Pierluigi Paganini
May 11, 2014
US DoJ formalized a proposal to allow U.S Federal Agencies to secretly hack suspects’ computers to collect criminal evidence into investigations. The US Justice Department (DOJ) wants secretly hack into the suspected criminalâs computer during investigations at any times in bunches for collection of evidence. The document titled “COMMITTEE ON RULES OFÂ PRACTICE AND PROCEDURE” defines […]
Pierluigi Paganini
May 06, 2014
Discover how it is possible to apply steganography to hide secret messages in common tweets (or any text) with steg.js-of-the-dump. In the past we have discussed many times on the adoption of steganography to hide messages within images and video, a technique exploited also by authors of malware to hide configuration file and command sent by the C&C […]
Pierluigi Paganini
May 05, 2014
Dutch malware detection company RedSocks has issued its first Malware Trend Report related to the malicious code trends observed in the first quarter of 2014. RedSocks, a Dutch malware detection company which provides netflow-based malware detection service, has published its first Malware Trend Report Labs related to the first quarter of 2014. The report provides precious insights into the trends […]
Pierluigi Paganini
April 23, 2014
Eugene Kaspersky explained that SmartTV are vulnerable to malware-based cyber attacks, it’s a question of time to assist a large-scale infection. In the last months we discussed about possible infection through the Internet of Things, in particular, we focused on cyber attacks on home appliances including Routers, SmartTV, refrigerators and ovens. The number of smart devices […]
Pierluigi Paganini
April 23, 2014
Distil Networks security firm has published an interesting report on the Bad Bot Landscape, it is full of data on the evolution of malicious architecture. Surfing on the Internet I have found The Bad Bot Landscape Report Q1 2014 and interesting study issued by the Distil Networks security firm which provides an interesting analysis of botnet evolution detected by the […]
Pierluigi Paganini
April 22, 2014
Security researcher Adam Langley of Google explained the real efficiency of revocation checking in response to OpenSSL heartbeat bug. The Heartbleed bug is a source of great concern for IT industry, every day we discover that the flaw in the OpenSSL library has had a significant impact on Servers, on the mobile industry and on the anonymity […]
Pierluigi Paganini
April 21, 2014
Which are the security improvements in the critical update proposed by criminal ecosystem for P2P Zeus Botnet? Fortinet experts detected and analyzed it. Security experts at Fortinet have uncovered a critical update proposed by criminal ecosystem for P2P Zeus Botnet. The first P2P Zeus variant was uncovered by Trusteer firm a couple of years ago, it was used […]
Pierluigi Paganini
April 20, 2014
Security experts at Mandiant uncovered attackers exploiting the Heartbleed vulnerability to circumvent Multi-factor Authentication on VPNs. We have practically read everything about HeartBleed bug which affects OpenSSL library, we have seen the effects on servers, on mobile devices and also on Tor anonymity, Â now lets focus on the possibility to exploit it to hijack VPN […]
Pierluigi Paganini
April 12, 2014
The US National Security Agency knew for at least two years about the Heartbleed flaw, and exploited it for cyber attacks according Bloomberg. The Internet community was shocked by the disclosure of the Heartbleed flaw, the vulnerability affects OpenSSL library and allows an attacker to reveal up to 64kB of memory to a connected client or […]
Pierluigi Paganini
April 11, 2014
The Heartbleed Bug is probably the most serious menace to the modern Internet, a serious flaw in the popular OpenSSL library that is having a great impact. It’s been just over 48 hours after the disclosure of the news about the Heartbleed vulnerability, the serious flaw which affect OpenSSL library that allows an attacker to reveal […]
