Hacking

Pierluigi Paganini October 20, 2016
Czech police arrested a Russian hacker alleged involved in 2012 LinkedIn hack

Czech police, working with the FBI, has arrested a Russian man at a hotel in Prague that is suspected to be involved in the 2012 LinkedIn hack. Czech authorities, with the support of the FBI, have arrested a Russian hacker suspected of conducting cyber criminal activities against the US. “Policemen investigation department of the Criminal […]

Pierluigi Paganini October 19, 2016
SQL Injection zero-day in component ja-k2-filter-and-search of Joomla

Information Security experts have discovered an SQL injection zero-day vulnerability in Joomla component ja-k2-filter-and-search. Information Security Researchers Dimitrios Roussis and Evangelos Apostoloudis have discovered an SQL injection vulnerability in component ja-k2-filter-and-search (https://www.joomlart.com/joomla/extensions/ja-k2-search) of Joomla, a popular open-source Content Management System (CMS). This component has been used in various Joomla sites. Through the use of the […]

Pierluigi Paganini October 19, 2016
Ops also the Trump Organization uses insecure e-mail servers

According to a security researcher, the Trump Organization’s mail servers run on an outdated version of Microsoft Windows Server. Hillary Clinton is over in the storm for the violation of its private email server, even Trump has used the case to attack the rival. The irony of fate, now we are here discussing because also Trump’s staff […]

Pierluigi Paganini October 19, 2016
Magento card-swiping malware hides stolen card data in legitimate images

Security experts have spotted an interesting exfiltration technique adopted by crooks to exfiltrate card data from Magento platforms. Security experts from Sucuri and RiskIQ have spotted an interesting exfiltration technique adopted by crooks to exfiltrate payment data from compromised e-commerce websites powered by the Magento platform. Cybercriminals have been using image files to store and exfiltrate […]

Pierluigi Paganini October 19, 2016
Political Cyberattacks: Senior Turkish Government Officials Affected by Advanced Malware

Experts at ElevenPaths, a Telefonica’s cyber security unit, provided further details on political cyberattacks leveraging on advanced malicious codes. On 19 July at 11pm Ankara time, Wikileaks published the first emails that were grabbed from the Turkish AKP. The organization led by Julian Assange, being in line with its policy on publication of secret information, […]

Pierluigi Paganini October 18, 2016
The ‘Sin’ Card: How criminals unlocked a stolen iPhone 6S

Even if you have an iPhone 6S protected by a 6 digits password plus the touch ID fingerprint it is possible to unlock it. 1. Introduction You have an iPhone 6S protected by a 6 digits password plus the touch ID fingerprint and you may think that nobody can unlock it without the code, right? […]

Pierluigi Paganini October 18, 2016
British banks downplay security breaches

Banks and financial institution in the UK are reportedly failing to disclose the full extent security breaches they are experiencing. UK banks are reportedly failing to disclose the full extent of the number and nature of security incidents they are experiencing due to a fear of financial punishment and negative publicity. Banking execs and security […]

Pierluigi Paganini October 18, 2016
Crooks exploit a zero-day in WordPress eCommerce Plugin to upload a backdoor

Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a backdoor. According to the experts from the firm White Fir Design, crooks exploited a zero-day flaw in an e-commerce plugin for WordPress to upload backdoors to affected websites. The plugin is WP Marketplace, a […]

Pierluigi Paganini October 18, 2016
Security audit reveals critical flaws in VeraCrypt, promptly fixed with a new release

“VeraCrypt is much safer after this audit, and the fixes applied to the software mean that the world is safer when using this software.” The security researcher Jean-Baptiste BĂ©drune from Quarkslab and the cryptographer Marion Videau  have discovered a number of security vulnerabilities in the popular encryption platform VeraCrypt. A new audit of the disk-encryption […]

Pierluigi Paganini October 18, 2016
Shadow Brokers launched a crowdfunding campaign to raise 10,000 bitcoins

The group calling itself The Shadow Brokers who hacked the NSA-linked Equation Group announced the launch of a crowdfunding campaign for the stolen arsenal. This summer the hacker group Shadow Brokers hacked the NSA-linked group known as the Equation Group and leaked 300 Mb of hacking tools, exploits, and implants. The Shadow Brokers launched an all-pay auction for the full archive containing the […]