Pierluigi Paganini
January 22, 2015
Narendra Shinde of Qualys Security has identified multiple vulnerabilities in Schneider Electric’s ETG3000 FactoryCast HMI Gateway. ICS-SCADA systems are critical components of for our society, they are often vital system inside critical infrastructure, but we still continue to discover naive vulnerabilities in the software they run. The latest surprising discovery was made by security experts […]
Pierluigi Paganini
January 21, 2015
Ubuntu has released several patches for security vulnerabilities in different versions of the OS, including some CSRF, DoS and remote code execution flaws. Ubuntu has patched several security vulnerabilities that affect different OSs, some of them are affecting Thunderbird client included in Ubuntu release and could be exploited to remotely run arbitrary code. Thunderbird is a popular Mozilla […]
Pierluigi Paganini
January 21, 2015
Researchers have presented the TURNIPSCHOOL project and other activities that replicate NSA surveillance implants with cheaper and off the shelf components. In December 2013, the popular cyber security expert Jacob Appelbaum, with the support of Der Spiegel news agency, disclosed the NSA’s catalog of surveillance. “Germany’s Der Spiegel has published another disturbing article on the NSA surveillance activities, the […]
Pierluigi Paganini
January 20, 2015
A security expert discovered a cross-site request forgery (CSRF) flaw to take over domains registered with GoDaddy, the company has already fixed it. The security engineer Dylan Saccomanni discovered a critical cross-site request forgery (CSRF) vulnerability in GoDaddy domain management console that could be exploited by attackers to take over domains. The vulnerability was discovered on January 17 […]
Pierluigi Paganini
January 20, 2015
A security researcher demonstrated that “car hacking” is reality through the exploitation of vulnerable Can Insurance Dongle. Million vehicles at risk. Car hacking is a reality, we have discussed the topic several times and we have learned that modern vehicles have a complex internal networking infrastructure that could be subject to cyber attacks. The news […]
Pierluigi Paganini
January 20, 2015
GreatFire revealed that the popular Microsoft Outlook emailing service was subjected to a man-in-the-middle (MITM) attack in China. This time the popular Outlook email service was allegedly hacked by Chinese authorities. The Outlook email service was not reachable in China over the weekend and according the to experts at the GreatFire organization, Chinese Government run a man-in-the-middle […]
Pierluigi Paganini
January 19, 2015
Database of the Lizard Stresser DDoS tool proposed by the Lizard Squad was leaked on like revealing that the group stored client’s credential in plaintext. Last week the another alleged member of the popular Lizard Squad was arrested by UK authorities, the British Police in collaboration with the FBI identified a 18-year-old boy that is […]
Pierluigi Paganini
January 18, 2015
A new collection of document examined by Der Spiegel magazine reveals that the NSA is now preparing for future dominance in cyberspace. Snowden‘s revelations on mass surveillance by the NSA have shocked the IT industry, but experts say the worst is yet to come. The NSA is working to significantly evolve its methods in relation […]
Pierluigi Paganini
January 18, 2015
The Spanish security researcher Eduardo Novella has disclosed details of two critical vulnerabilities affecting a specific ADB Pirelli home wireless router. The security researcher at Dutch security audit firm Fox-IT, Eduardo Novella, has discovered two critical vulnerabilities affecting a model of ADB Pirelli home wireless router. Novella decided to publicly disclose the vulnerabilities because the […]
Pierluigi Paganini
January 16, 2015
Google Project Zero team disclosed a new unpatched flaw affecting Windows 8.1 systems, the cyber security community is divided between those for and against. The Google Project Zero team has disclosed the details of two more unpatched Windows vulnerabilities due to its disclosure policy. Google has released the details of another Windows vulnerability that Microsoft failed to fix […]
