Pierluigi Paganini
September 15, 2015
Microsoft announced the signing of a Government Security Program (GSP) agreement with the NATO Communications and Information Agency. At NATO’s annual cyber conference early this week, Microsoft announced the signing of an agreement with the NATO Communications and Information Agency that aims to improve cyber security in the EU. “We see this signing as another step […]
Pierluigi Paganini
July 21, 2015
MongoDB administrators have exposed something like 595.2 terabytes of data by using bad poor configurations, or un-patched versions of the MongoDB. John Matherly, the creator of Shodan, the marvelous search engine for connected devices, revealed that many MongoDB administrators have exposed something like 595.2 terabytes of data by using bad poor configurations, or un-patched versions […]
Pierluigi Paganini
March 06, 2015
The increasing number of cyber incidents along with a significant improvement of TTP adopted by threat actors requests the adoption of a cyber hygiene. The rate of data breaches are increasing drastically throughout the year. Cyber-attacks could cause severe disruption to a company’s business functions or operational supply chain, impact reputation, compromise customer information or […]
Pierluigi Paganini
February 22, 2015
The Us Justice Department’s proposal to grant FBI Rule 41 specific hacking rights is under high scrutiny. While the amendment is being reviewed, the Advisory Committee on Criminal Rules will consider public objections, including a letter from Google. The amendment to the Federal Rule of Criminal Procedure 41 (Rule 41) would expand jurisdiction for judges to […]
Pierluigi Paganini
February 18, 2015
The National Institute of Information and Communications Technology revealed that more than 25 billion cyberattacks hit systems in Japan during 2014. I decided to write this post to highlight the importance of a cybersecurity posture for any government. When the majority of people thinks to cybersecurity, has no idea of principal cyber threats and their […]
Pierluigi Paganini
February 14, 2015
The US President Obama has recently announced a new Executive Order Promoting Private Sector Cybersecurity Information Sharing. Cyber security is a primary goal for the President Obama’s administration, aligned with national cyber strategy, the American President has signed a new Executive Order to promote the sharing of cyber threat information among private sector organizations and […]
Pierluigi Paganini
January 12, 2015
The US Energy Department issued the guidance “Energy Sector Cybersecurity Framework Implementation Guidance” for organizations operating in the industry. The Energy industry is constantly under attack, the number of hacking campaigns that are targeting the sector is increasing exponentially. Energy companies and utilities have to adopt a proper cyber security posture in order to mitigate the […]
Pierluigi Paganini
April 01, 2014
Israeli researcher Danor Cohen has discovered a security flaw in WinRAR, IntelCrawler confirmed was exploited in cyber espionage campaign. WinRAR is a popular shareware file archiver and data compression utility, as usual these applications are targeted by hackers because their penetration level. Recently the Israeli researcher Danor Cohen has discovered that a security flaw in WinRAR is being exploited in a series […]
Pierluigi Paganini
March 12, 2014
Sucuri firm detected a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect amplification vectors. The security community is threatened by a new botnet composed at least 162,000 WordPress-powered websites abused to run DDoS attacks. The technique of attack allows to flood a target with requests sent by WordPress servers that received a […]
Pierluigi Paganini
March 09, 2014
Security expert Dancho Danchev profiled a recently released DNS amplification DDoS service available for sale in the underground. Recently the cyber security expert Dancho Danchev profiled new DNS amplification DDoS bot available in the underground, a privileged attack tool for the criminal ecosystem. DDoS attacks observed last year were characterized by an increased magnitude because attackers adopted new techniques […]
