Pierluigi Paganini
December 22, 2014
The annual IT security report issued by the German BSI reported that a sophisticated cyber attack on a steel factory caused severe damage. A cyber attack could cause serious damage to a production plant or a facility, we discussed several times this attack scenario that represents a nightmare for security experts and Intelligence agencies. The […]
Pierluigi Paganini
December 22, 2014
An announcement by the FBI stated the North Korea hacked Sony Pictures, but Pyongyang refused accusations and offered support for the investigation. The cyber attack against Sony Pictures is monopolizing the attention of the media, in particular, the problem of the attribution is hard to solve. The FBI released the findings of its investigation that definitively […]
Pierluigi Paganini
December 20, 2014
USBdriveby is a device designed to quickly and covertly install a backdoor and override DNS settings on an unlocked machine via USB. The security experts Samy Kamkar (@SamyKamkar) has proposed a very interesting way to compromise an unlocked computer and deploy a backdoor on it simply by using a pre-programmed Teensy microcontroller. The cheap ($20) […]
Pierluigi Paganini
December 20, 2014
Security researchers at Google have discovered several serious flaws affecting the NTP protocol, which are remotely exploitable by the attackers. Security experts at Google have uncovered several serious flaws in the Network Time Protocol (NTP), including several buffer overflows that are remotely exploitable. The Network Time Protocol is a networking protocol for clock synchronization between […]
Pierluigi Paganini
December 19, 2014
The security expert Mohamed M.Fouad discovered several critical security vulnerabilities at Glassdoor, which can lead to very harmful impact on all users. The Independent Security Researcher Mohamed M.Fouad has discovered a lot of critical security vulnerabilities at Glassdoor that could lead to very harmful impact on all users. Mohamed M.Fouad an Independent Security Researcher from Egypt. I […]
Pierluigi Paganini
December 18, 2014
More than 12 million devices are vulnerable to a simple attack that could compromise their home routers exploiting a vulnerability called Misfortune Cookie. More than 12 Million Home Routers are affected by a vulnerability called Misfortune Cookie that expose users to the risk of cyber attack. Researchers at Check Point Software Technologies reported the Misfortune Cookie flaw affects millions of devices running […]
Pierluigi Paganini
December 18, 2014
The ICANN organization confirmed that several its systems were compromised via Spear Phishing attack. The company is investigating the case. ICANN revealed the details of a recent spear phishing attack that allowed unknowns to access its network. The attackers spoofed the ICANN domain, and deceived internal staff into revealing their email credentials. The ICANN is the organization […]
Pierluigi Paganini
December 16, 2014
Sony Pictures is adopting various measures to contains damages including a “fighting back” activity against website that share the stolen data. We will talk about the Sony Pictures data breach for a long time, the cyber attacks conducted by the GOP hacking team is causing serious damages to the company. It is early to estimate the overall economic impact […]
Pierluigi Paganini
December 16, 2014
Security experts at Sans Institute discovered a worm which exploits the popular Shellshock flaw to compromise QNAP systems in the wild. Experts at Sans Institute have discovered a new series of attacks in the wild exploiting the Shellshock attack code to compromise disk storage systems made by the Taiwan-based QNAP firm. The threat actors used […]
Pierluigi Paganini
December 15, 2014
A security expert discovered a critical CSRF vulnerability in Blogger.com that allows an attacker to write posts in any blog hosted on the popular platform. The Egyptian security expert Mazen Gamal Mesbah (@MazenGamal) has discovered a critical CSRF (Cross-site request forgery) vulnerability in the free weblog publishing tool Blogger.com. The vulnerability could be exploited by an attacker to write posts […]
