Pierluigi Paganini
April 13, 2014
A Team of researchers discovered a critical XML External Entity (XXE) vulnerability on Google server that allows an attacker to access any internal file. A group of researchers has discovered a critical vulnerability Google search engine that could allow an attacker to access the internal files of the production Google server. I desire to describe this […]
Pierluigi Paganini
April 13, 2014
CISCO and BlackBerry started to evaluate the impact of Heartbleed vulnerability on their products … unfortunately,the list of affected solutions is long. So far we have discussed the Heartbleed vulnerability by not investigating which are the products on the market that really are suffering it. We realized that the Heartbleed vulnerability potentially allows any attacker to access […]
Pierluigi Paganini
April 12, 2014
The US National Security Agency knew for at least two years about the Heartbleed flaw, and exploited it for cyber attacks according Bloomberg. The Internet community was shocked by the disclosure of the Heartbleed flaw, the vulnerability affects OpenSSL library and allows an attacker to reveal up to 64kB of memory to a connected client or […]
Pierluigi Paganini
April 11, 2014
Mandiant has released its annual M-Trends 2014 Threat Report, a document that analyzes actors, means and motivations behind attacks observed in 2013. Mandiant FireEye company has released a new detailed report titled “M-Trends 2014 Threat Report” describing actors, means and tactics behind principal attacks conducted in the recent months. The report consolidated data on principal cyber […]
Pierluigi Paganini
April 11, 2014
The Heartbleed Bug is probably the most serious menace to the modern Internet, a serious flaw in the popular OpenSSL library that is having a great impact. It’s been just over 48 hours after the disclosure of the news about the Heartbleed vulnerability, the serious flaw which affect OpenSSL library that allows an attacker to reveal […]
Pierluigi Paganini
April 10, 2014
Security Blogger Guya discovered a new Google Chrome eavesdropping bug that allows websites to listen to user private conversations. A second security eavesdropping flaw has been found in Google Chrome browser, a security blogger named Guya has made the alarming discovery. The security blogger discovered that an attacker exploiting the vulnerability in Google Chrome could transform the […]
Pierluigi Paganini
April 10, 2014
According principal security firms, extortion, ransom and blackmail are pillars of illicit activities, cyber criminals are adapting them to the cyber context. Extrotion is becoming a worrying inclination in the cyber criminal ecosystem, the number of targeted attacks that request money in change of a suspension of the hostilities and to give back to the victims […]
Pierluigi Paganini
April 09, 2014
Symantec has issued The Internet Security Threat Report, a document which provides an overview and analysis of global threat evolution in 2013. Security experts are observing a significant increase in the number of targeted cyber-attacks, it has been estimated that the growth is by 91 per cent in 2013 respect previous year, but most concerning […]
Pierluigi Paganini
April 09, 2014
BlackBerry issued an alert on a remote code execution vulnerability in qconnDoor service that affects BlackBerry 10 smartphones. A recent BlackBerry Security Advisory informed users of the existence of a remote code execution vulnerability (CVE-2014-1468) that affect BlackBerry 10 smartphone running OS versions earlier than version 10.2.0.1055. As described in the advisory the attackers could exploit the vulnerability sending […]
Pierluigi Paganini
April 08, 2014
The Heartbleed Bug is a serious flaw in the popular OpenSSL library that allows an attacker to reveal up to 64kB of memory to a connected client or server. Experts which provide maintenance to OpenSSL library have patched a serious vulnerability (CVE-2014-0160) that allows an attacker to gain the access to 64 KB of memory […]
