Monthly Archives: April 2014
Adobe zero-day used in watering hole attack against Syrian dissidents
Adobe has just released a security updates for Flash Player to fix critical vulnerabilities that are being exploited by hackers to track Syrian dissidents. Adobe has just released security updates for Flash Player to […]
FireEye discovered a new zero-day exploit for IE in the wild – Operation Clandestine Fox
FireEye Research Labs has identified a new IE zero-day vulnerability exploited in a series of targeted attacks part of the Operation Clandestine Fox. FireEye Research Labs has identified a new Internet Explorer (IE) […]
Certificate revocation checks aren’t efficient against Heartbleed
Security researcher Adam Langley of Google explained the real efficiency of revocation checking in response to OpenSSL heartbeat bug. The Heartbleed bug is a source of great concern for IT industry, every day […]
The novelties inside the last critical update for P2P Zeus
Which are the security improvements in the critical update proposed by criminal ecosystem for P2P Zeus Botnet? Fortinet experts detected and analyzed it. Security experts at Fortinet have uncovered a critical update […]
Critical Infrastructure security, is it possible a shared regulatory?
Reflession on the necessity to adopt a shared regulatory for the security of critical infrastructure. Eugene Kaspersky point of view on the topic. Security of critical infrastructure is a critical urgency of any government, […]
Ponemon study – SQL Injection attacks too dangerous for organizations
A new study conducted by the Ponemon Institute reveals the impact of successfully SQL injection attacks on organizations during the last year. The Ponemon Institute published a new study titled “The SQL Injection Threat Study“ to […]
Unflod Baby Panda, the Chinese malware hit jailbroken iphone
Unflod Baby Panda is the name of a new mobile malware which is targeting jailbroken versions of Apple iPhone. The threat seems to have China origin. The number of cyber threats against mobile users […]
New iBanking mobile Trojan exploits Facebook platform
Security experts at ESET detected a new variant of iBanking Trojan offered in the underground that exploits Facebook platform as vector of infection. iBanking is the name of a mobile banking Trojan app distributed through HTML injection […]
German Aerospace Center hit by serious malware-based attack
The German Aerospace Center was victim of a cyberespionage attack, many computers have been infected by sophisticated Trojans and other spyware. Cyber espionage is considerable today one of the most alarming cyber threats for governments and private […]
APWG report 2H2013- Analysis of phishing phenomena on global scale
The APWG report 2H2013 seeks to understand trends and their significance by quantifying the scope of the global phishing problem. Last Anti-Phishing Working Group APWG report titled “Global Phishing Survey: Trends […]
Reading the Mandiant M-Trends 2014 Threat Report
Mandiant has released its annual M-Trends 2014 Threat Report, a document that analyzes actors, means and motivations behind attacks observed in 2013. Mandiant FireEye company has released a new detailed report titled “M-Trends […]
Raoul Chiesa – from cybercrime to state-sponsored hacking
Raoul Chiesa gives us his view on the current cyber threat landscape, from Snowden’s case to the links between cyber crime and state-sponsored hacking. Next week the forth Cybercrime Conference will be held in Rome (http://www.tecnaeditrice.com/eventi/cyber_crime_conference_2014/presentazione), two days in […]
The Extortion is a common practice in the cyber criminal ecosystem
10:00 ET, 11 April 2014 According principal security firms, extortion, ransom and blackmail are pillars of illicit activities, cyber criminals are adapting them to the cyber context. Extrotion is becoming a […]
Heartbleed Bug is a serious flaw in the OpenSSL cryptographic library
10:00 ET, 10 April 2014 The Heartbleed Bug is a serious flaw in the popular OpenSSL library that allows an attacker to reveal up to 64kB of memory to a […]
New Zeus trojan variant digitally signed in the wild
9:00 ET, 9 April 2014 Security researchers at Comodo have detected a new Zeus trojan variant enhanced with digital signature of its source code to avoid detection. The security community is once again menaced […]
German authorities discovered 18 Million stolen Email accounts
10:00 ET, 8 April 2014 German authorities have discovered 18 Million Email Passwords, this is probably the biggest Data Theft in the history of the country. German authorities have confirmed […]
Waze app can be hacked to display fake traffic jams
10:00 ET, 7 April 2014 Two Israeli students at Technion-Israel Institute of Technology were able to cause traffic jams hacking the popular navigation app Waze for a school project. In many films […]
Chinese CCTV reported cases of pre-installed malware on Android mobile
17:00 ET, 4 April 2014 Chinese TV station, CCTV, has reported some cases where smartphone were compromised by pre-installed malware before selling them on to unwitting customers. What’s about to pay a mobile phone […]
Reading the Global Threat Intelligence Report (GTIR)
12:00 ET, 3 April 2014 The Global Threat Intelligence Report (GTIR) addresses the security challenges of organizations globally analyzing 3 billion worldwide attacks occurred in 2013. The NTT Innovation Institute has […]
Philips SmartTV susceptible to serious hack according ReVuln experts
9:30 ET, 2 April 2014 Researchers at ReVuln firm demonstrated how to exploit the last firmware update for Philips SmartTV to steal user’s cookies and other sensitive data. The excellent […]
RSA is accused again to have helped NSA to weaken security products
16:50 ET, 1 April 2014 A group of researchers from Johns Hopkins University discovered that a second NSA tool aggravate the RSA security software’s vulnerability. We all remember the Snowden‘s revelations […]