Hacking

Pierluigi Paganini March 01, 2014
Critical flaw in Yahoo allows Hacker to delete 1.5M records

Vulnerability in Yahoo allowed Egyptian hacker to delete more than 1 million and half records from Yahoo database. Yahoo immediately fixed it. The Egyptian cyber security expert Ibrahim Raafat has discovered a serious flaw  in the Yahoo! website. The hacker demonstrated on his blog how to exploit the “Insecure Direct Object Reference Vulnerability” vulnerability in the Yahoo! sub-domain (suggestions.yahoo.com) to delete all […]

Pierluigi Paganini March 01, 2014
More than 360 million stolen credentials available on the black market

Hold Security firm discovered more than 360 million newly stolen credentials and around 1.25 billion email addresses available for sale on the black market. The Hold Security firm has discovered a huge volume of data for sale on the online black market, it includes credentials from more than 360 million accounts and around 1.25 billion email addresses. […]

Pierluigi Paganini February 27, 2014
FireEye discovered an Apple vulnerability which allows iOS keylogging

Researchers at FireEye have developed a POC that exploits an Apple vulnerability to implement a Background Monitoring on Non-Jailbroken iOS 7 Devices. A vulnerability in Apple products is once again the center of controversy because and also in this case the user’s privacy is at risk. The excellent team of security researchers at FireEye discovered another […]

Pierluigi Paganini February 27, 2014
Chameleon WiFi virus emulates contagion of a common cold within humans

A team of researchers created in the lab the Chameleon WiFi virus, a malware that infects entire WiFi networks replicating contagion of a common cold within humans. A group of security researchers at the University of Liverpool in Britain have provided a proof of concept to demonstrate how to infect an entire WiFi network one shot. The team of researchers […]

Pierluigi Paganini February 26, 2014
Unveiled network of surveillance based on RCS of Hacking Team

Citizen Lab published detailed information on the surveillance network based on RCS spyware designed by the Italian firm Hacking Team. The nonprofit research team Citizen Lab has discovered the presence of a spyware developed by the Italian Hacking Team in 21 countries. The news doesn’t surprise security community, despite Hacking Team firm always denies any involvement in cyber […]

Pierluigi Paganini February 25, 2014
CDM Annual Ed. is out – Security Predictions for 2014

Enjoy the reading CDM for free.We are thrilled to join you at the RSA Conference 2014 with our Second Annual Edition of Cyber Defense Magazine.   YOUR E-MAGAZINE HAS ARRIVED SPONSORED BY RSA CONFERENCE 2014 FLIPBOOK http://www.cyberdefensemagazine.com/annual-editions/february-2014/index.html PDF http://www.cyberdefensemagazine.com/annual-editions/february-2014/Cyber-Defense-Magazine-Annual-Edition-2014.pdf MOBILE http://www.cyberdefensemagazine.com/annual-editions/february-2014/mobile/index.html Introduction Following the tradition I am imagining the evolution of the cyber security scenario for […]

Pierluigi Paganini February 25, 2014
Largest Bitcoin exchange MtGox shut down, earthquake in the Bitcoin industry

Largest Bitcoin exchange MtGox shut down after it had announced to have suffered technical issues that forced the exchange to suspend withdrawals for a week. The world’s largest Bitcoin exchange MtGox has shut down its website, suspending any activities, the news is that to be frightening, a real earthquake that raises a series of reflections […]

Pierluigi Paganini February 24, 2014
Apple restores certificate validation checks mysteriously missed

Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network  to capture or modify […]

Pierluigi Paganini February 24, 2014
iBanking Mobile Bot Source Code available for sale in the underground

iBanking is a new mobile banking Trojan available for sale in the underground for $5,000 according the RSA’s FraudAction Group.  The source code for iBanking banking trojan has been leaked online through an underground forum, this kind of news reports a serious threat from the cybercrime ecosystem. Like happened for other trojan, including Zeus and Carberp, the […]

Pierluigi Paganini February 23, 2014
Banking trojan hit a large number of Islamic Mobile Banking Customers

Security researchers at InterCrawler discovered a Banking trojan which infected a large number of devices the Middle East belonging to Islamic Banks. IntelCrawler cyber intelligence firm discovered a large fraud campaign against major Islamic banking institutions. The attackers have used a sizable mobile botnet, more than 27 000 intercepted SMS-messages were detected between April 2013 and […]