Security

Pierluigi Paganini May 13, 2014
Who and how is using forged SSL certificates worldwide?

Who is abusing of forged SSL certificates in MITM attacks worldwide? A team of researchers implemented a new detection technique to detect the abuses. A team of researchers at Carnegie Mellon University and engineers at Facebook have designed a detection technique for man-in-the-middle attacks over SSL on a large-scale. They analyzed the data extracting useful information, including the […]

Pierluigi Paganini May 12, 2014
Multiple Security Misconfiguration in Juniper Online Service’s Lead to Expose Sensitive data

Security researcher Mohammed Saeed has Identified Multiple Security Misconfiguration in Juniper Online Service’s Lead to Expose Sensitive data and much more. Security researcher Mohammed Osman Saeed has Identified Multiple Security Misconfiguration in Juniper Online Service’s Lead to Expose Sensitive data & Lead to Control four Juniper Load-Balancer been accessed From Remote. He also disclosed Multiple XSS in […]

Pierluigi Paganini May 12, 2014
Check Point Security Report 2014 – Malware in the enterprise

Check Point 2014 Security Report shows major security events occurred in 2013 show and provides useful information on current malware trends. Check Point Software Technologies published 2014 Security Report to highlight major security events occurred last year and show current malware trends. The data were collected monitoring network traffic from 996 organizations of various industries. Nearly 84 percent […]

Pierluigi Paganini May 11, 2014
AirChat project supported by Anonymous to secure communications

Entities claiming to be part of Anonymous collective are working to put together a secure communications project named Airchat based on ham-radio Fldigi modem controller. Entities claiming Anonymous affiliation are supporting the AirChat project, available for consultation on the Github, for the design of  a secure communication based on the open source ham-radio Fldigi modem controller. “We traded bandwidth for freedom, or […]

Pierluigi Paganini May 11, 2014
US DoJ proposal legalizes secret hacking for federal agencies

US DoJ formalized a proposal to allow U.S Federal Agencies to secretly hack suspects’ computers to collect criminal evidence into investigations. The US Justice Department (DOJ) wants secretly hack into the suspected criminal’s computer during investigations at any times in bunches for collection of evidence. The document titled “COMMITTEE ON RULES OF PRACTICE AND PROCEDURE” defines […]

Pierluigi Paganini May 10, 2014
Heartbleed one month later, at least 300k servers are still vulnerable

Security researcher Robert Graham published the results of recent global scan searching for Heartbleed vulnerable systems. 300k systems are still vulnerable Heartbleed flaw is a bug disclosed more than a month ago, which affected OpenSSL library with serious repercussion on most common encryption services we daily use. Encrypted communications, mobile platforms, VPN and Tor networks are just a […]

Pierluigi Paganini May 10, 2014
Federal Trade Commission – Watch out to Health and Fitness Apps

The Federal Trade Commission debated on the privacy ramifications of consumer generated and controlled health data, following data on mobile apps. The Federal Trade Commission has recently released the disconcerting results of a study conducted on 12 mobile health and fitness apps, focusing the analysis on the way they manage users’ personal information. Let me anticipate that […]

Pierluigi Paganini May 09, 2014
NTLM flaws exploitation to access resources in corporate networks

Experts at Imperva have illustrated how to exploit NTLM flaws to conduct a Windows folder Poisoning Attack and steal access rights within corporate networks. Security vendor Imperva revealed that attackers can exploit specifically crafted shortcut icons to hack Windows machines and force them into sharing their network-access rights with a hacked PC. The experts at Imperva  have discovered […]

Pierluigi Paganini May 08, 2014
Spy Plane Scrambled Air Traffic Control in Southern California

FAA confirmed that its air traffic system experienced problems while processing a flight plan filed for a U-2 spy plane that operates in Southern California. In the past, we had a long discussed on new cyber warfare scenarios, the conflicts in the cyberspace have many faces, we saw sophisticated hacking platforms like the NSA FOXACID […]

Pierluigi Paganini May 08, 2014
Reading 2014 Ponemon Cost of Data Breach Study

The Ponemon Institute has issued its ninth annual report ” Cost of Data Breach Study “, an analysis on the economic impact of data breaches. The Ponemon Institute has issued its annual report “Cost of Data Breach Study,”, a study on the economic impact of data breaches. The Cost of Data Breach Study is sponsored by IBM, […]