Cyber Security Expert Mikko Hyppönen worries about cyber terrorists belonging to the Islamic State (ISIL or ISIS) have a credible offensive cyber capability The popular Cyber security expert Mikko Hyppönen, Chief Research Officer for F-Secure, said he worries about cyber extremists that could penetrate critical infrastructure and cause serious damages. The expert explained that the ISIS is probably […]
A hacker belonging to the alleged group LulzSec has claimed responsibility for a DDoS attack that hit UK telecom TalkTalk this week, but … I’m following the events related to the data breach suffered by the TalkTalk company, this week the British company has publicly disclosed that four million subscribers have been impacted by a “sustained […]
Now that it is known a critical flaw in the Diffie-Hellman key-exchange protocol was exploited by the NSA to break the internet encryption, how to stop it? Recently a group of researchers has revealed how the NSA has cracked HTTPS, SSH, and VPNs rely on the Diffie-Hellman encryption by exploiting a wrong implementation of the cryptographic algorithm. The […]
Joomla just released a patch to fix a critical vulnerability that can allow an attacker to get full administrative access to a website. The new version of the popular Joomla content management system, the Joomla 3,4,5, is available online. The new release fixes a critical SQL injection vulnerability that could be exploited by attackers to […]
Imperva has discovered that attackers hijack CCTV cameras to launch powerful DDoS attacks exploiting weak credentials and poor configurations of IoT devices. Internet of Things devices are becoming privilege targets of threat actors that daily abuse of their resources to run cyber attacks or to organize frauds or to spy on unaware users. Unfortunately, most IoT devices […]
The ISACA study “2015 Advanced Persistent Threat Awareness-Third Annual” tries to uncover information security professionals’ understanding of APT threats. A new report published by the ISACA organization that surveyed more than 660 cyber security professionals reveals that more than one in four organizations (28%) have already suffered an APT attack. According to the experts, the BYOD is increasing […]
Serious flaws in the Network Time Protocol can be exploited to cause severe outages, eavesdrop encrypted communications, bypass authentication processes. Bad news for network administrators, new attacks on Network Time Protocol can defeat HTTPS and create serious problems. The bugs exploited in the attacks was discovered by the experts at the Cisco’s Talos group that has been working […]
Experts at Netcraft discovered that nearly a million SSL SHA-1 certificates were signed with the potentially vulnerable SHA-1 hashing algorithm. Businesses Using Millions of Flawed Certificates, the news is shocking and refers the adoption of SHA-1 certificates, despite the algorithm is considered no more secure. Many big businesses, including firms like Deloitte, are still using SHA-1 certificates, […]
A trio of researchers has demonstrated that some versions of self-encrypting hard drives manufactured by the Western Digital are affected by security flaws. Some versions of self-encrypting hard drives manufactured by the Western Digital are affected by security flaws that could be exploited with physical access to access protected data, even without knowing the decryption […]
The Pen Test Partners researcher Ken Munro mapped and hacked connected iKettles across London demonstrating they leak WiFi passwords. The Pen Test Partners researcher Ken Munro has conducted a very singular experiment, he mapped and hacked connected kettles across London, demonstrating they leak WiFi passwords. Once again Internet of Things, this experiment demonstrates that poorly configured […]