Pierluigi Paganini
October 30, 2014
A security advisory issued by Drupal assumes that every installation of the popular CMS based in the version 7.x was compromised unless patched. Earlier this month, Drupal patched a critical SQL injection vulnerability (CVE-2014-3704) that exists in all Drupal core 7.x versions up to the recently-released 7.32 version, which fixed the issue. There is an emergency in the […]
Pierluigi Paganini
October 28, 2014
Verizon Wireless injects UIDH headers to every user’s Web request to track its web experience including visited websites and his habits. Verizon Wireless, the greatest US Telecom operator is tracking the internet traffic of its mobile users by adding a token to Web requests. The token is used by the company for advertising purpose, Verizon tracks the user’s habits, even if he had opted out […]
Pierluigi Paganini
October 27, 2014
Facebook and Yahoo have designed an SMTP extension dubbed RRVS, Require-Recipient-Valid-Since, to prevent illegal use of emails with a new ownership. Last year Yahoo announced the decision to reset any account that has not been used for 12 months, making them available to other users. The decision has raised several doubts for security and privacy issues, […]
Pierluigi Paganini
October 26, 2014
The National Institute of Standards and Technology is warning of the presence of a Zero-Day flaw in the Samsung FindMyMobile service. The US-CERT/NIST is warning of the presence of a zero-day flaw that affects the Samsung FindMyMobile web service (CVE-2014-8346). The Samsung FindMyMobile implements several features that allow users to locate the lost device, to play an […]
Pierluigi Paganini
October 25, 2014
A group of Israeli researchers has demonstrated at the last Black Hat Conference how to hack air gapped networks by using lasers and drones. A lot of people believe that it is possible to secure a computer keeping it off, security specialists define a network separated by the Internet, or by any other unsecure networks, as “Air gapped […]
Pierluigi Paganini
October 24, 2014
The US Government is working with manufacturers and vendors of medical devices and equipment to identify and fix vulnerabilities. Every day we read about more or less sophisticated attacks against any kind of computing systems that allows threat actors to compromise targeted devices. What do you think if your life depends on the proper functioning of […]
Pierluigi Paganini
October 23, 2014
Unknowns have hacked the NFC based electronic payment system used in Chile, the “Tarjeta BIP!”, spreading an Android hack that allows users to re-charge cards for free In Chile NFC electronic payment is already a reality, “Tarjeta BIP!” is the name of the payment system used to pay for public transportation with users’ smartphones that support the standard. […]
Pierluigi Paganini
October 22, 2014
Security experts at Google and McAfee have discovered a new Zero-day vulnerability in Microsoft OLE being exploited in targeted attacks. Early this week, Microsoft issued the security advisory 3010060 to warn its customer of a new Zero-Day vulnerability that affects all supported versions of Windows OS except, Windows Server 2003. The OLE Packager is the component that is affected by the zero-day, […]
Pierluigi Paganini
October 22, 2014
Security experts at TrendMicro have discovered a cyber espionage campaign which used a malware dubbed Drigo to syphon data through Google Drive. Security experts at TrendMicro have uncovered a new wave of targeted attacks which were stolen information through Google Drive. The researcher detected a new strain of data stealer malware, dubbed Drigo, that is apparently used in hacking […]
Pierluigi Paganini
October 22, 2014
Google has announced the introduction of an improved two-factor authentication mechanism based on a USB token dubbed Security Key. Google firm considers cyber security a pillar of its business, the last initiative announced by the company is the introduction of an improved two-factor authentication system for its services, including Gmail. The new 2FA process is based on the use of a […]
APT / February 05, 2026
