utility Regsvr32 can be exploited to bypass MS Applocker and run remote code bypassing protection mechanisms. A security researcher recently discovered a vulnerability that may very well reap chaos in the Windows world, it can be used to bypass whitelisting protections such as Microsoft’s AppLocker. The Microsoft digitally-signed binary is a […]
Pierluigi Paganini
April 22, 2016
Facebook hacked! The security expert Orange Tsai discovered the presence of a malicious webshell on one of the company servers. The security expert Orange Tsai from the DevCore firm has found a malicious web shell on Facebook Server. The researcher was analyzing the Facebook’s infrastructure when noticed a domain called files.fb.com. Intrigued, the expert has tried to access […]
Pierluigi Paganini
April 22, 2016
FBI Director Comey explained at the Aspen Security Forum in London that the Agency paid more than $1.3 million to break into San Bernardino shooter’s iPhone. FBI Director Comey explained at the Aspen Security Forum in London that the Agency paid more than $1.3 million to break into San Bernardino shooter’s iPhone The FBI vs […]
Pierluigi Paganini
April 21, 2016
According to a research conducted by IBM the healthcare industry was a privileged target of cybercriminals last year, more than 100M Records Compromised. The healthcare industry was the number one target of cybercriminals in 2015, new research indicates. Previously, the banking industry held the top position. In 2015, more than 100 million healthcare records were […]
Pierluigi Paganini
April 21, 2016
The Australian government has presented his Cyber Security Strategy and admitted the ability to conduct offensive cyber operations. The Australian Government announced its cyber security strategy that includes AU$230 million spending over four years to improve the resilience to cyber attacks of the national critical infrastructure. The strategy is very complete, it includes defensive aspects […]
Pierluigi Paganini
April 20, 2016
Security researchers at the MIT designed an Artificial Intelligence system called AI2 that is able to detect 85 percent of attacks. While the number of cyber attacks continues to increase it is becoming even more difficult to detect and mitigate them in order to avoid serious consequences. A group of researchers at MIT’s Computer Science […]
Pierluigi Paganini
April 19, 2016
Security experts eavesdropped and geographic tracked a US Congressman only using his phone number by abusing the SS7 protocol. Hackers eavesdropped and geographic tracked a US Congressman only using his phone number. Security experts will be no surprised, I wrote many articles on the topic explaining that security flaws in the SS7 protocol could be exploited by an attacker to […]
Pierluigi Paganini
April 19, 2016
Experts analyzed a dozen attacks that leveraged on malicious RTF documents created using the same Four Element Sword builder. Security experts at Arbor Networks’ Security Engineering and Response Team (ASERT) have spotted a tool used in advanced persistent threat (APT) attacks against organizations in East Asia. The researchers have analyzed a dozen attacks that leveraged on malicious Rich […]
Pierluigi Paganini
April 19, 2016
IBM Security has warned the WordPress community about a spike in the number of attacks leveraging a specific variant of the PHP C99 Webshell. Security experts at IBM reported a spike in the number of cyber attacks pushing a variant of the popular C99 webshell in February and March, a 45 percent increase compared to the previous period. […]
Pierluigi Paganini
April 18, 2016
A group of experts at VoidSec used a Grey Box approach to assess the security posture of some important aspects of Avactis PHP Shopping Cart. Avactis is an open source ecommerce Shopping Cart platform most used in US and UK. Security experts from VoidSec analyzed the e-commerce software discovered an impressive number of vulnerabilities. The group of experts […]
