Pierluigi Paganini
November 28, 2013
A security issue inside cookie-based storage mechanism of Ruby on Rails could expose thousand websites to cyber attacks. Ruby on Rails, “hit an open source web application framework to compromise a wide audience”, this is the thought of attackers that desire who want to hack the highest number of web sites. A security issue inside […]
Pierluigi Paganini
November 27, 2013
Atrax, yet another commercial crimekit on the black market, a malware able to exploit Tor and that implements numerous features including Bitcoin mining. Atrax is the name of the last crimekit that is sold in the underground market, its particularity is the capability to exploit Tor networks to communicate with Command & Control infrastructure. Jonas […]
Pierluigi Paganini
November 26, 2013
Due to the constant growth in the number of cyber attacks it is necessary to properly define the actions composing an incident response plan. FireEye firm published an interesting post on the need of incident response (IR) capabilities to reply numerous cyber attacks that daily hit almost any web service. Starting from the data proposed […]
Pierluigi Paganini
November 26, 2013
U.S.-China Economic and Security Review Commission reported for the first time that cloud computing “represents a potential espionage threat.” U.S.-China Economic and Security Review Commission reported for the first time that cloud computing “represents a potential espionage threat.” , Chinese hackers are a persistent collector of sensitive information, their action is incessant and represent a […]
Pierluigi Paganini
November 25, 2013
A study conducted by company’s enterprise security arm HP Fortify revealed that the majority of mobile apps based on iOS is vulnerable. The company’s enterprise security arm HP Fortify conducted a series of tests on mobile apps that produced concerning results, almost every app is vulnerable. Mike Armistead, vice president and general manager, Enterprise Security […]
Pierluigi Paganini
November 25, 2013
Security experts Stewart from Dell SecureWorks and independent researcher David Shearhave explored online underground marketplace for stolen data. Digital identity is one of the most attractive goods sold in the underground, to a growing demand coincided with a more structured supply that will satisfy even the most complex requirements. Cybercrime pays and in the majority […]
Pierluigi Paganini
November 24, 2013
A new report based on documents leaked by Snowden revealed that the NSA placed malicious software on more than 50000 networks around the world. The NSA infected more than 50000 networks worldwide with malicious software designed to steal sensitive information. The large-scale cyber espionage operation was revealed once again by documents provided by former NSA […]
Pierluigi Paganini
November 23, 2013
Researcher Irene Abezgauz from the Quotium Seeker Research Center discovered a Facebook flaw that allows anyone to see a profile’s private friend list. Facebook is the privileged target for hackers and cybercriminals, the popular social network is a mine of data that could be used to acquire information on a specific target or to conduct […]
Pierluigi Paganini
November 22, 2013
Trusteer researchers have uncovered a sneaky piece of financial malware, known as i2Ninja, being sold on a Russian cyber crime forum. A new financial malware dubbed i2Ninja menaces banking, despite it has yet to be discovered in the wild, researchers at the IBM company Trusteer have found a sneaky piece of the malicious code on […]
Pierluigi Paganini
November 21, 2013
Imperva experts detected a surge in the exploitation of Jboss Application Server as result of the public disclosure of an exploit code. The cybercrime no stops and this time the alarm is related to a vulnerability in JBoss Application Servers that enable an attacker to remotely get a shell on a vulnerable web server. The concerning […]
