Hacking

Pierluigi Paganini May 26, 2014
UPDATED – Ex LulzSec Sabu helped feds foil 300+ cyberattacks

Prosecutors filed a document which reveals ex LulzSec hacker Sabu helped US authorities stop more that 300 cyber attacks against US targets. The time of sentencing the former LulzSec hacker is arrived, next week the turned-FBI informant Hector “Sabu” Monsegur will be judged for the numerous cyber attacks he organized when he was a member of Anonymous group. […]

Pierluigi Paganini May 26, 2014
Critical Infrastructure, hackers targeted public utility SCADA

Cyber attacks could pose a potentially huge risk to US critical infrastructure, state-sponsored hackers and cyber criminals are increasing their activity. Governments are even more alarmed by the possibility of cyber attacks against critical infrastructure, hackers could pose a potentially huge risk to the helpless population. In a recent US Government exercise, a team of hackers […]

Pierluigi Paganini May 25, 2014
FireEye-Mandiant data confirms DOJ’s Findings on APT1

Experts at Mandiant have corroborated the DOJ’s data by releasing additional evidence not included in the original APT1 report. One of the news most important shared on the internet this week it the one related to the indictment announced by US Department of Justice (DOJ) on five members of PLA Unit 61398. One year ago Mandiant experts deeply analyzed […]

Pierluigi Paganini May 25, 2014
Serious Flaw in Yahoo Websites allows attackers to delete any comment

The Egyptian security researcher Ahmed Aboul-Ela has discovered a vulnerability which allowed deleting comments of any user in all Yahoo sites. A couple of days ago I was contacted by the Egyptian security researcher Ahmed Aboul-Ela which informed me to have disclosed a vulnerability in Yahoo websites which allow attackers to delete any comment from all Yahoo Services, […]

Pierluigi Paganini May 24, 2014
A new series of critical eBay vulnerabilities still menaces 145M users

Security experts have discovered three new critical eBay vulnerabilities, the privacy and data of more than 145 million users is still at risk. Just a few days after the disclosure of a major data breach at eBay, in the Internet is circulating the news of three new critical eBay vulnerabilities in the company website. eBay admitted […]

Pierluigi Paganini May 22, 2014
Microsoft hasn’t disclosed neither fixed a 4 months-old 0Day Internet Explorer 8 flaw

Zero Day Initiative website has disclosed a new zero-day Internet Explorer 8 vulnerability which was reported to Microsoft four months ago but not yet fixed Microsoft had kept hidden a critical Zero-Day vulnerability in Internet Explorer 8 since October 2013, this is the last disconcerting news that is circulating within the security community. Peter ‘corelanc0d3r’ Van […]

Pierluigi Paganini May 21, 2014
eBay database compromised, change your password now

The giant eBay suffered a serious data breach which exposed data in its database. Customer information, including personal data and password were violated. The Giant Ebay is victim of data breach, during a cyber attack the hackers violated company database accessing to personal data and user credentials. In response to the incident the company is notifying its customers […]

Pierluigi Paganini May 20, 2014
5 Chinese PLA officials accused of cyber espionage on US companies

The United States has filed criminal charges against five Chinese military PLA officials for cyber espionage and hacking against several US companies. The United States early this week charged five Chinese military PLA officers and accused them of hacking into computers of American companies. US authorities accused the China’s People’s Liberation Army officers of hacking […]

Pierluigi Paganini May 20, 2014
Remote code injection in Microsoft, Yahoo and Orange subdomains

Security researcher Ebrahim Hegazy has identified a remote code injection vulnerability affecting several subdomains of Microsoft, Yahoo, Orange and others. Fortunately, the security Vulnerability has been fixed. While participating in the Yahoo Bug Bounty program, Hegazy has found a “Unauthorized Admin Access” Vulnerability in one of Yahoo domains “mx.horoscopo.yahoo.net.”, that vulnerability led him to find […]

Pierluigi Paganini May 19, 2014
SNMP issues in many devices allow disclosure of data

Researchers at Rapid7 disclosed a series of vulnerabilities in many devices that allow data disclosure from the SNMP community string. Researchers at Rapid7 have discovered problems in SNMP on embedded devices which can can cause the exposure of critical information. As explained in the official blog post during the analysis the experts discovered devices which expose information that would […]