Pierluigi Paganini
October 12, 2015
US Ports are still vulnerable to cyber attacks that release dangerous chemicals, cybersecurity in the maritime industry is crucial for Homeland security. Critical infrastructure across the world are vulnerable to cyber attacks, this is not novelty, but it is interesting to explore how many infrastructure is open to hacking assaults. US ports are also vulnerable to cyber […]
Pierluigi Paganini
October 12, 2015
Apple has removed mobile apps from the iOS Apple store that are installing root CA certificates that enable traffic to be intercepted. Apple has pulled several apps out from the official iOS App Store over SSL/TLS security concerns, this means that the security issues could allow threat actors to compromise encrypted connections between the servers […]
Pierluigi Paganini
October 11, 2015
For the first time, hackers have been arrested in China by law enforcement at the behest of the US government. Is it true cooperation? It is probably the first time that Chinese authorities have arrested hackers in China following a request of the US Government. Two weeks, before the visit of the Chinese President Xi Jinping in the […]
Pierluigi Paganini
October 10, 2015
Security experts at Sucuri have uncovered threat actors abusing an XML-RPC method to run Brute-Force amplification attacks on WordPress websites. According to the experts at security firm Sucuri, threat actors are exploiting the XML-RPC protocol implemented by WordPress and other popular content management systems to run brute-force amplification attacks. The XML-RPC protocol allows users to […]
Pierluigi Paganini
October 09, 2015
The vulnerability allows a local unprivileged user of a Windows guest to gain Local and/or Domain Administrator access when VeeamVixProxy is active, the de-facto default in VMWare and Hyper-V environments. Pasquale `sid` Fiorillo, Francesco `ascii` Ongaro from ISGroup, an Italian Security firm, and Antonio `s4tan` Parata from ush team, have just released a critical security […]
Pierluigi Paganini
October 09, 2015
Experts at Volexity discovered a hacking campaign targeting the CISCO WebVPN VPN product, attackers aim to steal corporate login credentials. A virtual private network (VPN) allows to extend a private network across a public connection, they are mainly used to protect users’ privacy and improve security for data in transit. Virtual Private Networks are commonly used many companies and organizations […]
Pierluigi Paganini
October 09, 2015
The findings of the investigation conducted by Uber on the recent security breach raise doubts on the alleged involvement of a competitor, the Lyft. The findings of the investigation conducted by Uber on the recent security breach that exposed details of its drivers, seems to confirm the involvement of a competitor, the Lyft. On May 2014, […]
Pierluigi Paganini
October 08, 2015
Researcher with the pseudonym of “Alister Maclin” claims to be able to break Bitcoin network on demand by running the malleability attack. According to MotherBoard, a researcher with the pseudonym of “Alister Maclin” claims to be able to break Bitcoin on demand. The experts detailed a technique of attack dubbed malleability attack that could allow attackers […]
Pierluigi Paganini
October 07, 2015
A group of researchers from the iTrust has demonstrated how to use a Drone to intercept wireless printer transmissions from outside an office building. Recently I wrote a blog post on the Infosec Institute titled “Modern Physical Security Awareness Is More Than Dumpster Diving” where I explain how the concept of physical security is evolving […]
Pierluigi Paganini
October 07, 2015
Experts at Kaspersky have discovered that Winnti Group has enhanced its attack platform infecting organizations in South Korea, UK and Russia. In 2013, security experts at Kaspersky Lab uncovered a cyber espionage that targeted the gaming industry with a malware signed with a valid digital certificate. The threat actor behind the campaign was dubbed the Winnti group, […]
APT / February 05, 2026
