Pierluigi Paganini
December 18, 2013
In this post I’ll review a book called Becoming Resilient: The Definitive Guide to ISO 22301 Implementation from my friend Dejan Kosutic that describes how to implement business continuity according to this international standard. At first sight, business continuity may not have a direct relationship with information security, but this is not so – business […]
Pierluigi Paganini
December 18, 2013
Adallom demonstrated that exploiting an Office 365 Token Disclosure Vulnerability an attacker can steal organisations SharePoint credentials. Adallom chief software architect Noam Liran published a very interesting post on a severe Office 365 Token Disclosure Vulnerability, the researcher demonstrated how an attacker can steal Microsoft Office 365 credentials if victims host a Word document on their […]
Pierluigi Paganini
December 17, 2013
During a CBS Interview show “60 Minutes”, The NSA Director General Alexander and the Information Assurance Director Plunkett claimed a foreign government has developed a BIOS based malware that can remotely destroy any computer. Senior National Security Agency (NSA) officials have revealed to CBS American television newsmagazine “60 Minutes” that a foreign government has tried […]
Pierluigi Paganini
December 16, 2013
KrebsOnSecurity has discovered an unusual botnet that disguises itself as a legitimate add-on for Mozilla Firefox to perform website vulnerability scanning. Krebson security blog posted an interesting article on a new concerning botnet infected more than 12,500 systems disguises itself as a legitimate add-on for Mozilla Firefox to hack websites on a large scale. The botnet, […]
Pierluigi Paganini
December 16, 2013
Interview with the security experts Andrey Komarov and Dan Clements of IntelCrawler to analyze significant evolutions in the cyber-threat landscape. Today I desire to propose an interview with Andrey Komarov, CEO of IntelCrawler and Dan Clements, President of IntelCrawler. IntelCrawler is a multi-tier intelligence aggregator, which gathers information and cyber prints from a starting big […]
Pierluigi Paganini
December 16, 2013
Incapula security firm published a new report on the analysis of website traffic evidencing the increment for malicious activities. Researchers at the Incapsula security firm have published a new study on the nature of website traffic, early 2013 the company revealed that 51% of the overall traffic was generated by non-human entities and 60% of […]
Pierluigi Paganini
December 15, 2013
Do users know that Facebook analyzes everything they type and not publish (self-censorship content)? Why Facebook does not consider it a privacy violation? Recent revelations on the NSA surveillance programs have raised many questions in user’s mind on the real roles of companies such as Facebook and Google, how do they manage users’ data and […]
Pierluigi Paganini
December 13, 2013
DARPA has launched the Crowd Sourced Formal Verification, it creates a set of games that search for software vulnerabilities involving volunteer gamers. The US Department of Defense Is evaluating the use of video games for finding software vulnerabilities with the collaboration of a network of volunteers. The idea is revolutionary, the support offered to DoD […]
Pierluigi Paganini
December 12, 2013
ENISA releases the ENISA Threat Landscape 2013, it a collection of information on top cyber-threats that have been assessed in the reporting period. The European Network and Information Security Agency (ENISA) published the ENISA Threat Landscape 2013 report, a document that was annually issued to analyze significant evolutions in the cyber-threat landscape. The ENISA has […]
Pierluigi Paganini
December 12, 2013
Researchers at ReVuln demonstrated how gain the control of an entire render farm exploiting the vulnerability affecting NVIDIA mental ray. Researchers at ReVuln recently published a paper that details a vulnerability affecting NVIDIA mental ray which allows an attacker to take control over a mental ray based render farm. Probably not all know what is […]
