Security experts at Securi firm have recently detected a series of SQL Injection attacks conducted abusing of the Google Bot activity. The exploitation of search engines like Google and Bing to conduct an attack represents an optimal choice for hackers that intend to stay hidden during the offensive. No IT administrator would block traffic from […]
The use of mobile devices in government environments concerns the secret service of any states, cyber espionage more often exploits the mobile platforms. Mobile devices are reason of great concern for governments, they have a great computational capability, huge memories to store our personal data, GPS to follow our movements and are equipped with a […]
Microsoft Zero-day CVE-2013-3906 – Microsoft informed to be aware of a vulnerability in a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. A new zero-day vulnerability has been found a Microsoft product that could allow attackers to install a malware via infected Word documents. The Microsoft […]
The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]
Security expert Jay Freeman discovered another Master Key vulnerability in Android 4.4 that allows attackers to inject malicious code in legit apps. The flaw known as “Android Master Key vulnerability” is considered a nightmare for Android OS, last July it was discovered for the first time and experts revealed that 99% of Android devices are vulnerable. The […]
Security Researcher Mohamed Osman Saeed has identified numerous vulnerabilities and reported them all, they include SQL Injection, XSS and URL Redirect. Security Researcher Mohamed Osman Saeed has identified numerous vulnerabilities and reported them all following an ethical conduct. The flaw interested principal security firms and private companies, following the complete list: Invalidated URL Redirect in […]
Finland’s foreign minister announced that foreign intelligence agents had carried out large-scale cyber espionage into government communications. The Finnish Ministry of Foreign Affair networks has been targeted in a cyber espionage operation lasting at least four years, the news has been reported by the Finnish commercial broadcaster MTV3. Finland’s foreign minister Erkki Tuomioja confirmed the shocking news, a large […]
OpNSA analyzed with OSINT techniques based on the correlation of media activities and physical protests. The analysts provided a forecast on next attacks. Web Intelligence analysis alerts on early signs of an Anonymous cyber campaign dubbed OpNSA that as usual will address with DDoS attack principal US Government websites. Security experts don’t exclude the […]
Security expert Ebrahim Hegazy has found another serious vulnerability in Twitter, he has discovered an Unrestricted File Upload Vulnerability. The popular Ebrahim Hegazy has found another serious vulnerability in Twitter, the cyber security analyst and Consultant at Q-CERT has discovered a flaw in the social media that allows Unrestricted File Upload. When a user creates a […]
Wi-Fi HTTP Request Hijacking attack against iOS – the researchers at Skycure have demonstrated a new technique that menaces mobile users. I’m not surprised for trust given by Internet users to public Wi-Fi networks that are notoriously insecure, wrong habits on the open networks could expose our identity to serious risks, one on all the identity theft. […]