Security

Pierluigi Paganini June 09, 2014
Two 14-year-old students hacked an ATM with impressive simplicity

Two 14-year-old  students, Matthew Hewlett and Caleb Turon, have hacked an ATM machine of the Bank of Montreal using a manual discovered on the Internet. Two 14-year-old  students, Matthew Hewlett and Caleb Turon, have hacked an ATM machine of the Bank of Montreal to test its level of security. The two students have discovered online an old […]

Pierluigi Paganini June 09, 2014
ICS-CERT warns on the rise in attacks on online ICS

A reading of the data issued by the ISC-CERT in its Monthly Monitor (ICS-MM201404) on the attacks against ICS (industrial control systems) exposed on line. Do you have exposed your Industrial control system (ICS) on the Internet? “If ICS is connected to the Internet, it comes with an almost 100% guarantee of its being hacked on […]

Pierluigi Paganini June 07, 2014
Serious vulnerabilities in the Linux kernel, upgrade it now!

A new series of vulnerabilities in Linux Kernel allows an attacker to lead DoS and privilege escalation attack, Debian urges upgrades for Linux users. Numerous security flaws have been discovered and fixed in the Linux kernel, patch management for these vulnerabilities is critical to avoid that attackers could have led to a denial of service […]

Pierluigi Paganini June 06, 2014
Vodafone admits support to state surveillance

Vodafone has recently issued the Law Enforcement Disclosure Report to reveal the existence of secret wires that allow state surveillance. Vodafone, one of the largest mobile carrier of the world has issued a document, titled “Law Enforcement Disclosure Report“, which describes the collaboration provided by the company to many governments for lawful interception for some of its 400 […]

Pierluigi Paganini June 06, 2014
Microsoft issues the patch for the debated IE critical vulnerabilities

Microsoft has announced the official patch for the critical vulnerability discovered recently in the Internet Explorer. Microsoft has published the “Microsoft Security Bulletin Advance Notification for June 2014” in which are released seven security Bulletins addressing different vulnerabilities in the company’s products. The notification includes two critical Remote Code Execution vulnerabilities affecting the products Microsoft Windows, Internet Explorer, MS […]

Pierluigi Paganini June 06, 2014
New critical flaws discovered in OpenSSL, patch now

The OpenSSL Foundation has fixed a series of new vulnerabilities, two of them considered critical. Organizations are invited to apply patches asap. The Open SSL has provided a collection of updates for its libraries to fix a series of new vulnerabilities recently reported. The exact number of vulnerabilities affecting OpenSSL is 6 and two of them are […]

Pierluigi Paganini June 05, 2014
The GnuTLS Hello flaw leaves vulnerable SSL clients

Experts at security firm Codenomicon discovered a critical buffer overflow vulnerability in the implementation of the GnuTLS software. GnuTLS, a free software implementation of SSL/TLS/DTLS protocols, it offers a set of application programming interface (API) to enable secure communication over their network transport layer. News of the day is that the widely used cryptographic library is vulnerable […]

Pierluigi Paganini June 03, 2014
Remote Car hacking is reality, do not to underestimate it

A new alarm on car hacking issued by the security community, the white hat Jonathan Brossard warns cars can be hacked on the road remotely. Car hacking is possible, I have proposed different works presented by security experts that demonstrate how to compromise modern vehicles with cheap environment. Modern cars have a huge quantity of components connected […]

Pierluigi Paganini June 02, 2014
Cupid attack, Heartbleed Attack Vectors target Enterprise Wireless and Android Devices

A Portuguese security expert has uncovered the Cupid attack, a new Heartbleed attack vector which can impact Android devices, enterprise wireless networks and other connected devices. Cupid is the name of the new Heartbleed attack method recently proposed by Portuguese security researcher Luis Grangeia, unlike the original version of the attack, which took place on TLS connections over TCP, […]

Pierluigi Paganini June 02, 2014
A new way to bypass Secure Boot security mechanism of UEFI

Security Experts discovered a new attack method to defeat Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface). The Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface) can be circumvented on around half of PCs that use it, security researcher Corey Kallenberg from nonprofit research organization Mitre has demonstrated it at […]