Pierluigi Paganini January 06, 2013
Zero-day vulnerability in Symantec PGP Whole Disk Encryption

IT community become familiar with the concept of zero-day vulnerability, no matter if it is related to SCADA system or mobile phone firmware, it could allow a hacker to silently interfere with user’s life, exposing it to serious risks. This time the product affected by the vulnerability is produced by Symantec, it is PGP Whole […]

Pierluigi Paganini January 03, 2013
Hackers, a need for cyber security

Ten years, that is the time interval that has totally changed the worldwide perception for the role of hacker, these specialists were once seen as shady individuals to avoid, today they are highly sought professionals in both private business and government sectors. Which are the reasons for their success? The world has acquired awareness on […]

Pierluigi Paganini January 01, 2013
29C3 Chaos Communication Congress.What do USB memory sticks say?

The Chaos Communication Congress is an annual meeting of international hackers organized by the Chaos Computer Club (CCC), one of the world’s biggest hackers organizations. The CCC group, that describes itself as “a galactic community of life forms, independent of age, sex, race or societal orientation, which strives across borders for freedom of information….”, is known for its effort in the fight […]

Pierluigi Paganini December 30, 2012
Hacktivism and web monitoring in 2013 for Security Affairs

The year is ending and it’s very easy to read forecast for next year, experts are sure that we will assist to a sensible increase of state-sponsored attacks and to the raise of sophisticated malware, both cyber threats will exploit large scale channels such as mobile and social networks. The majority of forecast are focused […]

Pierluigi Paganini December 23, 2012
Have you been hacked? … you must disclose it!

During 2009 it was revealed that one of the primary defense contractor BAE Systems was hacked causing the exposure of sensible information on F-35 fighter jet. The reserved information were obtained by a group of hackers who accessed to internal server of the contractor, but BAE Systems admitted it only in 2012. The attackers were […]

Pierluigi Paganini December 22, 2012
Accessing to PGP, TrueCrypt, and BitLocker encrypted containers with a £300 tool

The news was a bolt from the blue, the confidentiality of our data is at risk, Russian company Elcomsoft has announced that its software tool Elcomsoft Forensic Disk Decryptor is able to decrypt encryption containers created with  TrueCrypt, PGP and BitLocker To Go. These software are considered the most common and reliable tools used by […]

Pierluigi Paganini December 21, 2012
US develop exploitation methods for mobile devices while refuse UN treaty

Just one week ago a UN treaty was approved to update 24-year-old United Nations telecommunications rules. The agreement states that countries have the right to access international telecommunications services and control them to prevent cybercrimes such as spamming. The downside is that the UN treaty could open the doors to attitudes of censorship of governments […]

Pierluigi Paganini December 20, 2012
New attacks against banking, cyber Jihad or cyber warfare acts?

Last week the hacker group known as “Izz ad-Din al-Qassam Cyber Fighters” announced a series of attacks against principal banking and financial institutions publishing a message on Pastebin profile. The principal targets include organizations such as U.S. Bancorp, JPMorgan Chase&co, Bank of America, PNC Financial Fervices Group, and SunTrust Banks. In the period between the […]

Pierluigi Paganini December 18, 2012
Saudi Aramco, war of information on the cyber attack

Last summer a series of cyber attacks hit energy sector, one of the world’s largest oil companies the Saudi Aramco was attacked by a group named the Cutting Sword of Justice. Hackers used the Shamoon malware to attack the systems of the company, fortunately, production environment wasn’t impacted. The malware is able to wipe files from […]

Pierluigi Paganini December 16, 2012
Korean cyber espionage campaign against Russia

Cyber espionage is worldwide recognized one of the most concerning cyber threats mainly operated by governments to steal sensible information to foreign states and private companies. FireEye has revealed a cyber espionage campaign, named “Sanny“, attributable to Korea that hosts command-and-control (C&C) servers used in the attacks, the C&C channel is embedded on a legitimate page […]