Pierluigi Paganini January 24, 2014
Google Chrome bug allows sites to listen users private conversations

Web developers Tal Ater discovered a Google Chrome Bug that allows websites to listen to user private conversations. Google still hasn’t patched it! Google Chrome is one of the most diffused browsers, it has an excellent reputation in terms of security, usability and performance but it is wrong to consider it as perfect. As any […]

Pierluigi Paganini January 23, 2014
Who is spying on Tor network exit nodes from Russia?

Researchers Winter and Lindskog identified 25 nodes of Tor network that tampered with web traffic, decrypted the traffic, or censored websites. Two researchers, Philipp Winter and Stefan Lindskog of Karlstad University in Sweden, presented the results of a four-month study  conducted to test Tor network exit nodes for sneaky behavior, it has been discovered that a not specified Russian […]

Pierluigi Paganini January 21, 2014
Weak passwords, in 2013 it is still a frequent error

SplashData has issued its Annual “25 Worst Passwords of the Year” enumerating the list of the most common password chosen by users. It was October 2012 when for the first time I’ve seen a report from SpashData on most common passwords chosen by users to protect their account on various services. SplashData, which develops password […]

Pierluigi Paganini January 21, 2014
SERT Q4 2013 Threat Intelligence Report on threat landscape evolution

Solutionary security firm published SERT Q4 2013 Threat Intelligence Report to provide an overview of the overall threat landscape. Recently Solutionary security firm published SERT Q4 2013 Threat Intelligence Report to provide an overview of the overall threat landscape, the document is the result of a research conducted over the last three months correlating events across devices […]

Pierluigi Paganini January 20, 2014
South Korea, 20 Million credit card data has been leaked

Financial Supervisory Service confirmed that Stolen credit card data of at least 20 million bank and credit card users in South Korea has been leaked. While US are facing with a series of clamorous data breached against principal retailers, in South Korea an employee of personal credit ratings firm Korea Credit Bureau (KCB) has been […]

Pierluigi Paganini January 19, 2014
VPN vulnerability in Android devices allows intercept communications

Israeli Security researchers discovered an Android security flaw to bypass active VPN configurations and intercept secure communications. A new alleged flaw in Android mobile could harm user’s privacy over VPN. Israeli security researchers from the Ben Gurion University (BGU), the same that discovered a few weeks ago a vulnerability in the Samsung Knox platform, have […]

Pierluigi Paganini January 18, 2014
ReVuln team founds a zero-day in SCADA component

At S4x14 Conference in Miami, a researcher at of ReVuln disclosed a buffer overflow zero-day flaw in HMI software produced by Malaysian company Ecava. During the S4x14 Conference in Miami, Luigi Auriemma of ReVuln disclosed a serious vulnerability in HMI software. The team of researchers at ReVuln discovered a buffer overflow vulnerability in the company’s […]

Pierluigi Paganini January 18, 2014
10 million Starbucks customers at risk for official iOS app flaw

Security researcher Daniel E. Wood discovered a vulnerability in the Starbucks official iOS app related to the insecure storage of user data. 10 million Starbucks customers who purchases drinks and food using their Smartphones are exposed to serious risk of data breach. This is yet another story in which a poor implementation of minimum security […]

Pierluigi Paganini January 16, 2014
An increasing number of targeted attacks against the energy sector

Symantec published in the report titled “Targeted Attacks Against the Energy Sector” to describe the security landscape for companies of the sector. Companies and industries belonging in the energy sector are waiting most targeted sectors on a global scale, Symantec has issued a very interesting report titled “Targeted Attacks Against the Energy Sector” that provide […]

Pierluigi Paganini January 15, 2014
Kaspersky discovered Icefog Hit US energy companies with Java Backdoor

Kaspersky experts discovered a java version of icefog espionage campaign that targeted at least 3 us oil, gas companies spreading a backdoor dubbed Javafog. Kaspersky Lab in September 2013 announced to have discovered Icefog team, an emerging group of cyber-mercenaries available for hire to conduct surgical hit and run operations against strategic targets.  The cyber […]