Pierluigi Paganini
December 20, 2013
Security experts at Mandiant have discovered that hackers break into Washington Post servers stealing employee users credentials hashes. Security experts at Mandiant intelligence firm have discovered a new intrusion into the network of The Washington Post, it is the third time in the last three years. In time I’m writing it is still not clear […]
Pierluigi Paganini
December 13, 2013
DARPA has launched the Crowd Sourced Formal Verification, it creates a set of games that search for software vulnerabilities involving volunteer gamers. The US Department of Defense Is evaluating the use of video games for finding software vulnerabilities with the collaboration of a network of volunteers. The idea is revolutionary, the support offered to DoD […]
Pierluigi Paganini
December 08, 2013
NSS Labs issued the report titled “The Known Unknowns” to explain dynamics behind the market of zero-day exploits. Last week I discussed about the necessity to define a model for “cyber conflict” to qualify the principal issues related to the use of cyber tools and cyber weapons in an Information Warfare context, today I decided […]
Pierluigi Paganini
December 01, 2013
FireEye Security Experts discovered Microsoft Windows XP and Server 2003 privilege escalation zero-day exploit Security experts at FireEye have discovered a new zero-day, a privilege escalation vulnerability in Windows XP and Windows Server 2003. It’s is the eleventh vulnerability discovered by FireEye this year, really a great job for the researchers of the young company. The last zero-day flaw is coded […]
Pierluigi Paganini
November 26, 2013
Due to the constant growth in the number of cyber attacks it is necessary to properly define the actions composing an incident response plan. FireEye firm published an interesting post on the need of incident response (IR) capabilities to reply numerous cyber attacks that daily hit almost any web service. Starting from the data proposed […]
Pierluigi Paganini
November 26, 2013
U.S.-China Economic and Security Review Commission reported for the first time that cloud computing “represents a potential espionage threat.” U.S.-China Economic and Security Review Commission reported for the first time that cloud computing “represents a potential espionage threat.” , Chinese hackers are a persistent collector of sensitive information, their action is incessant and represent a […]
Pierluigi Paganini
November 21, 2013
Imperva experts detected a surge in the exploitation of Jboss Application Server as result of the public disclosure of an exploit code. The cybercrime no stops and this time the alarm is related to a vulnerability in JBoss Application Servers that enable an attacker to remotely get a shell on a vulnerable web server. The concerning […]
Pierluigi Paganini
November 20, 2013
Users of Netflix, the provider of on-demand Internet streaming media, must beware of Silverlight exploit that could allow attackers to hack their systems. A vulnerability in Microsoft Silverlight 5 exposes to the risk of cyber attacks nearly 40 million Netflix streamers, the flaw is being exploited to execute arbitrary code on victim’s systems without any […]
Pierluigi Paganini
October 04, 2013
Adobe reveals customer data stolen in security breach, hackers have accessed sensitive information for 2.9 million users and to the source code of many products. Adobe Systems Inc has warned that customer data stolen in a security breach. According an official advisory, 2.9 million customers might have had their information stolen due a cyber attack that hit […]
Pierluigi Paganini
September 14, 2013
A researcher at Malwarebytes has discovered that a Russian hacker recently released an Android Firefox Zero-Day exploits on the underground. A new Android Firefox Zero-Day Exploit is available on the underground market for sale, a Russian exploit writer known as “fil9” has proposed it in the open exploit market with a starting price of $460. The […]
