Monthly Archives: March 2015
The Installer Hijacking vulnerability exposes 1 of 2 Android users to attack
Experts at Palo Alto Networks discovered the Installer Hijacking vulnerability that exposes half of Android users to attack via Installation Vulnerability. The security researcher Zhi Xu from Palo Alto Networks discovered a […]
Chinese CA issued bogus digital certificates for Google domains
Google security team has recently discovered and blocked fraudulent digital certificates issued for several Google domains by a Chinese CA. On March 20, Google security team has discovered and blocked fraudulent digital certificates […]
Some models of Cisco IP Phones vulnerable to eavesdropping
Chris Watts discovered a security flaw affecting some models of Cisco IP Phones that could be exploited to eavesdrop on conversations and make phone calls. Some models of Cisco IP […]
Operation Woolen Goldfish, a hacking campaign in the wild
Security experts at Trend Micro have uncovered a new cyber espionage campaign that is targeting a number of European organisations and businesses. The attackers run a spear phishing campaign that was dubbed […]
Boeing announced its hack-proof drone
Boeing announced its project for the production of an unhackable drone, dubbed Boeing Little Bird, which should be in flight around the end of 2017. The drone industry is growing […]
Cardless ATMs will improve security of cash withdrawal
A unit of Canada’s Bank of Montreal will launch on Monday its network of cardless ATMs, a technological innovation to improve users’ security. Recently we have discussed different kinds of […]
Yahoo launches its on-demand password feature
Yahoo announced its new on-demand password feature that lets users into login in their account with a code sent to their mobile phone. Yahoo has announced a new Password-Free login feature to […]
ICS-CERT MONITOR report states most critical infrastructure attacks involve APTs
17 March 2015 DHS ICS-CERT MONITOR report reveals that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities. The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) […]
EquationDrug, the hacking platform of the Equation Group APT
Experts at Kaspersky Lab published a detailed analysis of the EquationDrug platform and its modules developed by the Equation Group APT. Recently experts at Kaspersky Lab have uncovered the Equation Group hacking […]
Apple and Microsoft released updates to fix the FREAK flaw
Microsoft and Apple released security updates to fix the FREAK vulnerability recently discovered and affecting their products. FREAK is a major security flaw recently discovered that left users of Apple and […]
Xiaomi Mi 4 smartphone with preinstalled malware and much more
The security firm Bluebox discovered a preinstalled malware, many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone. After the episode of Lenovo pre-installed malware, another […]
Spam campaign spreads Dridex Trojan via Macros in XML Files
Experts at Trustwave have discovered a spam campaign composed of several hundred messages trying to serve Dridex trojan though xml documents. Early 2015 security experts discovered a variant of banking […]
Snowden reveals New Zealand surveillance Waihopai Base
A new collection of documents leaked by Edward Snowden shines light on shadowy New Zealand surveillance activities operated at the Waihopai Base. A new collection of documents leaked by Edward […]
Identity Fraud Cost US Consumers $16 billion in 2014, less than in 2013
The annual study published by Javelin Strategy & Research on identity fraud estimates that U.S. consumers actually suffered fewer losses than in the past. Last year we observed a significant […]
Weaknesses in Air Traffic Control Systems are a serious issue for FAA
A GAO report to FAA reveals that the systems adopted in the Aviation industry are still affected by weaknesses that could be exploited by hackers. A report published by Government Accounting Office […]
How to serve malware by exploiting Blu-ray disc attacks
A British hacker has found two Blu-Ray-borne attacks that could be run to infect machines, a technique that remind the method used by the Equation Group. Security expert Stephen Tomkinson from […]
Shadow Cloud Services a serious risk for Government Networks
Cloud Security Alliance revealed that shadow cloud service used by employees and unmanaged by IT can pose a major security problem for organizations. Last month, Cloud Security Alliance found out […]
Twitter is tracking phone numbers to prevent trolls and abuses
Twitter announced that it is starting to track phone numbers of users as a measure to prevent abuses like the creation of new bogus accounts. A few weeks ago, Twitter […]