Pierluigi Paganini
May 08, 2014
The Ponemon Institute has issued its ninth annual report ” Cost of Data Breach Study “, an analysis on the economic impact of data breaches. The Ponemon Institute has issued its annual report “Cost of Data Breach Study,”, a study on the economic impact of data breaches. The Cost of Data Breach Study is sponsored by IBM, […]
Pierluigi Paganini
May 07, 2014
French telecom giant Orange has suffered the second data breach of the year on April 18th. Hackers violated its website stealing 1,3 customer records. Orange company was hit again by hackers, client database was breached by unknown attackers which have stolen the personal information on 1.3 million customers. According first news on the incident the hackers […]
Pierluigi Paganini
May 06, 2014
The NSA used the twitter account to send an encoded message that has created the chaos on The Internet. The mystery was solved soon … what’s happening? The NSA has started a bit of a Tweet-storm, this morning the followers of the NSACareers Twitter account noticed a curious cryptic message sent from the careers account of the Agency. Coincidentally, […]
Pierluigi Paganini
May 06, 2014
Discover how it is possible to apply steganography to hide secret messages in common tweets (or any text) with steg.js-of-the-dump. In the past we have discussed many times on the adoption of steganography to hide messages within images and video, a technique exploited also by authors of malware to hide configuration file and command sent by the C&C […]
Pierluigi Paganini
May 05, 2014
Technion students Find a security vulnerability in the Internet DNS protocol which allows the attackers to redirect users to a website they control. A significant new security vulnerability has been found in the DNS protocol by a group of Israeli students from the Technion’s Department of Computer Sciences. After the Heartbleed case and the assumptions […]
Pierluigi Paganini
May 04, 2014
Expert at Trustwave explained the tactics adopted by cyber criminals how to serve malware in phishing attacks exploiting .lnk files. Phil Hay, expert at Trustwave SpiderLab, explained how cyber criminals are using .lnk files to serve malware via email. I have chosen to detail this tactic to demonstrate how much creative is the criminal ecosystem, even if it […]
Pierluigi Paganini
May 03, 2014
Covert Redirect vulnerability is the security flaw in the open standards for authorization OAuth and OpenID that is menacing IT industry. Another security flaw in the open standards for authorization OAuth and OpenID is scaring IT industry. Just a few weeks after the disclosure of the Heartbleed vulnerability, another major flaw was discovered in the open […]
Pierluigi Paganini
May 02, 2014
Security Experts at PhishLabs revealed that a vishing campaign targeted banking industry to harvest credit/debit card data from customers. The security firm PhishLabs revealed that numerous US banks are victims of a recent Vishing (VoIP-based phishing) campaign that is targeting the payment card information of up to 250 Americans per day. Assuming that the withdrawal limits on ATM […]
Pierluigi Paganini
May 02, 2014
Security Researcher Andreas Kurtz noticed that email attachments within different iOS versions are not protected by Apple’s data protection mechanisms. Mobile platform security is becoming even more crucial due to the large number of applications daily used by billion of users, but we must be aware of security flaws that could also affect the mobile OS. […]
Pierluigi Paganini
May 01, 2014
Security Experts at Symantec discovered scammers are exploiting Facebook users’ intention to hack friends’ account to compromise their profile. Symantec has discovered a new insidious scam against Facebook users, scammers targeted the social media users proposing a bogus Facebook hacking tool that promises to give the access to their friends’ accounts … unfortunately the unique account hacked is the […]
APT / February 05, 2026
