Hacking

Pierluigi Paganini February 27, 2014
FireEye discovered an Apple vulnerability which allows iOS keylogging

Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices. A vulnerability in Apple products is once again the center of controversy because and also in this case the user’s privacy is at risk. The excellent team of security researchers at FireEye discovered another […]

Pierluigi Paganini February 26, 2014
Unveiled network of surveillance based on RCS of Hacking Team

Citizen Lab published detailed information on the surveillance network based on RCS spyware designed by the Italian firm Hacking Team. The nonprofit research team Citizen Lab has discovered the presence of a spyware developed by the Italian Hacking Team in 21 countries. The news doesn’t surprise security community, despite Hacking Team firm always denies any involvement in cyber […]

Pierluigi Paganini February 22, 2014
WhatsApp lack enforcing certificate pinning, users exposed to MITM

Experts at Praetorian have been conducting the Project Neptune to assess the security for designing and maintenance of mobile apps, including WhatsApp. This week the IT was shocked by the acquisition of WhatsApp by Facebook, the popular mobile messaging service was sold for $19 billion, probably this is the value assigned to the information managed by […]

Pierluigi Paganini February 20, 2014
Released a Metasploit module to hack 70% Android devices

Rapid 7 has released the “exploit/android/browser/webview_addjavascriptinterface” module which allows attackers to remotely access on most Android devices. A bug in the Android WebView programming interface allows attackers to remotely access on most devices running the popular OS. But it does not end here, hackers could easily access handset camera and file system simply creating a specifically crafted web […]

Pierluigi Paganini February 19, 2014
Asus router users still vulnerale to remote hacking

Asus routers are still vulnerable to remote hacking after months of the disclosure of the flaw that allows hackers to access to the device-connected drive. Ars security portal reported that hackers expose eight-month-old weakness in Asus routers by leaving a message on victims’ drives. An Ars reader claimed to have found a strange message browsing the content of his external […]

Pierluigi Paganini February 19, 2014
Linksys routers worm – Released the code for exploit the vulnerability

After SANS researchers detected self replicating work The Moon is spreading among a number of different Linksys routers, its exploit appeared in the wild. Last week I reported the news related to a vulnerability in Linksys routers that’s being exploited by a new The Moon worm analyzed by the SANS Institute’s Internet Storm Center. The Moon […]

Pierluigi Paganini February 18, 2014
Profiling hacking for hire services offered in the underground

Security expert Dancho Danchev profiled hacking for hire services offered in the underground, providing an indication of their prices. In the past we have already analyzed the diffusion in the underground of hacking for hire services, a term coined to define the sale of hacking services made by cyber criminals for a limited period of time. Surfing […]

Pierluigi Paganini February 17, 2014
The crowd-funding site Kickstarter has been Hacked

The crowd-funding site Kickstarter has been Hacked! The company suggested to its users to change their password. The popular crowd funding website Kickstarter is the last victim of a data breach, all the users are invited to change their passwords to avoid further problems. The news has been confirmed by the CEO of Kickstarter, Yancey Strickler, that revealed the company has […]

Pierluigi Paganini February 16, 2014
Discovered thousands of FTP servers infected by malware

Hold Security reported it has discovered a list of credentials for close to 7,800 FTP servers being circulated in cybercrime forums in the Deep Web. FTP servers are considered a privileged target for cyber criminals, hackers can exploit them for example to spread malware infecting webservers that rely on FTP applications for updates. The Hold Security firm […]

Pierluigi Paganini February 15, 2014
TESCO thousands shopping account credentials leaked online

Thousands of Tesco.com shopping accounts were suspended after hackers have leaked users details including credentials and Tesco Clubcard vouchers. Tesco has recently confirmed to have suffered a data breach, the cybercriminals have hit the company on Valentine’s Day compromising the account of thousands of online clients. “We take the security of our customers’ data extremely seriously and […]