Pierluigi Paganini
October 12, 2015
Apple has removed mobile apps from the iOS Apple store that are installing root CA certificates that enable traffic to be intercepted. Apple has pulled several apps out from the official iOS App Store over SSL/TLS security concerns, this means that the security issues could allow threat actors to compromise encrypted connections between the servers […]
Pierluigi Paganini
October 10, 2015
A group of researchers has demonstrated that the cost of breaking the SHA-1 hash algorithm is lower than previously estimated. The SHA-1 is still one of the most used cryptographic hash algorithm, but bad news for its supporters, a New Collision Attack Lowers Cost of Breaking it. The news is worrying, the cost and time […]
Pierluigi Paganini
October 09, 2015
Experts at Volexity discovered a hacking campaign targeting the CISCO WebVPN VPN product, attackers aim to steal corporate login credentials. A virtual private network (VPN) allows to extend a private network across a public connection, they are mainly used to protect users’ privacy and improve security for data in transit. Virtual Private Networks are commonly used many companies and organizations […]
Pierluigi Paganini
October 08, 2015
The Cleaver group is once again in the headlines managing a well-developed network of fake LinkedIn profiles for cyber espionage purpose. Do you remember the Iran-based APT Cleaver? In December the security firm Cylance released a detailed report on the hacking Operation Cleaver that was run by state-sponsored hackers linked to the Iran. The Iranian hackers targeted critical infrastructure worldwide, ten of which […]
Pierluigi Paganini
October 08, 2015
Microsoft web applications, such as Outlook or OneDrive and account pages, expose visitorsâ Microsoft Identifier (CID) in plain text. A Chinese developer, which uses the pseudonym of ramen-hero, discovered that Outlook.com, OneDrive, and Microsoft’s account pages use a unique user identifier known, also known as CID, in their web applications. The Microsoft CID is a 64-bit integer used […]
Pierluigi Paganini
October 07, 2015
A group of researchers from the iTrust has demonstrated how to use a Drone to intercept wireless printer transmissions from outside an office building. Recently I wrote a blog post on the Infosec Institute titled “Modern Physical Security Awareness Is More Than Dumpster Diving” where I explain how the concept of physical security is evolving […]
Pierluigi Paganini
October 07, 2015
The Cisco Talos Group has performed in-depth research on the threat actors behind the Angler Exploit Kit, and even had behind-the-scenes access. The Cisco Talos Group has performed in-depth research on the threat actors behind the Angler Exploit Kit, and even had behind-the-scenes access, allowing statistical information as well as Anglerâs inner-workings to be examined. Note that […]
Pierluigi Paganini
October 06, 2015
The nuclear industry is still unprepared to respond cyberattacks exposing civil nuclear facilities worldwide at risk of cyber attacks. Civil nuclear facilities worldwide are privileged targets for cyber attacks, according to a new report published this week by the Chatham House. The Stuxnet attack that targeted Iranian nuclear facilities demonstrated the risks for cyberattacks, for the first […]
Pierluigi Paganini
October 05, 2015
The Independent AV-Test Institute has analyzed 16 Linux security solutions against Windows and Linux threats under Ubuntu. The results are disconcerting. The result of the tests on Linux security solutions demonstrates that many Linux machines are vulnerable to cyber attacks, let’s consider to billions of internet users that daily access Web servers. In many cases, […]
Pierluigi Paganini
October 04, 2015
At the Virus Bulletin 2015 conference, the security researcher Oleg Petrovsky detailed methods that can be used to hack drones with pre-programmed routes. The drone industry is growing at a rapid pace, the aerospace research company Teal Group estimated that sales of military and civilian drones will total over $89 billion in the next 10 […]
