Cisco’s Threat Research Analysis and Communications (TRAC) uncovered an extremely targeted spear phish attack on high-profit companies in Europe. A new APT has been discovered by CISCO targeting high-profit companies in Europe, including businesses working in banking, oil and entertainment industries. The attackers adopted as attack vector the email in a spear phishing campaign. According to the alert […]
Security experts Alexander Volynkin and Michael McCord will present at the next Black Hat 2014 a method to break Tor network anonymity with just USD 3000. Is the popular Tor network broken? In the recent months, after the Showden’s revelations, many security experts have started to investigate on the possibility that the US intelligence, and […]
The German broadcaster ARD published a report that reveals that NSA XKeyscore has targeted two Germany-based Tor Directory Authority servers. The NSA surveillance program XKeyscore, according to a report published by German public broadcaster ARD, two Germany-based Tor Directory Authority servers have been targeted by the US intelligence. According to the report, the two cases are not isolated, in the past […]
While investigating on MiniDuke malware, experts at F-Secure discovered a surprising link to a new malware, dubbed CosmicDuke, belonging to Cosmu family. Early 2013 experts at Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security (CrySyS) uncovered a cyber espionage campaign dubbed Miniduke which targeted dozens of computers at government agencies across Europe. The hackers exploited a […]
Security experts at Kaspersky Lab have issued data related to the number of RDP brute force attacks on its clients which show a worrying trend. In the June Kaspersky Lab has included in its products an Intrusion Detection System, which allowed the company to analyze more information on going attacks on its clients. Kaspersky has issued the data […]
Anonymous has announced the campaign dubbed Operation NO2ISIS against some states it accuses of supporting the Islamic terror group ISIS. The group of hacktivists Anonymous has announced a new campaign dubbed Operation NO2ISIS against some nations it accuses of funding or arming the radical Islamic terror group ISIS. In particular Anonymous will target three states suspected of […]
A serious code-execution vulnerability in Android 4.3 and earlier was patched with latest KitKat Android Operating System version. Are you using the Android 4.3 version and you are convinced to be secure? You are unfortunately wrong, because this version of Android and earlier are affected by a critical code-execution vulnerability. According to data proposed by the Android […]
A critical vulnerability in the WebShot feature implemented by TimThumb plugin expose WordPress instance to Remote Code Execution attacks. The popular image resizing library TimThumb used in many WordPress themes, 3rd party components and plugins is affected by a critical vulnerability which allows an attacker for certain commands to be remotely executed, without authentication, on the vulnerable website. The discovery of the […]
Security experts at Duo Security have discovered a serious flaw in the implementation of two-factor authentication which allow attackers to bypass it. Two-factor authentication processes if flawed could give to companies a false sense of security even if we are discussing of PayPal. In the past we have explained how to by-pass Two-factor authentication in various ways, for example, using […]
Largest DDoS attack hit PopVote, Hong Kong Democracy voting website. Experts at CloudFlare observed a three hundred gigabits per second DDoS attack. The largest ever and most severe Distributed Denial of Service (DDoS) attack in the history has recently hit the online democracy poll promoting opinion on the upcoming Hong Kong elections. The system under attack is […]