Pierluigi Paganini
September 12, 2014
FireEye discovered two distinct groups of Chinese hackers operating cyber espionage campaigns on a large-scale in parallel. Security experts at FireEye have discovered two hacking campaigns conducted by distinct groups operating in separate regions of China that seems to work in parallel. The first team of hackers, named Moafee, is targeting military and government organizations which were in some […]
Pierluigi Paganini
September 11, 2014
The NOAA JPSS System is affected by thousands vulnerabilities, according to a memorandum from the Department of Commerce’s Office of the Inspector General. The Satellite systems at NOAA (National Oceanic and Atmospheric Administration) are affected by thousands of severe vulnerabilities that could be exploited by threat actors hit them. The disconcerting news refers the findings of […]
Pierluigi Paganini
September 10, 2014
Researchers from the UNHcFREG (University of New Haven) is publishing on YouTube a series of videos to disclose vulnerabilities in a dozen Android apps. Experts at the University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG) have decided to disclose vulnerabilities in a dozen Android apps, including the popular mobile applications Instagram, Vine and OKCupid. […]
Pierluigi Paganini
September 08, 2014
The CERT has published the results of its test conducted on popular Android applications that fail to properly validate SSL certificates. In several posts we have discussed about the improper validation of  SSL certificates made by mobile devices, recently we mentioned the case of the Gmail app for iOS devices which, according to an expert at mobile security […]
Pierluigi Paganini
September 08, 2014
Apple CEO Tim Cook announced that the company will improve the security of its solutions, including iCloud, starting from extension of 2FA mechanisms. The recent disclosure of hundreds celebrity pictures has raised the discussion on the level of security offered by the Apple iCloud stored service. To improve the security offered by the iCloud service, Apple’s CEO Tim Cook […]
Pierluigi Paganini
September 05, 2014
Experts at Akamai-Prolexic discovered a botnet dubbed IptabLes and IptabLex that infects and exploits poorly-maintained Linux servers to run DDoS attacks. Akamai’s Prolexic division has uncovered a new botnet dubbed IptabLes and IptabLex, which was used in a series of attacks targeting malware based on Linux servers. The experts revealed that the IptabLes and IptabLex botnet compromises misconfigured and […]
Pierluigi Paganini
September 04, 2014
Security experts at AlienVault discovered a series of watering hole attacks using the Scanbox reconnaissance Framework that is targeting several industries. Security experts at AlienVault Labs have uncovered a watering hole attack with a singular characteristic, the attackers are using a framework developed for reconnaissance as the primary infection vector. The attackers deployed a malicious JavaScript on the targeted […]
Pierluigi Paganini
September 04, 2014
An independent researcher has analyzed for years the metadata on submissions to VirusTotal service identifying patterns related to many bad actors. VirusTotal is the Google owned company which offers free checking of URLs and files for viruses and other malicious code, its systems use up to 54 different antivirus software to scan files and URLs provided by the userscheck. Cyber criminals […]
Pierluigi Paganini
September 02, 2014
Investigation on celebrities naked pictures leaked online raises suspicion that hackers breached iCloud accounts exploiting a flaw in the “Find my IPhone” feature. An alleged hack of Apple’s iCloud accounts of many celebrities seems to be the cause of the leakage online hundreds of naked photos purportedly belonging to more than 100 actors and singers.  On […]
Pierluigi Paganini
August 31, 2014
Dominique Bongard has presented an improvement to previous attack on WPS which allows to discover the PIN in just one second with offiline calculations. The researcher Dominique Bongard has presented an improvement for the attack on wireless routers with poorly implemented versions of the WPS (Wi-Fi Protected Setup). The WPS is a popular network security standard that allows […]
