Pierluigi Paganini
December 09, 2013
LinkedIn iOS app parses HTML in the messages, and this can be used to phish for credentials or be escalated into a full blown attack. Senior CyberSecurity Specialist Zouheir Abdallah @ZuZ  (Twitter handle), has publicly and responsibly disclosed a vulnerability in LinkedIn’s mobile app. Zouheir is known for reporting a serious vulnerability in DropBox’s 2 Factor […]
Pierluigi Paganini
December 08, 2013
Google discovered the unauthorized use of digital certificates issued by an intermediate certificate authority linked to ANSSI for several Google domains. Google has revealed that late on December 3rd it became aware of unauthorized digital certificates for several Google domains and immediately has started the investigation. Security experts at Google found that the digital certificates […]
Pierluigi Paganini
December 08, 2013
NSS Labs issued the report titled “The Known Unknowns” to explain dynamics behind the market of zero-day exploits. Last week I discussed about the necessity to define a model for “cyber conflict” to qualify the principal issues related to the use of cyber tools and cyber weapons in an Information Warfare context, today I decided […]
Pierluigi Paganini
December 07, 2013
Microsoft Digital Crimes Unit, FBI, Europol and industry partners decapitated the feared ZeroAccess botnet that hijacks search results Microsoft this week has announced that thanks to a joint operation of its Digital Crimes Unit and the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3) and technology companies has decapitated ZeroAccess botnet. […]
Pierluigi Paganini
December 07, 2013
Google has recently removed from the official Play store the ” Balloon Pop 2″ Android game that allows WhatsApp conversations snooping. Every day numerous friends ask me if it is possible to steal WhatsApp chat messages and how, of course a malware represents an excellent solution to the request. In the past I already posted […]
Pierluigi Paganini
December 06, 2013
Cyber warfare or information warfare is still a gray area of the military doctrine, it is necessary to define the “model of conflict” and rules for the actors. Cyber war and cyber information warfare are two terms very inflated used to describe the current disputes within the cyberspace. To explain the effect of acts of […]
Pierluigi Paganini
December 04, 2013
German researchers demonstrated how a malware can infect system in air gapped networks and transfer stolen data using Inaudible Audio signals. The shocking news that it is possible to infect a computer with Inaudible Audio signals is circulating within the security community has been circulating for several weeks between denials and confirmations. In October the […]
Pierluigi Paganini
December 03, 2013
D-Link company has recently released a new version of firmware to fix backdoor vulnerability in various network device models. Last October the security expert Craig Heffner discovered a backdoor inside different D-Link routers. Craig published an interesting blog post on â/dev/ttyS0âł on the reverse engineering of the backdoor (CVE-2013-6027) present in many D-Link devices, it described how […]
Pierluigi Paganini
December 03, 2013
Rafael Souza (CISOof hackers online club) introduces the fundamentals of Google Hacking ABSTRACT Readers, I introduce a little about a very interesting technique that is Google Hacking, is a key to investigate if we are doing a pentest, or protecting our organization or individual item. Google Hacking is the activity of using the site search […]
Pierluigi Paganini
December 03, 2013
Security experts at Trend Micro detected a new variant of AutoCAD Malware that leaves victims hackable for further cyber attacks. Malware researchers at Trend Micro spotted AutoCAD Malware codenamed ACM_SHENZ.A. It’s not first time that a malware was specifically designed to steal AutoCAD project, last years security specialists at ESET detected a malicious code dubbed […]
