Pierluigi Paganini
January 08, 2016
The Russian Sandworm APT group if the first suspect for the Ukrainian power outage, states experts at eiSight Partners. According to a report published by experts at eiSight Partners the cyber attack against a Ukraine power station has been managed by a Russian group called Sandworm. A few days ago experts at ESET reported the existence of a […]
Pierluigi Paganini
January 08, 2016
When it comes to securing homes and businesses, a security camera is a privileged solution but it paradoxical is exposing users to further risks. A new study made by researchers from NowSecure shows that IoT vendors have yet a lot to learn in terms of security, often doing many mistakes in that area. In the […]
Pierluigi Paganini
January 08, 2016
The TV cable and Internet service provider Time Warner Cable is warning customers their emails and passwords may have been exposed. Nearly 320,000 of the TV cable and Internet service provider Time Warner Cable customers urge to change their passwords for the email account. The measure has been requested by the company in response to alleged unauthorized […]
Pierluigi Paganini
January 07, 2016
Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. In late December, security experts at Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. “ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in […]
Pierluigi Paganini
January 07, 2016
IOActive has uncovered a number of serious vulnerabilities affecting the Drupal CMS that could be exploited to completely takeover the vulnerable websites. A new vulnerability affecting Drupal could be exploited for code execution and database credentials theft (by Man-in-the-Middle), according to Fernando Arnaboldi, a senior security consultant working in IOActive. Fernando Arnaboldi says that the […]
Pierluigi Paganini
January 07, 2016
Silent Circle released an update for its Blackphone 1 that fixes a critical flaw in the modem. Silent Circle has released an update for its Blackphone device that fixes several security vulnerabilities, including a flaw in its modem (CVE-2015-6841) that could have been exploited by threat actors to gain full control of the mobile device. […]
Pierluigi Paganini
January 06, 2016
Security experts from SCADA StrangeLove group disclosed SCADAPASS, a list of default credentials for ICS and SCADA systems. Recently I wrote about the SCADA StrangeLove research team reporting their study on the level of cyber security implemented in modern railroad systems . Now the SCADA StrangeLove group has published a list of default credentials, dubbed “SCADAPASS,” associated with industrial […]
Pierluigi Paganini
January 06, 2016
The US Government issued a final rule implementing the Executive Order 13694. US can apply economic sanctions in response to cyber attacks. According to a final rule published in the Federal Register on the last day of 2015 (Dec. 31, 2015),  US can now apply economic sanctions in response to cyber attacks. The US Government assigned to […]
Pierluigi Paganini
January 06, 2016
The zero-day exploit broker Zerodium is offering up to $100,000 to security experts who can provide an exploit for bypassing the Flash heap isolation. Once again, the zero-day exploit trader Zerodium is in the headlines, this time the company is offering $100,000 for the Flash Exploit Mitigation bypass. Adobe announced in December the introduction of several Recently Adobe […]
Pierluigi Paganini
January 03, 2016
Alleged Turkish hackers have taken over the Russian Communications and Mass Media Minister Nikolai Nikiforov’s Instagram account. Events in the cyberspace are strictly correlated with facts in the real life, in many cases, disputes between countries are associated with numerous cyber events that could be analyzed by intelligence analysts. The recent crisis in Crimea between Russia and Ukraine is just […]
