Pierluigi Paganini
May 02, 2015
A few hours after the presentation of the Google Password Alert extension a researcher already have developed two methods to bypass it. A few hours ago, Google released the Password Alert extension that was designed to warn users when they are submitting their Google credentials to fraudulent websites. “Here’s how it works for consumer accounts. Once you’ve […]
Pierluigi Paganini
May 01, 2015
Foreign hackers are targeting background investigation databases to blackmail US government personnel or to try to bribe them. It is not a mystery that Chinese hackers continuously target US companies and government offices, the attackers usually backed by the Government of Bejing mainly run cyber espionage campaigns to steal intellectual property and any kind of information related to person […]
Pierluigi Paganini
April 30, 2015
Microsoft is observing a major spike in the volume of malware using macros since the beginning of the year. The infection method was very common in the past I remember when I was starting my career, around 2006 that a lot of the existent malware would arrive to their victims trough Word/Excel macros, and that […]
Pierluigi Paganini
April 23, 2015
Kaspersky Lab discovered another APT group dubbed CozyDuke which is believed to have hacked the US Department of State and the White House. Experts at Kaspersky Lab have uncovered a new advanced persistent threat (APT) dubbed CozyDuke that targeted several high-profile organizations in the second half of 2014. Kaspersky experts have published an interesting blog post that includes […]
Pierluigi Paganini
April 19, 2015
FireEye recently detected a new highly targeted attack run by APT28 exploiting two zero-day flaws to compromise an “international government entity”. Security experts at FireEye have recently detected a new cyber espionage campaign, dubbed “Operation RussianDoll,” operated by the Russian APT28 group. This time the hackers run highly targeted attack by exploiting two zero-day vulnerabilities to target an “international […]
Pierluigi Paganini
April 07, 2015
A security expert has discovered a severe vulnerability in BitTorrent Sync that can be exploited by a remote attacker to execute arbitrary code on a vulnerable machine. The security expert Andrea Micalizzi, also known as “rgod,”, has discovered a serious vulnerability in BitTorrent Sync (CVE-2015-2846) can be exploited by a remote attacker to execute arbitrary code. […]
Pierluigi Paganini
April 06, 2015
The Turkish Government has blocked the access to YouTube, Facebook and Twitter in the country over Istanbul prosecutor siege images. Once again, I’m writing about online censorship, once again the protagonist is the Turkish Government that this time has blocked the access to popular social media sites, including Twitter and YouTube. The ban follows a court ruling […]
Pierluigi Paganini
April 01, 2015
A security researcher discovered a couple of security issues on GitHub platform explaining how it is possible to exploit them in real attack scenarios. The researcher David Sopas (@dsopas) from Websegura discovered a couple of security issues in the coding website GitHub that were ranked by the company as minor, but that could expose users to cyber attacks. […]
Pierluigi Paganini
March 25, 2015
Israeli Researchers have defined a new exfiltration technique dubbed BitWhisper that is based on the heat emissions and built-in thermal sensors. According researchers at the Ben Gurion University in Israel, by detecting the heat from one computer to an adjacent computer, is possible to establish a channel that can claiming can facilitate the spread of keys, malicious […]
Pierluigi Paganini
March 24, 2015
Security experts discovered that the Adobe CVE-2011-2461 vulnerability is exploitable by at least four years despite the company has issued a patch. Four years ago Adobe released a patch for the vulnerability CVE-2011-2461 that was affecting the Adobe Flex SDK 3.x and 4.x. The flaw was a cross-site scripting (XSS) vulnerability that allowed remote attackers to inject arbitrary […]
Cyber Crime / February 20, 2026
Cyber Crime / February 20, 2026
