A Team of US researchers at UC Berkeley conducted a study on the HTTPS traffic analysis of ten widely used HTTPS-secured Web sites with surprising results. User’s privacy is considered a top priority after Snowden‘ revelations on the US surveillance program, recently a couple of cases have shocked IT security community both related to the […]
FireEye issued the 2013 Advanced Threat Report, the study provides a high-level overview of the computer network attacks by APTs discovered by the company. Today I desire to analyze with you the data proposed by FireEye in the 2013 Advanced Threat Report (ATR), the study provides a high-level overview of the computer network attacks discovered […]
This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]
A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop, all Debian and Ubuntu Linux distributions and many […]
Experts that are monitoring the escalation of tension in Crimea recognized a military strategy similar to the one adopted in Georgia (2008) The approval of Russian Parliament for military use in Crimea has triggered a series of events in the cyber space, groups of hacktivists, cyber criminals and of course state-sponsored hackers started their campaign against […]
Chris Soghoian, principal technologist with the American Civil Liberties Union, explained that government surveillance could exploit service update process. Chris Soghoian, principal technologist with the American Civil Liberties Union, during the recent TrustyCon conference highlighted the possibility that the government will exploit automated update services to serve malware and spy on users. Is this the next […]
Researchers at German G Data published an interesting analysis for Uroborun rootkit alleged to be a component of Russian cyber weapons programme. Uroburos is considered an advanced rootkit that is active since as far back as 2011, it is used to infect networks belonging to high-level targets, stealing data after setting up rogue P2P networks, it targets […]
Russia Today media agency has been hacked by unknown attackers just after Putin’s order to move troops to the Crimea was approved by the Parliament. The tension between Russia and Ukraine also has repercussions in the cyberspace where Russia Today, Russian principal news channel website (RT.com) has been hacked and defaced by an unknown group of […]
F-Secure’s Chief Mikko Hyppönen at the TrustyCon explained the risk that Government-built malware and cyber weapons will run out of control. F-Secure’s Chief Research Officer Company Mikko Hyppönen at the TrustyCon conference in San Francisco explained that almost every government is spending a great effort to improve its cyber capabilities building a cyber weapon. “Governments writing […]
Vulnerability in Yahoo allowed Egyptian hacker to delete more than 1 million and half records from Yahoo database. Yahoo immediately fixed it. The Egyptian cyber security expert Ibrahim Raafat has discovered a serious flaw in the Yahoo! website. The hacker demonstrated on his blog how to exploit the “Insecure Direct Object Reference Vulnerability” vulnerability in the Yahoo! sub-domain (suggestions.yahoo.com) to delete all […]