Pierluigi Paganini
November 24, 2011
The SCADA systems at the Water utilities in Illinois were hacked by a malicious attacker. “the SCADA system was powered on and off, burning out a water pump.” This is what the hacker has posted giving proof of a direct compromise of the SCADA systems at this water utility confirming that there was actual damage. […]
Pierluigi Paganini
November 23, 2011
Last week I had the opportunity to discuss with my father of adverse economic situation and in particular of the Italian public spending. I have introduced some reference to the arms and in particular cyber weapons. What are they? What are the threats we face? What is the social cost to fight and mitigate the […]
Pierluigi Paganini
November 22, 2011
What is purpose for DNS cache poisoning attacks? DNS cache poisoning is an attack methodology used to compromise in the Domain Name System and is made introduceding data artifacts into a DNS name server’s cache database that did not originate from authoritative sources. Consider that the domain name server translates a domain name into an specific […]
Pierluigi Paganini
November 21, 2011
In a few days we have heard of a couple of satellite attacks by hackers meanwhile surfing on the web I came across more than one occasion in satellite photos reporting strange structures that we asked the real intended use. The successful attacks occurred in 2007 and 2008. The more serious of the two happened […]
Pierluigi Paganini
November 20, 2011
F-Secure Researchers have discovered a digitally signed malware that has code signed with a stolen government certificate belonging to the Malaysian Agricultural Research and Development Institute. The issue has long been known and this attack methodic has triggered a widespread lack of confidence in the process of trusting based on the use of certificates. The impairment […]
Pierluigi Paganini
November 17, 2011
In recent years social networks have succeeded in the historic feat of bringing to the web a growing number of users. Jupiter users, the elderly, individuals and businesses all within the large network, many, too much, share the total awareness of what happens when they put their credentials or when attracted by a novice or by a video click on a link. Or this behavior often blind managers of the major social platforms do not provide useful information because it can spread real awareness of the threat they face. Social networks have […]
Pierluigi Paganini
November 14, 2011
English version Which could be a critical objective to choose if we evaluate media coverage of the event, complexity and effort necessary to the success of the attack, the audience involved, access to resources used in turn for further offenses? Personally, I have many doubts … a gaming platform! Yesterday on a national newspaper has been published […]
Pierluigi Paganini
November 13, 2011
Once upon a time the espionage made by agents who essentially lived in complete anonymity and free of the past were able to recover the greatest amount of information about their objectives by building dangerous relationships with the reality of interest. Over the years, and the overwhelming technological evolution, scenarios are profoundly changed. Access to information most often passes through the circuits of a mobile device or a personal computer and this led to an increasing focus of many companies and government agencies in […]
Pierluigi Paganini
November 13, 2011
The title is borrowed from a presentation made by Francis Brown of Stach & Liu, Hacker Halted 2011 in Miami. The presentation focus on two topics that are crucial in the modern scenario: Cloud Computing Search engines demonstrating the fact that the overall safety of complex systems can be impacted by incorrect implementation of the “cloud” paradigm. Through the knowledge of authentication mechanisms is relatively easy to retrieve access codes, passwords and secret keys necessary for access to data stored within a cloud as happened for Amazon’s EC3. Let me remind you the […]
Pierluigi Paganini
November 06, 2011
Bitdefender reseachers have discovered a number of brute force attacks against several web site. The attacks have been done using a server at the Massachusetts Institute of Technology (MIT). The hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server. One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used […]
