Security

Pierluigi Paganini September 08, 2015
Tough weekend for Kaspersky patching a buffer overflow vulnerability

Last week, Kaspersky Lab was informed about a buffer overflow flaw that affects its antivirus products version 2015 and 2016 and released a patch within 24 hours. Last week, Kaspersky Lab was informed about a buffer overflow flaw that affects its antivirus products version 2015 and 2016 by one of information security engineers working in […]

Pierluigi Paganini September 07, 2015
Researcher disclosed 0day flaw in FireEye and offers others for sale

The expert Kristian Erik Hermansen disclosed a zero-day flaw in the FireEye core appliance that could be exploited to gain remote root file system access. Yesterday security researcher Kristian Erik Hermansen disclosed a zero-day vulnerability in the FireEye core appliance that could be exploited to gain remote root file system access. Hermansen told to CSOonline that he […]

Pierluigi Paganini September 07, 2015
Stealing all files from Seagate wireless disks is too easy

The CERT_org issued an alert on Seagate wireless disks because they contain multiple flaws that could be exploited to download their entire content. CERT.org issued a warning related Seagate wireless disk because they include a hidden login, most exactly a Telnet services that is not documented. This security issue allows anonymous attackers to download every file on […]

Pierluigi Paganini September 07, 2015
Fiat Chrysler recalls thousands Jeep Renegade SUVs due to hacking risks

Fiat Chrysler has recalled nearly 8,000 Jeep Renegade SUVs in the US to update the software that could be exploited by attackers to hack the vehicles. No peace for Fiat Chrysler Automobiles after the disclosure of the attack against its Jeep Cherokee model made by the popular hackers Charlie Miller and Chris Valasek. The duo of […]

Pierluigi Paganini September 06, 2015
Fiat Chrysler distributes the fix for flawed Jeep via mailed USB

The decision of Fiat Chrysler for providing a software update via Mailed USB is considered disconcerting for the security industry. Do you remember the hack of the Fiat Chrysler Jeep? In response to the disclosure of the details of the successful attack, the company recalled nearly 1.4 vehicles in the US in order to update the firmware running […]

Pierluigi Paganini September 05, 2015
Fake recruiters on LinkedIn spy on security experts

Security researchers have uncovered a group of fake recruiting accounts on LinkedIn used for intelligence gathering about security experts. A group of fake recruiter accounts is abusing the LinkedIn professional social network to send invitations to security professionals in various industries. The fake recruiters attempt to deceive targets usually by using a LinkedIn profile with […]

Pierluigi Paganini September 04, 2015
Some Uber ride data is publicly accessible through Google

Some Uber trip information is publicly accessible through simple Google queries, the set includes trip and user info, and home and work addresses. Rapid diffusion of technology makes easy phenomena of accidental data leakage, the last one is related to the popular car service Uber. Dozens of trips of Uber customers have been cached by […]

Pierluigi Paganini September 04, 2015
Barclays creates its own red team to attack its systems to find flaws

Barclays has created a red team to hack its own computer systems to discover and exploit security vulnerabilities before external attacker do. For someone working in the security area, it’s known that many companies have red teams to attack their own system, but this information is never recognized by the company. Barclays did exactly the […]

Pierluigi Paganini September 03, 2015
Company’s data at risk due to the use of mobile gambling apps

Veracode has conducted a research on the security of several mobile gambling apps and discovered a number of flaws that expose enterprises to serious risks. If you belong to a global corporation, the most probably think you will find out is that some of your colleagues have installed mobile apps that don’t belong to the […]

Pierluigi Paganini September 03, 2015
Hacking Baby Monitors is dramatically easy

Security researchers from Rapid7 security firm discovered a number of security vulnerabilities affecting several Video Baby Monitors. Researchers find major security flaws in popular networked video baby monitor products that could allow attackers to snoop on babies and businesses. Rapid7 analyzed baby monitors from six vendors, ranging in price from $55 to $260 in order to […]