Pierluigi Paganini
September 20, 2014
The Egyptian hacker Ebrahim Hegazy has discovered a critical Yahoo SQL Injection flaw exploitable to Remote Code Execution and privilege escalation. My readers know very well the Egyptian hacker Ebrahim Hegazy, he is a great security expert and a friend of mine, which disclosed numerous critical flaws in most popular web services, including Microsoft, Yahoo and Orange. […]
Pierluigi Paganini
September 19, 2014
ICS-CERT issued a security advisory for the existence of vulnerabilities in a variety of Schneider Electric StruxureWare SCADA Expert ClearSCADA versions. According to a recent advisory issued by the ICS-CERT (ICSA-14-259-01) several Electric’s StruxureWare SCADA Expert ClearSCADA are affected by different vulnerabilities. The independent researcher Aditya Sood has discovered a weak hashing algorithm and CSRF vulnerability in […]
Pierluigi Paganini
September 18, 2014
A report issued by the Senate Armed Services Committee reveals alleged Chinese hackers conducted dozens of cyber attacks on US defense contractors. A study conducted by the Senate Armed Services Committee discovered that hackers gained access to the systems run by US defense contractors work for the US Transportation Command (TRANSCOM). The Senate study released […]
Pierluigi Paganini
September 18, 2014
Using the proper surveillance systems available on the market it is easy and quick to track cellphone and the movements of targets everywhere on the globe. We recently discussed the decision of Wikileaks to publish copies of the criticized surveillance software FinFisher, highlighting the dangers for the militarization of the cyberspace and in particular for […]
Pierluigi Paganini
September 17, 2014
A serious flaw vulnerability has been discovered in the default browser on a large number of Android devices that allows to bypass the Same Origin Policy. A critical flaw has been discovered in the Web browser installed by default on the majority of Android mobile devices, it has been estimated that nearly 70 percent of the […]
Pierluigi Paganini
September 17, 2014
WikiLeaks has published copies of the criticized FinFisher surveillance software, claiming that the malware is sold to the most “abusive” regimes in the world. Copies of the surveillance software “FinFisher” were made available for public scrutiny by WikiLeaks early this week. The international, online journalistic organization has decided to publish the public disclose the criticized software online to allow […]
Pierluigi Paganini
September 16, 2014
An Egyptian security researcher has discovered a critical flaw in Twitter platform which allows an attacker to delete credit cards from Any Twitter Account. The Egyptian Security Researcher, Ahmed Mohamed Hassan Aboul-Ela has discovered a critical vulnerability in Twitter’s advertising service that allowed an attacker to delete credit cards from any Twitter account. Ahmed Mohamed Hassan Aboul-Ela […]
Pierluigi Paganini
September 14, 2014
Extremists groups of ISIS and Al Qaeda are ramping up efforts to launch major cyber attacks on Western Critical Infrastructure to set up digital Caliphate. In time I’m writing the ISIS has released a new video purporting to show the beheading of British hostage David Haines, the group has started again to flood the social media […]
Pierluigi Paganini
September 13, 2014
CERT warns that DNS Cache Poisoning attacks could be used also to hijack email to a rogue server and not only to divert the Internet traffic. DNS attacks are very popular in hacking community, they could be run by cyber criminals and state-sponsored hackers for various purposes, including cyber espionage and financially motivated attacks. A DNS […]
Pierluigi Paganini
September 13, 2014
A Brazilian newspaper’s website has been hacked to serve a malware that tries to change the victim’s router DNS settings brute forcing the admin panel. A Brazilian political newspaper’s website has been compromised with malware that tries to change the victim’s router DNS settings. The security firm Securi has published a blog post on a […]
