Security

Pierluigi Paganini October 18, 2016
Security audit reveals critical flaws in VeraCrypt, promptly fixed with a new release

“VeraCrypt is much safer after this audit, and the fixes applied to the software mean that the world is safer when using this software.” The security researcher Jean-Baptiste Bédrune from Quarkslab and the cryptographer Marion Videau  have discovered a number of security vulnerabilities in the popular encryption platform VeraCrypt. A new audit of the disk-encryption […]

Pierluigi Paganini October 16, 2016
The Mirai botnet is targeting also Sierra Wireless cellular data gear products

Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications products due to Mirai attacks. Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications product. The company is aware of a significant number of infections caused by the Mirai malware, a threat specifically designed […]

Pierluigi Paganini October 14, 2016
Here’s how Tor Project and Mozilla will make harder de-anonymizing Tor users

Tor Project and Mozilla are working together to improve the security of Tor users and make harder for attackers to unmask them. Intelligence and law enforcement agencies continue to invest in order to de-anonymize Tor users. In the past, we received news about several techniques devised by various agencies to track Tor users, from the correlation attacks to the hack […]

Pierluigi Paganini October 10, 2016
Shocking, a German nuclear plant suffered a disruptive cyber attack

A German nuclear plant suffered a disruptive cyber attack, the news was publicly confirmed by the IAEA Director Yukiya Amano. According to the head of the United Nations nuclear watchdog, the International Atomic Energy Agency (IAEA) Director Yukiya Amano, a nuclear power plant in Germany was hit by a “disruptive” cyber attack two to three […]

Pierluigi Paganini October 10, 2016
Apple Watches banned from UK cabinet meetings to prevent eavesdropping

The UK Government has decided to ban Apple Watches ban from the Cabinet over foreign eavesdropper fears, in 2013 occurred with the iPad. The political fears cyber espionage, the recent string of cyber attacks against the US Presidential election and the constant pressure of Chinese hackers urge a major awareness on the cyber threats. In 2013, cabinet ministers were banned from bringing […]

Pierluigi Paganini October 07, 2016
Update X.Org libraries to avoid Privilege Escalation and DoS attacks

X.Org released patches and updates to fix several flaws found in many client libraries that could be exploited to cause DoS and escalate privileges. X.Org is a widely used open-source implementation of the X Windows System (aka X11 or X-Windows) that is the graphical windowing system adopted by Unix and Linux operating systems. A set […]

Pierluigi Paganini October 05, 2016
WiFox mobile app shows names and passwords for Wi-Fi airports networks worldwide

The WiFox mobile app was designed as a huge container of network names and passwords for Wi-Fi airports networks worldwide. Do you travel a lot? Probably you have already read about WiFox, it is a legitimate Android/iOS mobile app that includes indications of thousands of airport Wi-Fi networks and their passwords. We have spoken several times about the […]

Pierluigi Paganini October 05, 2016
Animas OneTouch Ping Insulin Pumps could be remotely hacked

Hackers could use Insulin Pumps as weapons, this is not a sci-fi movie, but a disconcerting reality. The OneTouch Ping insulin pumps manufactured by Animas, a company owned by Johnson & Johnson, are affected by multiple several vulnerabilities that can be exploited by remote hackers to harm the diabetic patients who use them. While the security […]

Pierluigi Paganini October 04, 2016
Download for free 68 Million account details from Dropbox Data Breach

You don’t need to pay in order to receive the full dump from the DropBox data breach, security researcher leaked it online. In August, a data dump containing more than 68 Million account credentials for online cloud storage platform Dropbox was leaked online. Dropbox forced password resets for a number of accounts after discovering the data […]

Pierluigi Paganini October 04, 2016
ICS-CERT annual vulnerability coordination report 2015, +74% flaws

The US ICS-CERT published its annual vulnerability coordination report for FY 2015 that provided information about security holes reported to the agency. The US ICS-CERT has published its annual vulnerability coordination report for the fiscal year 2015. The report included detailed information about security vulnerabilities reported to the US ICS-CERT in 2015. “ICS-CERT is pleased to announce the release of […]