cyber threats

Pierluigi Paganini April 04, 2012
1-day exploits,Binary Diffing & patch management.The side threats

Recently ESET security firm has reported the latest version of the Blackhole exploit kit that has been updated to include a new exploit for the Java CVE-2012-0507 vulnerability.  The exploit was discovered for the first time on 7.03.2012 and it first detections were dated on March 12, 2012 and today a public module for Metasploit […]

Pierluigi Paganini April 03, 2012
Cyber Weapons

Article Published on The Hacker New Magazine – April Edition “Cyber_Warfare” First let’s try to provide a definition of cyber-weapon, to do this I get inspiration from an article written by experts Thomas Rid and Peter McBurney. Correctly define cyber weapon has significant legal and political consequences as well as the security itself. The line […]

Pierluigi Paganini April 03, 2012
UPGRADE – VISA, MASTERCARD and GPN breach

The day is come, yesterday morning as planned Global Payments Inc., the Atlanta-based credit and debit card processor that recently announced a breach that exposed fewer than 1.5 million card accounts, held a conference call to discuss about the breach and its impacts. Again Krebson Security Blog is the more accredited source in my opinion, they […]

Pierluigi Paganini April 02, 2012
Chinese hackers & Operation ‘Luckycat’ against Japan, Tibet and India

Recently experts monitored several targeted attacks against Tibetan activist organizations including the International Campaign for Tibet and the Central Tibet Administration. Researchers suspect the involvement of China and on groups of hackers sponsored by the Beijing government. In multiple cases, we have seen how the Chinese government promotes and supports from the economic point of view […]

Pierluigi Paganini March 29, 2012
Duqu – Cyber weapons factory still operating … it’s just the beginning

We all remember the decision of the western states to prohibit the sale of anti-virus systems to Tehran, penalties determined to thwart the development of Iran’s nuclear program. A predictable decision that haven’t created any problem the state that seems has developed a new antivirus program to immunize the systems from the notorious Stuxnet virus. […]

Pierluigi Paganini March 28, 2012
Japan and the privacy contradictions

The massive use of new technologies has often raised thorny questions about the privacy of network users. The most difficult issue to resolve in the necessary to reach a compromise to assure the users requirements of security and privacy. The debate generates heated arguments, confusion and sometimes decisions in apparent contrast. In Japan, to the multinational […]

Pierluigi Paganini March 27, 2012
Huawei – Symantec, broken join venture and the fear on chinese firms

Huawei – Symantec joint venture is ended because the US firm feared business repercussion for the collaboration with the Chinese giant It’s official, the joint venture between Symantec and Huawei Technologies is ended because the American IT security firms feared that the collaboration with the Chinese telecommunications producer could have a sensible impact on its business. […]

Pierluigi Paganini March 26, 2012
Reflections on the Zero-Days Exploits market starting from Forbes’s article

The news that I wish discuss was published on the website of Forbes magazine, titled “Shopping For Zero-Days: A Price List For Hackers’ Secret Software Exploits“,  that focuses on the commercial value of the vulnerability of popular applications. Time ago the figure of the hacker was recognized mainly as a researcher interested to measures its skills […]

Pierluigi Paganini March 25, 2012
US Experts say: Government Networks constantly hacked

For years, we have discussed the importance of appropriate cyber strategy and the necessity to preside over the main critical infrastructures to defend them from cyber threats of any kind and in our imagination we have always considered the US as a country at the forefront. While the cyber security experts analyze the progress made […]

Pierluigi Paganini March 23, 2012
Social networks & Deactivated Friend Attack, the cybercrime paradise

A few days ago I wrote about the dangers relating to a not careful attendance of social networks, powerful platforms and privileged communication tools, the subject of increasing interest of cybercrime. Many possibilities for attack across these platforms, from social engineering to cyber espionage, not forgetting the spread of all types of malware. Endless audiences […]