Pierluigi Paganini
May 15, 2015
SAP products make use of a proprietary implementation of LZC and LZH compression algorithms that could be exploited by attackers in several ways. For the second time in a week, we are speaking about security vulnerabilities affecting SAP systems, recently I wrote about a study published by the Onapsis firm that revealed over 95% of SAP […]
Pierluigi Paganini
May 15, 2015
The Chinese threat actor known as APT17 and DeputyDog has been using profile pages and forum threads on Microsoft’s TechNet web portal to host IP addresses for command and control (C&C) servers. Security experts at FireEye and the colleagues at Microsoft Threat Intelligence Center have published a report on the activities of the Chinese group […]
Pierluigi Paganini
May 14, 2015
According to a report published by the experts at root9B the hacking crew APT28 is planning to attack several financial institutions worldwide. In October 2014, security expert at FireEye published a report on the activities conducted by a group of Russian hackers, dubbed APT28, the hacking crew is behind long-running cyber espionage campaigns that targeted US defense contractors, European security organizations and […]
Pierluigi Paganini
May 14, 2015
Maritime industry heavily depends on technology, a cyber attack against its infrastructure and systems could have dramatic consequences on our society. In a recent post, I talked about attacks targeting SCADA systems will increase, and our ports are among critical infrastructure that makes large use of such systems. Let’s consider that “almost 90% of the […]
Pierluigi Paganini
May 13, 2015
Security Researcher at CrowdStrike claims VENOM vulnerability leaves millions of virtual machines vulnerable to cyber attacks. A new security vulnerability dubbed VENOM (CVE-2015-3456) is threatening the security industry. The CrowdStrike Senior Security Researcher Jason Geffner who discovered the vulnerability explained that the flaw could be exploited by an attacker to compromise any machine is a data […]
Pierluigi Paganini
May 13, 2015
Experts estimated that between 25 to 50 billion devices will be connected to the internet by 2020 will be exposed to an increasing number of cyber threats. Until the end of 2020, experts estimated that between 25 to 50 billion devices on the planet will be connected to the internet, and counting that the Internet […]
Pierluigi Paganini
May 13, 2015
Several dozen Imperva Incapsula customers were targeted by a DDoS botnet comprised of tens of thousands of hijacked SOHO routers. Security experts at Incapsula firm spotted a DDoS botnet composed of tens of thousands of malware-infected Small Office / Home Office SOHO routers engaged in application layer HTTP flood attacks. The SOHO routers were infected with a strain […]
Pierluigi Paganini
May 11, 2015
New PHP vulnerability dubbed ‘Magic Hash’ being found by Robert Hansen (aka RSnake) of WhiteHat Security can enable attackers into breaching users’ accounts. New vulnerability dubbed ‘Magic Hash’ being found by Robert Hansen (aka RSnake) of WhiteHat Security can enable attackers into breaching users’ accounts. Because of a security flaw according to which PHP tackles […]
Pierluigi Paganini
May 11, 2015
The popular developer Comex has posted online a video Proof-of-Concept to demonstrate that it is possible to run arbitrary code on the Apple Watch. The Internet of things is probably the paradigm that most of all is invading our daily life, smart objects surround us and collect a huge quantity information enlarging our surface of attack. The problem […]
Pierluigi Paganini
May 10, 2015
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. Trustwave discovered the first political malvertising campaign Mozilla Fundation, a step toward to full HTTPS implementation How Selerity reported Twitter’s earnings—before Twitter did Carders crack Hard Rock casino Australian […]
