cyber security

Pierluigi Paganini December 17, 2014
Wireless Aerial Surveillance Platform, the DIY Spy Drone

Vespid is amongst most the important espionage artifacts based on the Wireless Aerial Surveillance Platform for the for the construction of a DIY Spy Drone. The Wireless Aerial Surveillance Platform is a small DIY drone that has the capability to crack Wi-Fi passwords, eavesdropping on Wi-Fi passwords, eavesdropping on cell phone calls and read text […]

Pierluigi Paganini December 02, 2014
ENISA issued the Evaluation Framework on National Cyber Security Strategies (NCSS)

ENISA has presented at the workshop on National Cyber Security Strategies in Brussels the Evaluation Framework on National Cyber Security Strategies (NCSS). ENISA issued the Evaluation Framework on National Cyber Security Strategies (NCSS), an important work that addressed to policy experts and government officials that are in charge for the implementation and evaluation of an NCSS policy. The work […]

Pierluigi Paganini November 19, 2014
The US energy industry is constantly under cyber attacks

Data related to the number of incidents occurred to national infrastructure confirms that the US Government energy industry is constantly under attack. The US Government is aware that nation’s energy grid is constantly under attack by state-sponsored hackers and cyber criminals. Recently The Department of Homeland Security (DHS) revealed that Russian hackers have infiltrated several critical […]

Pierluigi Paganini October 11, 2014
Brian Krebs Hacked … the big hoax

A man has published on PasteBin a fake dump of the database of the popular website KrebOnSecurity managed by the expert Brian Krebs. A few hours ago I received a tweet from the account Narcochaos (@N4rCochaos ) , which informed me and other illustrious colleagues that he has hacked the website of the popular security investigator Brian Krebs (http://krebsonsecurity.com/). […]

Pierluigi Paganini June 09, 2014
ICS-CERT warns on the rise in attacks on online ICS

A reading of the data issued by the ISC-CERT in its Monthly Monitor (ICS-MM201404) on the attacks against ICS (industrial control systems) exposed on line. Do you have exposed your Industrial control system (ICS) on the Internet? “If ICS is connected to the Internet, it comes with an almost 100% guarantee of its being hacked on […]

Pierluigi Paganini May 26, 2014
Critical Infrastructure, hackers targeted public utility SCADA

Cyber attacks could pose a potentially huge risk to US critical infrastructure, state-sponsored hackers and cyber criminals are increasing their activity. Governments are even more alarmed by the possibility of cyber attacks against critical infrastructure, hackers could pose a potentially huge risk to the helpless population. In a recent US Government exercise, a team of hackers […]

Pierluigi Paganini April 13, 2014
Hacking Google server using a malicious XML is possible

A Team of researchers discovered a critical XML External Entity (XXE) vulnerability on Google server that allows an attacker to access any internal file. A group of researchers has discovered a critical vulnerability Google search engine that could allow an attacker to access the internal files of the production Google server. I desire to describe this […]

Pierluigi Paganini March 18, 2014
Darpa is looking for experts from private sector for future cyber ops

Darpa is scouting the private companies to recruit high skilled professional and use company infrastructure to protect classified information. The Pentagon is searching cyber experts to address the growing shortage of highly professional in the field, the US Government is making scouting for expert hackers in the private sector. The control of the cyberspace and the […]

Pierluigi Paganini November 28, 2013
Ruby on Rails CookieStore flaw exposes thousand of websites

A security issue inside cookie-based storage mechanism of Ruby on Rails could expose thousand websites to cyber attacks. Ruby on Rails,  “hit an open source web application framework to compromise a wide audience”, this is the thought of attackers that desire who want to hack the highest number of web sites. A security issue inside […]

Pierluigi Paganini November 03, 2013
SQL Injection, XSS and URL Redirect found in popular websites

Security Researcher Mohamed Osman Saeed has identified numerous vulnerabilities and reported them all, they include SQL Injection, XSS and URL Redirect. Security Researcher Mohamed Osman Saeed has identified numerous vulnerabilities and reported them all following an ethical conduct. The flaw interested principal security firms and private companies, following the complete list: Invalidated URL Redirect in […]