Hacking

Pierluigi Paganini April 19, 2012
Stuxnet & Duqu, update on cyber weapons usage

We all know about the malware Stuxnet and Duqu considered unanimously the first examples of cyber weapon developed by a government to silent attacks critical enemy infrastructures. We have written a lot on the topic, we have followed with attention the excellent analysis made by experts of the sector such as Ralph Langner and the […]

Pierluigi Paganini April 18, 2012
Walk trough the penetration testing fundamentals

The article is published on the last edition of Pentest Magazine. Enjoy the reading, the magazine is free and to download it you just have to create a free account on www.pentestmag.com. Talking about penetration testing fundamentals and their introduction in private and military sectors. The growing request for experienced IT professionals is demonstration of the awareness […]

Pierluigi Paganini April 17, 2012
Iran, 3M bank accounts hacked.Hypothesis on cyber warfare scenario

The story that I desire to report seems the plot of a movie, Khosrow Zarefarid an Iranian software manager after finding security vulnerability in Iran’s banking system tried to inform the management of the affected banks preparing a detailed report. As usually the bank’s manager ignored the alert so the Iranian expert decided to demonstrate the […]

Pierluigi Paganini April 16, 2012
DDoS, detailed analysis of the phenomenon

Last year we have observer an impressive grow of distributed denial-of-service (DDoS) attacks mainly related to operation arranged by group of hacktivists such as Anonymous. During a DDoS attacks multitude of compromised systems attack a single target causing denial of service for users of the targeted system. I desire to analyze with you the interesting results […]

Pierluigi Paganini April 11, 2012
Medicaid incident. How much cost a data breach?

The Utah Department of Technology Services (DTS) has announced that the Utah Department of Health (UDOH) was victim of an hack. On Monday the server that hosts Medicaid was hacked, the news of the breach has been published on Wednesday. In a first time the entity of the data breach has been estimated in 181,604 […]

Pierluigi Paganini April 10, 2012
Governments and gaming platforms, it’s time for warfare

The US government is financing several activities to investigate and hack into the technology spread in every device that ordinary surround us. This is the next step of the warfare, spy and attacks foreign enemy simply accessing to the devices that are presents in their offices, in their houses and in their cars. Every device […]

Pierluigi Paganini April 08, 2012
Anonymous attacks the UK government.OpTrialAtHome, Tango Down

As announced during last days Anonymous has launched a Distributed Denial of Service (DDoS) against several UK government websites. A massive recruiting campaign is started on social media, a call to arm to protest the extradition of U.K. citizens to the United States. The Operation named “Operation Trial At Home,” fight the European Arrest Warrant (EAW) that could […]

Pierluigi Paganini April 05, 2012
Anonymous, its strategy against censorship and the diversionary theory

Groups of hacktivist like Anonymous are the actual news of the global technology landscape, a new force with which and against which confront. As repeatedly stressed I consider the moment of confrontation with the group a moment of growth for the IT professional in many ways, on all: having to deal with the cyber threat that […]

Pierluigi Paganini April 04, 2012
1-day exploits,Binary Diffing & patch management.The side threats

Recently ESET security firm has reported the latest version of the Blackhole exploit kit that has been updated to include a new exploit for the Java CVE-2012-0507 vulnerability.  The exploit was discovered for the first time on 7.03.2012 and it first detections were dated on March 12, 2012 and today a public module for Metasploit […]

Pierluigi Paganini April 03, 2012
UPGRADE – VISA, MASTERCARD and GPN breach

The day is come, yesterday morning as planned Global Payments Inc., the Atlanta-based credit and debit card processor that recently announced a breach that exposed fewer than 1.5 million card accounts, held a conference call to discuss about the breach and its impacts. Again Krebson Security Blog is the more accredited source in my opinion, they […]