Hacking

Pierluigi Paganini June 01, 2015
Mac zero-day makes rootkit infection very easy

A security researcher discovered a zero-day vulnerability in many Mac firmware that could allow an easy installation of an EFI rootkits. The cyber security expert Pedro Vilaça has discovered a low-level zero-day vulnerability in Apple Mac systems that could be exploited by privileged users to more install an EFI rootkits. Vilaça explained that the attack is […]

Pierluigi Paganini June 01, 2015
Google blocks Chrome extensions out of the official Store

The use of malicious Chrome extensions in the criminal ecosystem, so Google decided to restrict the use of extensions not available on the Chrome Web Store. The use of malicious Chrome extensions in the criminal ecosystem, so Google decided to restrict the use of extensions not available on the Chrome Web Store. With new policies […]

Pierluigi Paganini June 01, 2015
US financial industry moves under a rising wave of Cyberattacks and Zero-Day threats on I.R.S Tax Returns

US financial industry is under persistent attacks, the number of incidents that compromised confidentiality, integrity and availability of data are increasing. Financial industry in US maintains symptoms of persistent cyber-attacks among surprising cyber incidents and large-scale data breaches that compromised confidentiality, integrity and availability of user’s information. Several advanced hacking methods and the exploitation of zero-day flaws […]

Pierluigi Paganini June 01, 2015
How to hack a Parking Management System and why?

The security researcher Jose Guasch revealed that dozens of “smart” parking management systems worldwide could be easily hacked. Everything is always online is inevitably exposed to the risk of cyber attacks, the security researcher Jose Guasch at the hacking conference Hack In The Box has explained that dozens of “smart” Parking Management System worldwide could be easily hacked. Guasch explained that […]

Pierluigi Paganini May 31, 2015
The Importance of Operational Security and User Education

An overview of the principal issues related to the 3 general categories that security controls fall under; physical, technical, and operational controls. What is Layer 8? Layer 8 is a term utilized by information security professionals and techies in general that represents the weakest link of every organization: the users.  While an organization may be […]

Pierluigi Paganini May 31, 2015
Yemen Cyber Army will release 1M of records per week to stop Saudi Attacks

Hackers of the Yemen Cyber Army (YCA) had dumped another 1,000,000 records obtained by violating systems at the Saudi Ministry of Foreign Affairs. The hacking crew known as the Yemen Cyber Army is continuing its campaign against the Government of Saudi Arabia. The Yemen Cyber Army (YCA) has released other data from the stolen archived belonging to the Saudi […]

Pierluigi Paganini May 30, 2015
US failed a Stuxnet-style attack against North Korea

New revelations came after a high-profile defector warns of that North Korea’s cyber army has the capability to run cyber attacks that could cause loss of human lives. According to an exclusive report by Reuters, The US was attempting without success to interfere with the nuclear programme of Pyongyang, in the same way it has done with Iran … SCADA systems […]

Pierluigi Paganini May 29, 2015
Stegosploit hides malicious code in images, this is the future of online attacks

Stegosploit is the technique developed by the security researcher Saumil Shah that allows an attacker to embed executable JavaScript code within an image. The security researcher Saumil Shah from Net Square security has presented at Hack In The Box conference in Amsterdam his Stegosploit project which allows an attacker to embed executable JavaScript code within an […]

Pierluigi Paganini May 29, 2015
Ganaa hacked, data of 10 Million registered users leaked

A Pakistani hacker claimed responsibility for a data breach at Gaana music streaming service that exposed data of  more than 10 Million registered users. Gaana (Gaana.com), one of the most popular music streaming service in India has reportedly been hacked. Gaana service has more than 10 Million registered users and 7.5 Million monthly visitors, according to various sources available on […]

Pierluigi Paganini May 29, 2015
1 in 20 Android apps open to attack due to a flaw in the Apache Cordova API Framework

Security researchers at Trend Micro Security firm discovered that 1 in 20 Android apps open to attack due to a flaw in the Apache Cordova API Framework. Researchers at Trend Micro have discovered a serious vulnerability (CVE-2015-1835) in the Apache Cordova  mobile API framework, that could be exploited by remotely by attackers to modify the behavior […]