Pierluigi Paganini
May 03, 2014
Covert Redirect vulnerability is the security flaw in the open standards for authorization OAuth and OpenID that is menacing IT industry. Another security flaw in the open standards for authorization OAuth and OpenID is scaring IT industry. Just a few weeks after the disclosure of the Heartbleed vulnerability, another major flaw was discovered in the open […]
Pierluigi Paganini
April 26, 2014
Researcher David Kirkpatrick discovered a flaw in older versions of NetSupport Manager could expose sensitive configuration settings and lead to compromise. A vulnerability in older versions of NetSupport Manager could be a source of serious problems for enterprises that use the platform for remote control of PC and servers. This case is an example of the […]
Pierluigi Paganini
April 21, 2014
Reflession on the necessity to adopt a shared regulatory for the security of critical infrastructure. Eugene Kaspersky point of view on the topic. Security of critical infrastructure is a critical urgency of any government, the NIST announced the Framework for Improving Critical Infrastructure Security, a document that proposed cybersecurity standards and practices to build out a security program. The cybersecurity […]
Pierluigi Paganini
March 29, 2014
Researchers at ReVuln firm demonstrated how to exploit the last firmware update for Philips SmartTV to steal user’s cookies and other sensitive data. The excellent team of researchers at ReVuln firm has published another interesting analysis on the possibility to hack Philips SmartTV to steal user’s cookies. The news is disconcerting and raise serious concerns for user’s […]
Pierluigi Paganini
February 19, 2014
After SANS researchers detected self replicating work The Moon is spreading among a number of different Linksys routers, its exploit appeared in the wild. Last week I reported the news related to a vulnerability in Linksys routers that’s being exploited by a new The Moon worm analyzed by the SANS Institute’s Internet Storm Center. The Moon […]
Pierluigi Paganini
February 17, 2014
Security researchers at SANS detected a self-replicating malware (dubbed moon worm) is spreading among a number of different Linksys routers. Researchers at the SANS Institute discovered a new self-replicating worm that is infecting different Linksys home and small business routers. The investigation started after an Internet service provider in Wyoming noted an unusual network traffic and decided to alert SANS. The SANS […]
Pierluigi Paganini
February 13, 2014
Kaspersky confirms hidden threat in BIOSes PC and warns that Absolute Computrace Anti-Theft agent can be remotely hijacked.Absolute Software refuses claims. After the case raised by Kaspersky team on the Computrace agent I tried to contact Absolute software received the following official reply on the results of the investigation. Background On Wednesday, February 12th, Kaspersky Lab […]
Pierluigi Paganini
February 13, 2014
Experts at Kaspersky confirm hidden threat in BIOSes of Popular Laptops and warns that Absolute Computrace Anti-Theft agent can be remotely hijacked Researchers at Kaspersky Lab have demonstrated that a feature in the legitimate software produced by Absolute Software firm can be abused to turn a defensive utility into a powerful utility for cyberattack. Kaspersky Lab’s security […]
Pierluigi Paganini
January 16, 2014
Algerie Telecom TP-LINK TD-W8951ND Routers are vulnerable, they contain a critical vulnerability exploitable to gain unauthorized access and reveal user’s password. Also TP-LINK routers are vulnerable, this is the latest chapter in the saga of the vulnerabilities present in our routers after that a security researcher discovered serious flaw in CISCO, Linksys and Netgear, meanwhile […]
Pierluigi Paganini
October 13, 2013
Researcher Craig published an interesting blog post on “/dev/ttyS0” on the reverse engineering of the backdoor present in many D-Link devices. Today I decided to propose an interesting backdoor analysis published on the blog “/dev/ttyS0” specialized on the embedded device hacking. The researcher Craig demonstrated the presence of a backdoor within some DLink routers that allows an attacker to […]
