Hacking

Pierluigi Paganini May 01, 2017
Yahoo awarded $7,000 a bug hunter for Flickr account hijacking vulnerability

Yahoo awarded $7,000 to the bug hunter Michael Reizelman, aka mishre, for Flickr account hijacking vulnerability. Reizelman was a popular bug hunter that discovered vulnerabilities in many web services, including Badoo, Dropbox, GitHub, Google, Imgur, Slack, Twitter, and Uber. The expert has discovered three vulnerabilities in the company’s image and video hosting service that could have been chained together […]

Pierluigi Paganini May 01, 2017
Graph theory applied to a portion of the Dark Web shows it a set of largely isolated dark silos

A group of researchers conducted a study on the Dark Web leveraging the Graph theory. This hidden space appears as composed by sparse and isolated silos. A group of experts from the Massachusetts Institute of Technology’s SMART lab in Singapore has recently published an interesting research paper on the Dark Web. The researchers collected and analyzed the dark web […]

Pierluigi Paganini May 01, 2017
WHID Injector: How to Bring HID Attacks to the Next Level

Luca Bongiorni was working on a cheap and dedicated hardware that he could remotely control (i.e. over WiFi or BLE), that is how WHID was born. Since the first public appearance of HID Attacks (i.e.  PHUKD, Kautilya, Rubberducky), many awesome researches and results have been published [i.e. Iron HID, Mousejack and the coolest USaBUSe]. Due […]

Pierluigi Paganini April 30, 2017
Lenovo warns of IBM Storwize shipped with infected initialization USB drives

Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo contain a malicious file. Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo V3500, V3700 and V5000 Gen 1 storage systems contain a file that has been infected with malicious code. The Initialization Tool […]

Pierluigi Paganini April 30, 2017
Hacker holds Netflix to ransom over new episodes of Orange Is The New Black

The hacker ‘The Dark Overlord’ claims to have stolen and leaked online episodes from the forthcoming season of the TV show Orange Is The New Black. A hacker who goes online with the moniker “The Dark Overlord” claims to have stolen episodes from the forthcoming season of the TV show ‘Orange is the New Black.’ […]

Pierluigi Paganini April 30, 2017
Poorly designed apps leave millions of phones at risk of open port attack

Security experts demonstrated that insecure mobile applications leave millions of smartphones at risk of open port attack. A group of security researchers from the University of Michigan ( Yunhan Jack Jia, Qi Alfred Chen, Yikai Lin, Chao Kong, and Prof. Z. Morley Mao) discovered a security hole in hundreds of applications in Google Play Store that could […]

Pierluigi Paganini April 29, 2017
FIN7 group has enhanced its phishing techniques

According to the experts from security firm FireEye, the financially-motivated FIN7 group is changing hacking techniques. The group that has been active since late 2015, and was recently spotted to have been targeting personnel involved with United States Securities and Exchange Commission (SEC) filings at various organizations with a new PowerShell backdoor dubbed POWERSOURCE. The […]

Pierluigi Paganini April 29, 2017
Wikileaks revealed the Scribbles tool used by the CIA to mark documents and track whistleblowers

Wikileaks has published a new piece of the Vault 7 leak that details a CIA project codenamed Scribbles (a.k.a. the “Snowden Stopper”). Scribbles is a software allegedly developed to embed ‘web beacon’ tags into confidential documents aiming to track whistleblowers and foreign spies. Wikileaks has leaked the Scribbles documentation and its source code, the latest released version […]

Pierluigi Paganini April 28, 2017
Severe vulnerability in GE Multilin SR poses a serious threat to Power Grid

Security experts discovered a critical vulnerability in GE Multilin SR that poses a serious threat to the power grid worldwide. A team of researchers from New York University has found a serious vulnerability in some of GE Multilin SR protection relays that poses a serious threat to power grid. The experts will provide further details about the […]

Pierluigi Paganini April 28, 2017
DOK malware, a stealthy MAC OS spyware that inspects your HTTPS Traffic

DOK Malware is a stealthy malicious code recently discovered by researchers at security firm CheckPoint, it affects almost ant Mac OS X version. Malware researchers at CheckPoint firm have discovered a new stealth Mac malware dubbed DOK that affects almost ant Mac OS X version. At the time of its discovery, the DOK malware has zero […]