Security

Pierluigi Paganini January 22, 2013
Panetta is critical on the security level for NATO networks

Today on Atlantic Council web site it has been published an excerpts from remarks by Secretary of Defense Leon Panetta at King’s College in London that remarks the inadequacy of NATO networks to reject cyber threats, according the officials the situation appears really critic in both private and public sectors, and it is very concerning also […]

Pierluigi Paganini January 19, 2013
Bouncer, new phishing variant from RSA

Despite simplicity of the schema phishing attacks have increased exponentially in the last years targeting every sector,both public and private. RSA’s October Online Fraud Report 2012 revealed a worrying scenario, phishing attacks increased up 19% over the second half of 2011, the total loss for various organizations has been estimated to $2.1 billion over the last […]

Pierluigi Paganini January 18, 2013
Cyber warfare between Koreas, a warning for any cyber power

Earlier this month is has been spread the news that South Korea is investing to improve the cyber capabilities of the country recruiting and training hackers to involve in the cyber defense due the increasing number of attacks suffered. A cyber attack hit recently the presidential transition team, in particular the press rooms server, but […]

Pierluigi Paganini January 17, 2013
Red October, RBN and too many questions still unresolved

The recently discovered cyber espionage campaign “Red October” has shocked world wide security community, the principal questions raised are: Who is behind the attacks? How is possible that for so long time the campaign went undetected? Which is the role of AV company in these operations? To try to understand who is behind the attacks […]

Pierluigi Paganini January 16, 2013
New attacks against SCADA, old vulnerabilities, very old issues

Stuxnet first and news of countless zero-day vulnerabilities in the wild have strengthened the idea that citizens security is constantly menaced by group of hackers that for different purposes are able to inflict serious damages to the structures that surround us. Critical infrastructures represent privileged targets for very different actors such as cyber terrorists or […]

Pierluigi Paganini January 15, 2013
Kaspersky Lab discovered the cyber espionage campaign “Red October”

Last October Kaspersky Lab’s Global Research & Analysis Team started a new investigation after several attacks hit computer networks of various international diplomatic service agencies. The attacks appeared very suspect, a new large scale cyber-espionage operation has been discovered, the operation is dubbed «Red October», a name inspired by famous novel «The Hunt For The Red […]

Pierluigi Paganini January 14, 2013
Nokia and the accusation of MITM attack

The charge is heavy, according to some experts, Nokia analyzes user’s traffic officially to increase performance compressing data on some of its mobile devices. According many experts the popular company is responsible of the hijacking of user’s traffic on its servers, that is the case for the Nokia Asha models, for this reason on internet […]

Pierluigi Paganini January 13, 2013
Aaron Swartz commits suicide

Aaron Swartz  has committed suicide on January 11, 2013 in New York City. I have long been fought if you write something about this extraordinary boy, but not dedicate a tribute would be a shame. Aaron Swartz has decided to leave a huge void in the IT scenario. For me, as the entire world he […]

Pierluigi Paganini January 12, 2013
New security problem for Oracle Java software

The year is start way for Oracle Java platform, a new Java 0-day vulnerability has been discovered and worldwide security community is very concerned on the potential effect of the bug. We have discovered how much dangerous could be the exploit of a zero-day vulnerability especially against institutional targets and governments (e.g. Elderwood project), state-sponsored hackers […]

Pierluigi Paganini January 11, 2013
SCADA and critical infrastructures, in … security

According last report published by The European Network and Information Security Agency (ENISA)   “ENISA Threat Landscape – Responding to the Evolving Threat Environment” that summarizes principal cyber threats, critical infrastructures represent privileged targets for emerging trends. Different agents such as terrorists, state-sponsored hackers or hacktivists could be interested in attack control systems within a critical […]