Pierluigi Paganini
November 11, 2019
The Global Cyber Security Center has developed a tool named CERTrating to evaluate the Maturity Level of CERTs and services provided to the Constituency Cyber-attacks that have occurred in recent years have fully confirmed that Cybersecurity is an increasingly complex challenge that represents a priority for all companies both in terms of development and investments. […]
Pierluigi Paganini
March 29, 2019
DISCLOSURE OF COMPANY FACILITATING MASSIVE CYBER ATTACKS AGAINST MORE THAN 20 REGIME CRITICAL PHILIPPINE WEBSITESDISCLOSURE OF COMPANY FACILITATING MASSIVE CYBER ATTACKS AGAINST MORE THAN 20 REGIME CRITICAL PHILIPPINE WEBSITES âWeâre in,â Dr. John Brule said on March 29, 1994, when the Philippine Internet had just been born. 25 years later, a coalition of Philippine media […]
Pierluigi Paganini
October 25, 2016
Kaspersky Lab has launched a new global computer emergency response team (CERT), the Kaspersky Lab ICS-CERT, focusing on industrial control systems (ICS).. Kaspersky has anticipated launching an Industrial Control Systems CERT. Of course, I’m joking, anyway I always sustained that the creation of a similar structure represents an important achievement for the cyber security of any government. Kaspersky […]
Pierluigi Paganini
May 23, 2016
Security experts from Melani published a detailed technical report about the strain of Turla used in the cyberespionage attack against the RUAG firm. A few weeks ago I reported about the cyber espionage attack on the Swiss Defense Department that was revealed after a presentation on cyber espionage to the Federal Intelligence Service. The cyber attack […]
Pierluigi Paganini
April 21, 2016
The Australian government has presented his Cyber Security Strategy and admitted the ability to conduct offensive cyber operations. The Australian Government announced its cyber security strategy that includes AU$230 million spending over four years to improve the resilience to cyber attacks of the national critical infrastructure. The strategy is very complete, it includes defensive aspects […]
Pierluigi Paganini
September 07, 2015
The CERT_org issued an alert on Seagate wireless disks because they contain multiple flaws that could be exploited to download their entire content. CERT.org issued a warning related Seagate wireless disk because they include a hidden login, most exactly a Telnet services that is not documented. This security issue allows anonymous attackers to download every file on […]
Pierluigi Paganini
September 13, 2014
CERT warns that DNS Cache Poisoning attacks could be used also to hijack email to a rogue server and not only to divert the Internet traffic. DNS attacks are very popular in hacking community, they could be run by cyber criminals and state-sponsored hackers for various purposes, including cyber espionage and financially motivated attacks. A DNS […]
Pierluigi Paganini
September 08, 2014
The CERT has published the results of its test conducted on popular Android applications that fail to properly validate SSL certificates. In several posts we have discussed about the improper validation of  SSL certificates made by mobile devices, recently we mentioned the case of the Gmail app for iOS devices which, according to an expert at mobile security […]
Pierluigi Paganini
March 04, 2014
Researchers at Team Cymru published a detailed report on a large scale SOHO pharming attack that hit more that 300,000 devices worldwide. Another mass compromise of small office/home office (SOHO) wireless routers has been uncovered by researchers from security firm Team Cymru. The hackers adopted different techniques to exploit the numerous flaws discovered in the last months […]
Pierluigi Paganini
February 10, 2014
Attackers changed the DNS configuration of vulnerable home routers to conduct man-in-the-middle attacks on a large scale against Polish online banking users. The Polish Computer Emergency Response Team has documented a series of cyber attacks observed in Poland involved cybercriminals hacking into home routers and changing their DNS settings so they can conduct MITM attacks on […]
Data Breach / November 21, 2024
