Security

Pierluigi Paganini October 23, 2014
Hackers have violated ticketing system based on NFC in Chile

Unknowns have hacked the NFC based electronic payment system used in Chile, the “Tarjeta BIP!”, spreading an Android hack that allows users to re-charge cards for free In Chile NFC electronic payment is already a reality, “Tarjeta BIP!” is the name of the payment system used to pay for public transportation with users’ smartphones that support the standard. […]

Pierluigi Paganini October 22, 2014
New Zero-day in Microsoft OLE being exploited in targeted attacks

Security experts at Google and McAfee have discovered a new Zero-day vulnerability in Microsoft OLE being exploited in targeted attacks. Early this week,  Microsoft issued the security advisory 3010060 to warn its customer of a new Zero-Day vulnerability that affects all supported versions of Windows OS except, Windows Server 2003. The OLE Packager is the component that is affected by the zero-day, […]

Pierluigi Paganini October 22, 2014
Drigo spyware exploits Google Drive in targeted attacks

Security experts at TrendMicro have discovered a cyber espionage campaign which used a malware dubbed Drigo to syphon data through Google Drive. Security experts at TrendMicro have uncovered a new wave of targeted attacks which were stolen information through Google Drive. The researcher detected a new strain of data stealer malware, dubbed Drigo, that is apparently used in hacking […]

Pierluigi Paganini October 22, 2014
Google improved 2-Step Verification with Security Key

Google has announced the introduction of an improved two-factor authentication mechanism based on a USB token dubbed Security Key. Google firm considers cyber security a pillar of its business, the last initiative announced by the company is the introduction of an improved two-factor authentication system for its services, including Gmail. The new 2FA process is based on the use of a […]

Pierluigi Paganini October 21, 2014
Hiding a malicious Android APK in images as evasion method

Two researchers at Fortinet have demonstrated during the last Black Hat Europe conference how to hide a malicious Android APK in images. Mobile devices are continuously under attacks, cyber criminals are improving their technique to attack mobile users and increase the profits.  A new technique recently disclosed, allows attackers to hide encrypted malicious Android applications inside […]

Pierluigi Paganini October 19, 2014
Cost of cybercrime continues to increase for US companies

The Ponemon Institute as published its fifth report on the cost of cybercrime which provides interesting data on impact on the US companies. Which is the cost of cybercrime suffered by US companies? The fifth annual report published by the Ponemon Institute and titled “2014 Global Report on the Cost of Cyber Crime” reveals that cyber […]

Pierluigi Paganini October 19, 2014
Flaws in DTM components are threatening security of critical Industrial Control Systems

Researchers at the last Black Hat Europe have presented the results of their research on DTM/FDT components, demonstrating the presence of serious flaws. The researchers Alexander Bolshev and Gleb Cherbov at Digital Security, have discovered several serious vulnerabilities in industrial components designed to implement the management interface industrial control systems (ICS). The experts have analyzed the implementation of Field Device Tool / […]

Pierluigi Paganini October 17, 2014
Smart meters in Spain can be hacked to hit the National power network

Two researchers analyzed Smart meters widely used in Spain and discovered that can be hacked by attackers to harm the overall National power network. Internet of things devices are becoming a privileged target of cyber criminals, recently Akamai disclosed the existence of the Spike botnet which used by bad actors to run DDoS attacks through desktops and IoT devices. Another report issued by the same vendor […]

Pierluigi Paganini October 17, 2014
Same Origin Method Execution attack to perform unintended actions on a website on behalf of victims

A researcher presented a new attack method dubbed Same Origin Method Execution which could be exploited to impersonate the targeted user on many websites. Same Origin Method Execution (SOME) is a new technique of attack against website presented by Ben Hayak, researcher at Trustwave, at Black Hat Europe in Amsterdam. The Same Origin Method Execution (SOME) attack method is […]

Pierluigi Paganini October 17, 2014
South Korea need to overhaul the national ID system

ID system of South Korea faces a significant overhaul in response to major data breaches occurred in the last years which impacted the entire population. Several times we have discussed about the economic impact of a data breach, but in the majority of cases, they were just a raw estimation to give the experts an idea […]