Pierluigi Paganini
March 20, 2015
China has admitted the existence in its military organization of special information warfare units, I contacted one of the greatest experts for a comment. Bill Hagestad (Red-DragonRising @RedDragon1949) is a consultant, speaker and expert on Chinese cyber warfare. He is author of 21st Century Chinese Cyberwarfare and Chinese Information Warfare Doctrine Development 1994 – 2014 among […]
Pierluigi Paganini
March 20, 2015
For the first time China has publicly admitted the existence in its military organization of special information warfare units. Since quite some time that security experts sustain that China has one of the most advanced cyber army that is responsible for carried some of the highest profile cyber-attacks, but the Government of Beijing China always […]
Pierluigi Paganini
March 20, 2015
The Drupal team issued an update to fix a flaw that allows attackers reset password by crafting URLs under certain circumstances. Security experts discovered two critical vulnerabilities in Drupal CMS, one of them is an Access bypass (Password reset URLs) vulnerability that could be exploited to forge Password Reset URLs. “Password reset URLs can be forged […]
Pierluigi Paganini
March 18, 2015
US health insurer Premera Blue Cross announced its network had been hacked, potentially exposing data from 11 million individuals. A few weeks after the disclosure of the data breach suffered by from Anthem Blue Cross, which exposed 80 million customer records, another US health insurer was victim of a major attack that is affecting 11 Million customers […]
Pierluigi Paganini
March 18, 2015
DLL hijacking is not a prerogative for Windows systems, it is a common hacking technique that is very effective against OS X based machines. As you may know, DLL hijacking it’s something that its around since around 2000 and allows hackers to exploit a machine with a vulnerable application ( just one of the possibilities […]
Pierluigi Paganini
March 17, 2015
Yahoo announced its new on-demand password feature that lets users into login in their account with a code sent to their mobile phone. Yahoo has announced a new Password-Free login feature to let users access their account without the need for a password. When users will sign in his account, an on-demand password is sent to a […]
Pierluigi Paganini
March 16, 2015
DHS ICS-CERT MONITOR report reveals that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities. The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report According to the report, the Industrial Control Systems […]
Pierluigi Paganini
March 15, 2015
Adobe released security updates for Adobe Flash Player to fix 11 Critical Vulnerabilities, most of them Remote Code Execution flaws. Adobe has issued a critical update for the Flash Player product that fixes set of 11 critical security vulnerabilities in its software. The update is classified as critical because most of the security flaws could […]
Pierluigi Paganini
March 13, 2015
A security bulletin recently released by Microsoft addresses the LNK flaw that was exploited by Stuxnet and that we have wrongly considered patched since 2010. If you followed IT in the last years, you might remember that Stuxnet was discovered around mid-2010 and at the time it was used against the Iranian nuclear program. The […]
Pierluigi Paganini
March 12, 2015
A security researcher has discovered two different reflected file download flaws in Facebook that could be exploited to hit its users. Security researcher David Sopas from WebSegura has discovered a couple of security flaw in Facebook that could be exploited by an attacker respectively to upload an arbitrary file to the social network or to gain control […]
APT / February 05, 2026
