Pierluigi Paganini
January 09, 2016
The  hacking group New World Hacking that claimed the responsibility for the BBC attack revealed that the DDoS attack reached the 602 GBps. On December 31th, the BBC website and iPlayer service went down due to a major âdistributed denial of serviceâ attack.â The attack started at 0700 GMT and paralyzed the websites for more than […]
Pierluigi Paganini
January 08, 2016
The Russian Sandworm APT group if the first suspect for the Ukrainian power outage, states experts at eiSight Partners. According to a report published by experts at eiSight Partners the cyber attack against a Ukraine power station has been managed by a Russian group called Sandworm. A few days ago experts at ESET reported the existence of a […]
Pierluigi Paganini
January 08, 2016
When it comes to securing homes and businesses, a security camera is a privileged solution but it paradoxical is exposing users to further risks. A new study made by researchers from NowSecure shows that IoT vendors have yet a lot to learn in terms of security, often doing many mistakes in that area. In the […]
Pierluigi Paganini
January 08, 2016
The TV cable and Internet service provider Time Warner Cable is warning customers their emails and passwords may have been exposed. Nearly 320,000 of the TV cable and Internet service provider Time Warner Cable customers urge to change their passwords for the email account. The measure has been requested by the company in response to alleged unauthorized […]
Pierluigi Paganini
January 07, 2016
Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. In late December, security experts at Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. “ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in […]
Pierluigi Paganini
January 07, 2016
IOActive has uncovered a number of serious vulnerabilities affecting the Drupal CMS that could be exploited to completely takeover the vulnerable websites. A new vulnerability affecting Drupal could be exploited for code execution and database credentials theft (by Man-in-the-Middle), according to Fernando Arnaboldi, a senior security consultant working in IOActive. Fernando Arnaboldi says that the […]
Pierluigi Paganini
January 07, 2016
Silent Circle released an update for its Blackphone 1 that fixes a critical flaw in the modem. Silent Circle has released an update for its Blackphone device that fixes several security vulnerabilities, including a flaw in its modem (CVE-2015-6841) that could have been exploited by threat actors to gain full control of the mobile device. […]
Pierluigi Paganini
January 06, 2016
Security experts from SCADA StrangeLove group disclosed SCADAPASS, a list of default credentials for ICS and SCADA systems. Recently I wrote about the SCADA StrangeLove research team reporting their study on the level of cyber security implemented in modern railroad systems . Now the SCADA StrangeLove group has published a list of default credentials, dubbed âSCADAPASS,â associated with industrial […]
Pierluigi Paganini
January 06, 2016
The US Government issued a final rule implementing the Executive Order 13694. US can apply economic sanctions in response to cyber attacks. According to a final rule published in the Federal Register on the last day of 2015 (Dec. 31, 2015),  US can now apply economic sanctions in response to cyber attacks. The US Government assigned to […]
Pierluigi Paganini
January 06, 2016
The zero-day exploit broker Zerodium is offering up to $100,000 to security experts who can provide an exploit for bypassing the Flash heap isolation. Once again, the zero-day exploit trader Zerodium is in the headlines, this time the company is offering $100,000 for the Flash Exploit Mitigation bypass. Adobe announced in December the introduction of several Recently Adobe […]
