Security

Pierluigi Paganini January 06, 2013
Zero-day vulnerability in Symantec PGP Whole Disk Encryption

IT community become familiar with the concept of zero-day vulnerability, no matter if it is related to SCADA system or mobile phone firmware, it could allow a hacker to silently interfere with user’s life, exposing it to serious risks. This time the product affected by the vulnerability is produced by Symantec, it is PGP Whole […]

Pierluigi Paganini January 05, 2013
Confidential documents from Japanese politics stolen by malware

Last December Japan Aerospace Exploration Agency was hit again by malware  that stolen secret information on newest rockets from an internal computer, it was not first time for the Japanese agency that was already victim of a cyber attack having same purpose, cyber espionage to obtain information on another technological advanced project related to the […]

Pierluigi Paganini January 04, 2013
Turkey – Another story on use of fraudulent digital certificates

It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts. Microsoft has been immediately started the […]

Pierluigi Paganini January 02, 2013
DARPA HACMS program for a software without pervasive vulnerabilities

Technology in modern warfare has assumed a crucial role, every government is developing new cyber capabilities to be able to contrast and prevent cyber threats the fifth domain of warfare, the cyberspace. Today the concept of warfare is profoundly changed, many states choose to attack foreign governments exploring new technological options, from state-sponsored cyber attacks […]

Pierluigi Paganini January 01, 2013
29C3 Chaos Communication Congress.What do USB memory sticks say?

The Chaos Communication Congress is an annual meeting of international hackers organized by the Chaos Computer Club (CCC), one of the world’s biggest hackers organizations. The CCC group, that describes itself as “a galactic community of life forms, independent of age, sex, race or societal orientation, which strives across borders for freedom of information
.”, is known for its effort in the fight […]

Pierluigi Paganini December 31, 2012
Cyberespionage, another watering hole attack against US website

It’s Christmas time everywhere but cyberspace there isn’t holiday time for governments, last week a new cyber espionage attack has been detected, the website for the Council on Foreign Relations (CFR) was compromised. The CFR is a strategic target for espionage, it is one of the most elite foreign policy organizations in the United States with a […]

Pierluigi Paganini December 30, 2012
Hacktivism and web monitoring in 2013 for Security Affairs

The year is ending and it’s very easy to read forecast for next year, experts are sure that we will assist to a sensible increase of state-sponsored attacks and to the raise of sophisticated malware, both cyber threats will exploit large scale channels such as mobile and social networks. The majority of forecast are focused […]

Pierluigi Paganini December 29, 2012
TheAndroid.DDoS.1.origin, a new malware detected on Android mobile

In line with expectations a new cyber threat is menacing the mobile, in particular the most diffused OS, Android. The Russian anti-virus vendor Doctor Web has detected a new malware, dubbed  TheAndroid.DDoS.1.origin, that target Android mobile allowing the attacker to carry out mobile denial of service attacks. Currently is not known how the trojan has […]

Pierluigi Paganini December 28, 2012
DoJ wants to indict state-sponsored hackers. What is the real purpose?

The last couple of years has been characterized by the raise of state-sponsored cyber attacks, governments have increased cyber capabilities to defend their critical infrastructures from offensive originated in the cyberspace but they also improved tactics to offend and spy on foreign government networks. Governments and private business of countries such as US, Japan and […]

Pierluigi Paganini December 26, 2012
9 Steps to Cybersecurity

                        During this week I had the opportunity to read the book “9 Steps to Cybersecurity” written by Dejan Kosutic What You Need to Know in Order to Plan Your Company’s Cybersecurity in 9 Easy-to-understand Steps  I consider it a great introduction for basics cyber security […]