Yearly Archives: 2014
Databases of personnel at US command in S Korea hacked
A major cyber attack might have compromised the personal information of 16000 current and former workers employed by the American command in South Korea. US officials have revealed that military […]
Revealed the spy bases of GCHQ intelligence agency tapping undersea cables
A last revelation on the surveillance activities of British intelligence GCHQ confirms the existence of spy base tapping undersea cables in the Middle East. In the last year Edward Snowden has leaked many disconcerting […]
Gameover Zeus Botnet disrupted by multinational effort
The DoJ and the FBI announced a multinational effort to disrupt the GameOver Zeus botnet responsible for the theft of millions of dollars worldwide. The U.S. DoJ in collaboration with FBI and foreign law […]
Hackers threatens major cyber-attack on World Cup 2014
Sporting events are an excellent scenario for hacktivists, protest against the World Cup in Brazil are increasing and hackers announced a major cyber attack. The football World Cup in Brazil […]
AV alone is not enough to protect PC from zero-day malware
A recent research conducted by experts at Lastline Labs have demonstrated that AV alone is not enough to protect computers from zero-day malware. A recent research conducted by security company Lastline Labs revealed that only […]
Nice Recording eXpress lawful intercept solution is flawed
Researchers at SEC Consult Vulnerability Lab discovered that Nice Recording eXpress lawful intercept software contains numerous flaws, including a backdoor. Nice Recording eXpress voice-recording package software used by law enforcement to intercept communications of suspects […]
Spotify Android app hacked, change password and Upgrade it
Spotify company is investigating unauthorized access to its systems and internal company data. Android users urge to update the app and change the password. The popular Music streaming service Spotify is the last […]
Unrecom phishing campaign hit high-profile entities globally
Security Experts at Fidelis Cyber Security firm have recently discovered a new phishing campaign using the Unrecom RAT (remote access trojan). Fidelis Cyber Security firm has recently issued the Fidelis Threat Advisory […]
Nemanja, a botnet of thousand POSs, Grocery Management and Accounting Systems
Experts at Intelligence firm IntelCrawler have detected a new botnet dubbed Nemanja composed by compromised POS terminals, accounting systems and grocery management platforms. On March 2014 experts at IntelCrawler have identified Nemanja, one of […]
FBI is officially looking for malware development
The FBI (Federal Bureau of Investigation) has issued a solicitation for malware development confirming the use of malicious code for investigation. The proliferation of malware in the cyber space is […]
Remote code injection in Microsoft, Yahoo and Orange subdomains
Security researcher Ebrahim Hegazy has identified a remote code injection vulnerability affecting several subdomains of Microsoft, Yahoo, Orange and others. Fortunately, the security Vulnerability has been fixed. While participating in […]
Al-Qaeda is developing new Encryption tools in response to NSA surveillance
Recorded Future published a report to show that members of Al-Qaeda are developing a series of new encryption software in response to NSA surveillance. The revelation based on the document leaked by Edward […]
Hackers have stolen files on Ukraine crisis from Belgian Foreign Ministry
Unknown hackers have stolen files on the Ukraine crisis from the Belgian Foreign Ministry, causing the crackdown of targeted servers. A new cyber espionage campaign hit the Belgian foreign ministry, unknown hackers have stolen […]
Federal Trade Commission – Watch out to Health and Fitness Apps
The Federal Trade Commission debated on the privacy ramifications of consumer generated and controlled health data, following data on mobile apps. The Federal Trade Commission has recently released the disconcerting […]
Heartbleed one month later, at least 300k servers are still vulnerable
Security researcher Robert Graham published the results of recent global scan searching for Heartbleed vulnerable systems. 300k systems are still vulnerable Heartbleed flaw is a bug disclosed more than a month ago, which affected OpenSSL library […]
Navy sysadmin went on hacking spree at sea
A gang of hackers that included a service member on a nuclear aircraft carrier breached the Pentagon’s National Geospatial Intelligence Agency, the biometric Transportation Worker Identification System at the Homeland […]
Orange hacked for the second time in the year, 1,3M records exposed
French telecom giant Orange has suffered the second data breach of the year on April 18th. Hackers violated its website stealing 1,3 customer records. Orange company was hit again by hackers, […]
RedSocks, An interesting vision on Malware trend in Q1
Dutch malware detection company RedSocks has issued its first Malware Trend Report related to the malicious code trends observed in the first quarter of 2014. RedSocks, a Dutch malware detection company which […]
Be aware, Apple iOS Data protection doesn’t protect email attachments
Security Researcher Andreas Kurtz noticed that email attachments within different iOS versions are not protected by Apple’s data protection mechanisms. Mobile platform security is becoming even more crucial due to the large number of applications daily […]
Skype stores all application data in a local database in plain text
Romanian Researcher discovered that Skype application store sensitive User Data Unencrypted on a local database. A Romanian programmer at Hackyard Security Group, Dragoş Gaftoneanu, revealed through a blog post that the popular VOIP application Skype leaves its local database unencrypted. […]
AOL suffered a massive Data Breach
AOL Inc. confirms security breach, email accounts of a significant number users may have been exposed, no financial data has been stolen. AOL Inc. last Monday has confirmed with an official blog post that the company suffered a […]
Adobe zero-day used in watering hole attack against Syrian dissidents
Adobe has just released a security updates for Flash Player to fix critical vulnerabilities that are being exploited by hackers to track Syrian dissidents. Adobe has just released security updates for Flash Player to […]
FireEye discovered a new zero-day exploit for IE in the wild – Operation Clandestine Fox
FireEye Research Labs has identified a new IE zero-day vulnerability exploited in a series of targeted attacks part of the Operation Clandestine Fox. FireEye Research Labs has identified a new Internet Explorer (IE) […]
Certificate revocation checks aren’t efficient against Heartbleed
Security researcher Adam Langley of Google explained the real efficiency of revocation checking in response to OpenSSL heartbeat bug. The Heartbleed bug is a source of great concern for IT industry, every day […]
The novelties inside the last critical update for P2P Zeus
Which are the security improvements in the critical update proposed by criminal ecosystem for P2P Zeus Botnet? Fortinet experts detected and analyzed it. Security experts at Fortinet have uncovered a critical update […]
Critical Infrastructure security, is it possible a shared regulatory?
Reflession on the necessity to adopt a shared regulatory for the security of critical infrastructure. Eugene Kaspersky point of view on the topic. Security of critical infrastructure is a critical urgency of any government, […]
Ponemon study – SQL Injection attacks too dangerous for organizations
A new study conducted by the Ponemon Institute reveals the impact of successfully SQL injection attacks on organizations during the last year. The Ponemon Institute published a new study titled “The SQL Injection Threat Study“ to […]
Unflod Baby Panda, the Chinese malware hit jailbroken iphone
Unflod Baby Panda is the name of a new mobile malware which is targeting jailbroken versions of Apple iPhone. The threat seems to have China origin. The number of cyber threats against mobile users […]
New iBanking mobile Trojan exploits Facebook platform
Security experts at ESET detected a new variant of iBanking Trojan offered in the underground that exploits Facebook platform as vector of infection. iBanking is the name of a mobile banking Trojan app distributed through HTML injection […]
German Aerospace Center hit by serious malware-based attack
The German Aerospace Center was victim of a cyberespionage attack, many computers have been infected by sophisticated Trojans and other spyware. Cyber espionage is considerable today one of the most alarming cyber threats for governments and private […]