Security

Pierluigi Paganini December 15, 2013
Self-censorship – Facebook monitors everything users type and not publish

Do users know that Facebook analyzes everything they type and not publish (self-censorship content)? Why Facebook does not consider it a privacy violation? Recent revelations on the NSA surveillance programs have raised many questions in user’s mind on the real roles of companies such as Facebook and Google, how do they manage users’ data and […]

Pierluigi Paganini December 13, 2013
Crowd Sourced Formal Verification, find software bugs is a game

DARPA has launched the Crowd Sourced Formal Verification, it creates a set of games that search for software vulnerabilities involving volunteer gamers. The US Department of Defense Is evaluating the use of video games for finding software vulnerabilities with the collaboration of a network of volunteers. The idea is revolutionary, the support offered to DoD […]

Pierluigi Paganini December 12, 2013
ENISA Threat Landscape 2013 report, the rise of cyber threats

ENISA releases the ENISA Threat Landscape 2013, it a collection of information on top cyber-threats that have been assessed in the reporting period. The European Network and Information Security Agency (ENISA) published the ENISA Threat Landscape 2013 report, a document that was annually issued to analyze significant evolutions in the cyber-threat landscape. The ENISA has […]

Pierluigi Paganini December 12, 2013
NVIDIA mental ray flaw allows the control of entire render farm

Researchers at ReVuln demonstrated how gain the control of an entire render farm exploiting the vulnerability affecting NVIDIA mental ray. Researchers at ReVuln recently published a paper that details a vulnerability affecting NVIDIA mental ray which allows an attacker to take control over a mental ray based render farm. Probably not all know what is […]

Pierluigi Paganini December 11, 2013
Detected 64-bit ZeuS banking trojan using Tor network

Security researchers at Kaspersky Lab have detected a 64-bit Zeus banking trojan version enhanced with communication capability on the Tor network. Is Zeus banking trojan dead? Absolutely no! Periodically security experts found new a variant that includes new features to make it more resilient and able to spread itself via social networks. Last variant was […]

Pierluigi Paganini December 11, 2013
Near East – new heaven for bulletproof hosting providers, first effects of cyberwar

Intelligence experts at IntelCrawler discovered a Russian-speaking group offers bulletproof hosting in Syria, Lebanon … Countries that represent the new heaven for cybercriminals   IntelCrawler: «Near East – new heaven for bulletproof hosting providers, first effects of war on cyberspace in action» Los-Angeles CA– The US based cyber and risk intelligence provider IntelCrawler has announced […]

Pierluigi Paganini December 10, 2013
Chinese Hackers Spying on European Diplomats

Security experts at FireEye discovered a cyber espionage operation conducted by Chinese hackers on the computer at the foreign ministries of the Czech Republic, Portugal, Bulgaria, Latvia and Hungary. Security experts at FireEye have revealed that they were able to track Chinese hackers spying on EU foreign ministries for about a week. The hackers have targeted the computers belonging at […]

Pierluigi Paganini December 10, 2013
NSA and GCHQ infiltrated virtual online gaming communities

The Guardian published documents that reveal NSA and GCHQ infiltrate gaming platforms and communities including World of Warcraft and Second Life NSA and British  GCHQ are working to infiltrate the virtual world of online games considered as an attractive environment for cyber terrorists and hackers, this is the last chapter of the Snowden‘s Saga. The Guardian […]

Pierluigi Paganini December 09, 2013
Linkedin iOS app V 6_1_2 HTML message parsing vulnerability

LinkedIn iOS app parses HTML in the messages, and this can be used to phish for credentials or be escalated into a full blown attack. Senior CyberSecurity Specialist Zouheir Abdallah @ZuZ  (Twitter handle), has publicly and responsibly disclosed a vulnerability in LinkedIn’s mobile app. Zouheir is known for reporting a serious vulnerability in DropBox’s 2 Factor […]

Pierluigi Paganini December 08, 2013
French Government ANSSI responsible of a MITM against Google SSL-TLS

Google discovered the unauthorized use of digital certificates issued by an intermediate certificate authority linked to ANSSI for several Google domains. Google has revealed that late on December 3rd it became aware of unauthorized digital certificates for several Google domains and immediately has started the investigation. Security experts at Google found that the digital certificates […]