Hacking

Pierluigi Paganini April 25, 2014
US Government coordinated hacktivist to hit foreign governments

Hacktivist Hector Xavier Monsegur, former leader of LulzSec collective, may have coordinated state-sponsored attacks for the U.S. Government. The New York time published the news that an FBI informant, Hector Xavier Monsegur, coordinated in 2012 a campaign of hundreds of cyberattacks on foreign websites. In many cases we discussed the possibility to exploit hacktivism to support […]

Pierluigi Paganini April 24, 2014
Viber vulnerable to MITM attack, million users at risk

Security researchers at UNH Cyber Forensics Research & Education Group have discovered a serious flaw in Viber messaging and voice system. Mobile app security is one of principal concern for security experts, exploiting flaws in most popular application like WhatsApp, Flickr or Viber hackers could expose data of million end users. Last week a group of researchers at UNH […]

Pierluigi Paganini April 23, 2014
Kaspersky on SmartTV malware … it’s question of time

Eugene Kaspersky explained that SmartTV are vulnerable to malware-based cyber attacks, it’s a question of time to assist a large-scale infection. In the last months we discussed about possible infection through the Internet of Things, in particular, we focused on cyber attacks on home appliances including Routers, SmartTV, refrigerators and ovens. The number of smart devices […]

Pierluigi Paganini April 21, 2014
Critical Infrastructure security, is it possible a shared regulatory?

Reflession on the necessity to adopt a shared regulatory for the security of critical infrastructure. Eugene Kaspersky point of view on the topic. Security of critical infrastructure is a critical urgency of any government, the NIST announced the Framework for Improving Critical Infrastructure Security, a document that proposed cybersecurity standards and practices to build out a security program. The cybersecurity […]

Pierluigi Paganini April 20, 2014
Millions Feedly users vulnerable to Javascript Injection attack

A security researcher discovered a serious Javascript Injection vulnerability in the popular Feedly Android App impacting Millions Users. While mobile industry continues to grow, in the same time the number of cyber threats continues to increase in frequency and level of sophistication. Mobile platforms like Android are a privileged target of cyber criminals that with a […]

Pierluigi Paganini April 20, 2014
Mandiant uncovered Heartbleed based attacks to Hijack VPN sessions

Security experts at Mandiant uncovered attackers exploiting the Heartbleed vulnerability to circumvent Multi-factor Authentication on VPNs. We have practically read everything about HeartBleed bug which affects OpenSSL library, we have seen the effects on servers, on mobile devices and also on Tor anonymity,  now lets focus on the possibility to exploit it to hijack VPN […]

Pierluigi Paganini April 19, 2014
Satellite equipment affected by severe vulnerabilities

A study conducted by experts at IOActive uncovered a variety of severe vulnerabilities in Satellite equipment widely used in numerous industries. Satellite Communication Devices are vulnerable to cyber attacks due the presence of critical design flaws in the firmware of principal satellite terrestrial equipment. Different satellite systems manufactured by some of the world’s biggest government contractors are […]

Pierluigi Paganini April 18, 2014
US retailer Michaels Stores confirms card data breach

After Target and Neiman Marcus, also US retailer Michaels Stores confirms card data breach occurred early this year, the second one in the company hystory. Early this year was spread the news that Michaels Stores Inc, the biggest U.S. arts and crafts retailer, was the victim of a severe data breach. Michaels Stores Inc. retailer was […]

Pierluigi Paganini April 18, 2014
Ponemon study – SQL Injection attacks too dangerous for organizations

A new study conducted by the Ponemon Institute reveals the impact of successfully SQL injection attacks on organizations during the last year. The Ponemon Institute published a new study titled “The SQL Injection Threat Study“ to understand the reply of organizations to the SQL injection threat. The study is sponsored by DB Networks, its Chairman and CEO Brett Helm used the following […]

Pierluigi Paganini April 18, 2014
The impact of the HeartBleed Bug on Tor Anonymity

The presence of nearly 380 servers in the Tor Network, 12 percent of the exit capacity, running the vulnerable version of OpenSSL could have compromised user’s anonymity. The Heartbleed bug is the flaw in the popular OpenSSL library that is scaring the security communities, many security experts hiphotesized that Intelligence agencies, including NSA, have exploited the bug to spy on […]