Hacking

Pierluigi Paganini December 16, 2014
Sony Pictures Entertainment is fighting back

Sony Pictures is adopting various measures to contains damages including a “fighting back” activity against website that share the stolen data. We will talk about the Sony Pictures data breach for a long time, the cyber attacks conducted by the GOP hacking team is causing serious damages to the company. It is early to estimate the overall economic impact […]

Pierluigi Paganini December 16, 2014
Worm exploits Shellshock to infect QNAP systems

Security experts at Sans Institute discovered a worm which exploits the popular Shellshock flaw to compromise QNAP systems in the wild. Experts at Sans Institute have discovered a new series of attacks in the wild exploiting the Shellshock attack code to compromise disk storage systems made by the Taiwan-based QNAP firm. The threat actors used […]

Pierluigi Paganini December 15, 2014
SoakSoak Malware infected more than 100,000 WordPress Websites

Google blacklisted over 11000 domains that were infected with this SoakSoak malware which redirect user traffic and download malicious payloads on targets. WordPress is one of the most popular content management system (CMS) with more than 70 million websites on the Internet. For this reason, it is under continuous attack by threat actors that try to […]

Pierluigi Paganini December 15, 2014
Fixed a critical flaw in Blogger that allows to write posts on any blog

A security expert discovered a critical CSRF vulnerability in Blogger.com that allows an attacker to write posts in any blog hosted on the popular platform. The Egyptian security expert Mazen Gamal Mesbah (@MazenGamal) has discovered a critical CSRF (Cross-site request forgery) vulnerability in the free weblog publishing tool Blogger.com. The vulnerability could be exploited by an attacker to write posts […]

Pierluigi Paganini December 13, 2014
Serbia – Hackers claimed to have stolen the entire national database

A group of hackers claims to have compromised the national database system stolen all information related to citizens resident in Serbia. Hackers claim to have data about all citizens in Serbia, if the news is confirmed this is another clamorous data breach that could have serious repercussion on the Government. It seems that cyber criminals hacked […]

Pierluigi Paganini December 11, 2014
Vulnerabilities In Alibaba threatens security of million users

Numerous vulnerabilities in Alibaba’s eCommerce platform compromised the account details of millions of Merchants and shoppers according to Israel cyber security Experts. Alibaba has patched up the flaws and is urging its customers to update their accounts accordingly. If you can’t afford a $600 product from an online store, why not change the price to […]

Pierluigi Paganini December 11, 2014
Are CloudAtlas and RedOctober campaigns managed by same APT?

Kaspersky Lab suspects that the bad actor who is managing a new campaign dubbed CloudAtlas is the same that run the Operation Red October two years ago. Red October is the name of a cyber espionage campaign discovered by security experts at Kaspersky Lab in late 2012 and disclosed in January 2013. The threat actors behind the […]

Pierluigi Paganini December 10, 2014
POODLE SSL flaw is threatening also TLS Security Protocol

Researchers at Qualys revealed that POODLE is likely to hit some of the most popular websites because the flaw also affects implementations of newer TLS. POODLE (Padding Oracle On Downgraded Legacy Encryption) is a critical vulnerability affecting SSL that was discovered in October 2014. The researchers at Google that discovered it, explained that the POODLE flaw is related […]

Pierluigi Paganini December 09, 2014
Google App Engine affected by more than 30 vulnerabilities

Security researchers at Security Explorations have found more than 30 vulnerabilities in the Google App Engine that allow code execution and sandbox escapes A team of security researchers in Poland announced to have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine (GAE) that could be exploited by hackers […]

Pierluigi Paganini December 08, 2014
Lizard Squad launches DDoS attack also on PlayStation network

Lizard Squad claims to have hacked also Sony PlayStation Network that suffered a DDoS attack. A week ago the hacking team known as the Lizard Squad brought down the Xbox Live online service with a DDoS attack. Microsoft users were not able to access the online platform for several hours, the service has several problems […]