Hacking

Pierluigi Paganini June 12, 2014
Xiaomi smartphones can steal bank card data via NFC

Chinese woman accidentally discovered that its Xiaomi smartphone has the capability to steal bank card data via near field communication. A report issued by the Nanjing-based Yangtse Evening News states that smartphones produced by Chinese Xiaomi are able to steal bank card data from wireless connections. Rumors reports that a woman from Nanjing has revealed to the newspaper that her new Xiaomi smartphone managed […]

Pierluigi Paganini June 12, 2014
Gmail hacking, a mine of data for phishing and spam attacks

An Israeli researcher disclosed a Gmail vulnerability, fixed by Google, that exposes an indefinite number of Gmail addresses and business emails. Google company has fixed a critical vulnerability, disclosed by the Israeli researcher Oren Hafif,  that exposes an indefinite number of Gmail addresses. Technically the experts has discovered that it is possible to bruteforce a token […]

Pierluigi Paganini June 11, 2014
Putter Panda APT behind for cyber espionage campaigns, are they members of PLA Unit 61486?

CrowdStrike published a new report which blames the Chinese Putter Panda group for the different cyber espionage campaigns conducted against foreign companies. Putter Panda is the name of bad actor responsible for a series of cyber espionage operations originating in Shanghai, security experts linked its operation to the activity of the People’s Liberation Army 3rd General Staff […]

Pierluigi Paganini June 10, 2014
ICS-CERT warns of possible hack of road signs controlled by Daktronics Vanguard software

ICS-CERT issued an alert for the presence of a hardcoded password flaw in Daktronics Vanguard highway dynamic message sign (DMS) configuration software. Security experts have discovered a new flaw in Daktronics’ Vanguard software which could be remotely exploited by hackers to hack electronic road signs. A week ago, it was reported that Daktronics’ Vanguard dynamic highway message sign (DMS) configuration […]

Pierluigi Paganini June 09, 2014
Two 14-year-old students hacked an ATM with impressive simplicity

Two 14-year-old  students, Matthew Hewlett and Caleb Turon, have hacked an ATM machine of the Bank of Montreal using a manual discovered on the Internet. Two 14-year-old  students, Matthew Hewlett and Caleb Turon, have hacked an ATM machine of the Bank of Montreal to test its level of security. The two students have discovered online an old […]

Pierluigi Paganini June 08, 2014
Databases of personnel at US command in S Korea hacked

A major cyber attack might have compromised the personal information of 16000 current and former workers employed by the American command in South Korea. US officials have revealed that military database in South Korea has suffered a major cyber attack which caused a data breach. Data related to personnel employed by the United States military […]

Pierluigi Paganini June 08, 2014
FireEye detected Molerats attacks on a large scale based on Xtreme RAT

FireEye Labs recently identified several new Molerats attacks based on Xtreme RAT targeting US financial institutions and European government organizations. FireEye experts between 29 April and 27 May have identified several new Molerats attacks targeting organizations across the globe. European government organizations, at least one U.S. financial institution and other private entities were hit by cyber […]

Pierluigi Paganini June 07, 2014
Serious vulnerabilities in the Linux kernel, upgrade it now!

A new series of vulnerabilities in Linux Kernel allows an attacker to lead DoS and privilege escalation attack, Debian urges upgrades for Linux users. Numerous security flaws have been discovered and fixed in the Linux kernel, patch management for these vulnerabilities is critical to avoid that attackers could have led to a denial of service […]

Pierluigi Paganini June 06, 2014
New critical flaws discovered in OpenSSL, patch now

The OpenSSL Foundation has fixed a series of new vulnerabilities, two of them considered critical. Organizations are invited to apply patches asap. The Open SSL has provided a collection of updates for its libraries to fix a series of new vulnerabilities recently reported. The exact number of vulnerabilities affecting OpenSSL is 6 and two of them are […]

Pierluigi Paganini June 05, 2014
The GnuTLS Hello flaw leaves vulnerable SSL clients

Experts at security firm Codenomicon discovered a critical buffer overflow vulnerability in the implementation of the GnuTLS software. GnuTLS, a free software implementation of SSL/TLS/DTLS protocols, it offers a set of application programming interface (API) to enable secure communication over their network transport layer. News of the day is that the widely used cryptographic library is vulnerable […]