Hacking

Pierluigi Paganini March 12, 2015
Hacking Facebook by exploiting two reflected file download flaws

A security researcher has discovered two different  reflected file download flaws in Facebook that could be exploited to hit its users. Security researcher David Sopas from WebSegura has discovered a couple of security flaw in Facebook that could be exploited by an attacker respectively to upload an arbitrary file to the social network or to gain control […]

Pierluigi Paganini March 11, 2015
Reconnect tool for hacking Facebook is publicly available

The security expert Egor Homakov from Sakurity firm has released the Reconnect tool that allows hackers to hijack accounts on sites that use Facebook logins. The security expert Security Egor Homakov has developed a hacking tool dubbed Reconnect that exploit a flaw in Facebook to hijack accounts on sites that use Facebook logins. Homakov, with works for […]

Pierluigi Paganini March 11, 2015
Apple and Microsoft released updates to fix the FREAK flaw

Microsoft and Apple released security updates to fix the FREAK vulnerability recently discovered and affecting their products. FREAK is a major security flaw recently discovered that left users of Apple and Google devices exposed to MITM attack while visiting supposedly secure Websites. At the same time Microsoft issued a specific security advisory to inform its […]

Pierluigi Paganini March 11, 2015
Exploiting the Rowhammer flaw in DRAM to control your PC

Researchers at Google’s Project Zero have demonstrated how to exploit Rowhammer problem in DRAM to gain kernel privileges on Linux systems. Security researchers at Google’s Project Zero team have demonstrated that is possible to hijack the Intel-compatible PCs running Linux by exploiting the physical weaknesses in certain varieties of DDR DRAM (double data rate dynamic random-access […]

Pierluigi Paganini March 10, 2015
How the CIA is working to break the security of Apple devices

A new interesting report published by The Intercept details the effort spent by the US intelligence to compromise the security of Apple devices. The Intercept published another disconcerting post on the US Intelligence campaign aimed to steal the secrets of the IT giant Apple. According to top-secret documents disclosed by The Intercept a team of researchers working with the Central […]

Pierluigi Paganini March 09, 2015
FBI investigating apparent ISIS defacements on Western websites

A number of Western websites were hacked over the weekend, the sites were defaced with messages claiming the ISIS as the responsible. The FBI is investigating a series of cyber attacks occurred over the weekend on several western websites, the authorities suspect the involvement of hackers linked to the ISIS. The list of hacked websites includes […]

Pierluigi Paganini March 09, 2015
Hackers Abuse Google Apps flaw to run phishing campaigns

A critical flaw affecting Google Apps for Work allows hackers to run malicious phishing campaigns by abusing any website’s domain name. A critical vulnerability affecting Google Apps for Work allows attackers to send phishing emails. The vulnerability in Google Apps for Work could be exploited to send emails by abusing any website’s domain name and run phishing campaign on the […]

Pierluigi Paganini March 08, 2015
Xiaomi Mi 4 smartphone with preinstalled malware and much more

The security firm Bluebox discovered a preinstalled malware, many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone. After the episode of Lenovo pre-installed malware, another case is worrying the IT community. This time, security firm Bluebox has discovered pre-installed malware and other security issues with a Xiaomi Mi 4 mobile […]

Pierluigi Paganini March 08, 2015
Hacking home networks by compromising a Nest thermostat

A group of researchers  from TrapX Security demonstrated how to infiltrate home networks by compromising a Nest thermostat. We already discussed in the past of the risks related to cyber attacks against IoT devices, these smart objects are everywhere, including our homes, so they represent a privileged target for hackers. Security experts from TrapX Security demonstrated how […]

Pierluigi Paganini March 07, 2015
Just $104 to exploit the FREAK flaw and hit the NSA website

Researchers hack NSA’s website with only $104 and 8 hours of Amazon’s cloud computing power using the #FREAK vulnerability A team of researchers demonstrated that it is possible to exploit the FREAK vulnerability to hack the official NSA website by using 8 hours of Amazon’s cloud computing power and spending only $104. The researcher made […]