Hacking

Pierluigi Paganini July 18, 2014
A major cyber attack hits Nasdaq systems to destroy US Finance

Russian hackers hit Nasdaq critical systems with with a malware-based attack with the primary intent to sabotage the U.S. financial world. It was October 2010 when the FBI started an investigation on alleged malware-based cyber attacks against on Nasdaq, probably related to the operation of a state-sponsored group of hackers. After more than 12 months in which […]

Pierluigi Paganini July 17, 2014
Cisco Wireless Residential Gateway Remote Code Execution flaw

Multiple Cisco Wireless Residential Gateway products are affected by a critical flaw that could allow a remote attacker to hijack the devices. A security vulnerability affects multiple Cisco wireless residential Gateway products, the flaw resides on the web server an could be exploited by a remote attacker to hijack the network appliance. The flaw, ranked […]

Pierluigi Paganini July 17, 2014
MS Active Directory could allow an attacker to impersonate victims

Experts at Aorato have discovered a flaw in MS Active Directory that could allow an attacker to conduct a pass-the-hash attack to change a victim’s password. The Israel-based security firm Aorato has recently discovered a flaw in Microsoft’s Active Directory (AD) that could allow an attacker (via “pass-the-hash” attack) to change a victim’s password and access a […]

Pierluigi Paganini July 16, 2014
OpenVPN Desktop client affected by a critical CSRF flaw

Researchers at SEC Consult have discovered a CSRF vulnerability in the OpenVPN Desktop Client that can allow remote code execution. Security researchers at SEC Consult have discovered a CSRF flaw in the OpenVPN Desktop client and promptly reported it to the company in May. OpenVPN Desktop Client for its Access Server is an SSL VPN for a variety […]

Pierluigi Paganini July 16, 2014
Project Zero – Google is hiring the hacking excellence to improve Internet security

Project Zero is the new initiative announced by Google. The company is hiring the top security experts to make the Internet a more secure place. Google has publicly announced a new program called “Project Zero,” an ambitious project which involves a team of Star Hackers and Bug Hunters with the purpose to improve security of the […]

Pierluigi Paganini July 15, 2014
GCHQ JTRIG Tools and Techniques for propaganda and internet deception

Edward Snowden leaked a top-secret GCHQ document which details the operations and the techniques used by JTRIG unit for propaganda and internet deception. The JTRIG unit of the British GCHQ intelligence agency has designed a collection of applications that were used to manipulate for internet deception and surveillance, including the modification of the results of the […]

Pierluigi Paganini July 14, 2014
Chinese Executive charged of hacking on Boeing and other defense contractors

Chinese Executive charged of Hacking on Boeing and other defense contractors to steal military data and advanced technologic projects. According to a US criminal complaint, computers of Boeing and other military contractors have been hacked to steal intellectual property and trade secrets on transport aircraft. The initial attacks against Boeing probably occurred between Jan 14th and […]

Pierluigi Paganini July 13, 2014
Pitty Tiger – small ATPs scare private companies

Security researchers at AIRBUS have uncovered a new APT, named Pitty Tiger, involved in a cyber espionage campaign which targeted mainly private companies. Security experts at AIRBUS Defence & Space – CyberSecurity unit have recently disclosed the results of their investigation on a new APT dubbed Pitty Tiger involved in a cyber espionage campaign which targeted mainly private companies. Also in […]

Pierluigi Paganini July 12, 2014
Gmail App for iOS vulnerable to Man-in-the-Middle Attacks

Security experts at Lacoon discovered a vulnerability in the Gmail iOS app which enables a bad actor to perform a Man-in-the-Middle. Google Gmail application for iOS is exposed to risks of  Man-in-the-Middle (MitM) attacks which allow bad actors to monitor encrypted email communications. An expert at mobile security firm Lacoon has discovered that version of Gmail […]

Pierluigi Paganini July 11, 2014
Chinese hackers violated systems at the Office of Personnel Management

The New York Times revealed that in March Chinese hackers hacked systems at Office of Personnel Management stealing files of thousands of  Federal employees According to the New York Times, senior American officials revealed that a group of Chinese hackers violated the computer networks of the United States government agency in March. The Chinese bad actors hacked US government systems […]