#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Pierluigi Paganini | Breaking Cybersecurity News | The Hacker News

The use of passwords in a technological evolution

The use of passwords in a technological evolution

Jan 17, 2013
Every day we read about an incredible number of successful attacks and data breaches that exploited leak of authentication mechanisms practically in every sector. Often also critical control system are exposed on line protected only by a weak password, in many cases the default one of factory settings, wrong behavior related to the human component and absence of input validation makes many applications vulnerable to external attacks. Today I desire to focus the attention of a report published by the consulting firm's Deloitte titled " Technology, Media & Telecommunications Predictions 2013 " that provide a series of technology predictions, including the outlook for subscription TV services and enterprise social networks. The document correctly express great concern of the improper use of passwords that will continue also in 2013 being causes of many problems, it must to be considered that value of the information protected by passwords continues to grow attracting il
Operation Red October : Cyber Espionage campaign against many Governments

Operation Red October : Cyber Espionage campaign against many Governments

Jan 15, 2013
A new sensational discovered has been announced by Kaspersky Lab's Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Red October , name inspired by famous novel The Hunt For The Red October (ROCRA) and chosen because the investigation started last October. The campaign hit hundreds of machines belonging to following categories: Government Diplomatic / embassies Research institutions Trade and commerce Nuclear / energy research Oil and gas companies Aerospace Military The attackers have targeted various devices such as enterprise network equipment and mobile devices (Windows Mobile, iPhone, Nokia), hijacking files from removable disk drives, stealing e-mail databases from local Outlook storage or remote POP/IMAP server and siphoning files from local network FTP servers. Accordin
Fake Turkish digital Certificates blocked by Browser vendors

Fake Turkish digital Certificates blocked by Browser vendors

Jan 04, 2013
It's the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google's web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts. Microsoft has been immediately started the procedure to update its Certificate Trust list (CTL) and all versions of its OSs to revoke the certificate. Microsoft has also decided to revoke other two certificates for the same reason, it seems that some attacks using the first certificate have been already detected, fraudulent digital certificate that was mistakenly issued by a domain registrar run by a Turkish domain registrar. Microsoft has issued a security advisory " Microsoft Security Advisory ( 2798897 ) -Fraudulent Digital Certificates Could Allow Spoofing " that states: "Microsoft is aware of active attacks using one fraudulent digital certificate is
cyber security

Protecting Your Organization From Insider Threats - All You Need to Know

websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.
What's the Right EDR for You?

What's the Right EDR for You?

May 10, 2024Endpoint Security / Threat Detection
A guide to finding the right endpoint detection and response (EDR) solution for your business' unique needs. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint detection and response (EDR) solutions now serve as critical weapons in the fight, empowering you and your organization to detect known and unknown threats, respond to them quickly, and extend the cybersecurity fight across all phases of an attack.  With the growing need to defend your devices from today's cyber threats, however, choosing the right EDR solution can be a daunting task. There are so many options and features to choose from, and not all EDR solutions are made with everyday businesses and IT teams in mind. So how do you pick the best solution for your needs? Why EDR Is a Must Because of
Yahoo data leak by Virus_Hima, Why do we need a proactive security?

Yahoo data leak by Virus_Hima, Why do we need a proactive security?

Dec 17, 2012
In November I was contacted for first time by the Egyptian Hacker named ViruS_HimA who announced me to have hacked into Adobe servers and leaked private data. The hacker violated Adobe servers gaining full access and dumping the entire database with more of 150,000 emails and hashed passwords of Adobe employees and customers/partner of the firm such as US Military, USAF, Google, Nasa DHL and many other companies. ViruS_HimA specifically addressed the inefficient and slow patch management process that leaves exposed for long period "big companies".  " When someone report vulnerability to them, It take 5-7 days for the notification that they've received your report!! It even takes 3-4 months to patch the vulnerabilities! Such big companies should really respond very fast and fix the security issues as fast as they can ." Like , we reported two days before that one month old reported critical vulnerability of account hijacking in Outlook and Hotmail  is still wo
'The Hacker News' Celebrating 2nd Birthday

'The Hacker News' Celebrating 2nd Birthday

Oct 28, 2012
One of the most awaited occasions in a year is your birthday, same way we are today celebrating ' The Hacker News ' 2nd Birthday week from on 28th October-3rd November 2012. Originally founded on 1st November 2010 by Mohit Kumar , ' The Hacker News ' was the very First dedicated Hacking and Security News website available on Internet, Now been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers. We are happy to announce that this project is now Supported and endorsed by thousands of Security Experts, administrators and members of various underground hacking groups and communities worldwide.  With the need for information security solutions becoming more critical, In these two years we served updates to over 30 Million Readers through various projects including Daily happenings of Hacking & Security community via The Hacker News , A most comprehensive and informative collection of security, hacking, a
A virus specialized for AutoCAD, a perfect cyber espionage tool

A virus specialized for AutoCAD, a perfect cyber espionage tool

Jun 23, 2012
A virus specialized for AutoCAD , a perfect cyber espionage tool In recent years we are assisting to a profoundly change in the nature of malware, it is increased the development for spy purposes, for its spread in both private and government sectors. The recent case of Flame malware has demonstrated the efficiency of a malicious agent as a gathering tool in a typical context of state-sponsored attack for cyber espionage. Event like this represent the tip of the iceberg, every day millions of malware instances infect pc in every place in the world causing serious damages related to the leak of sensible information. Specific viruses are developed to address particular sectors and information, that is the case for example of "ACAD/Medre.A", a malware specialized in the theft of AutoCAD files. The virus has been developed to steal blueprints from private companies mostly based in Peru according the expert of the security firm ESET. The virus is able to locate AutoCAD file on infected ma
Face to Face with Duqu malware

Face to Face with Duqu malware

Mar 21, 2012
Face to Face with Duqu malware Once again we discuss about Stuxnet, cyber weapons and of the malware that appears derivate from the dangerous virus. The international scientific community has defined a Stuxnet deadly weapon because been designed with a detailed analysis of final target environment supported by a meticulous intelligence work that for the first time in history has embraced the world of information technology. The agent was designed with the intent to strike the Iranian nuclear program and even more clear is who has always opposed such a program, U.S. and Israel first, and consider also the technology skill necessary to develope a weapon with the observed architecture is really high. Extremely important two factors af the event: 1. the choose of control systems as target of the malware. 2. the conception of the virus as an open project, a modular system for which it was designed a development platform used to assemble the deadly cyber weapons in relation to the final
“Cyber China”, from Operation Aurora to China Cyber Attacks Syndrome

"Cyber China", from Operation Aurora to China Cyber Attacks Syndrome

Feb 08, 2012
" Cyber China ", from Operation Aurora to China Cyber Attacks Syndrome Security Expert, from  Security Affairs  -  Pierluigi Paganini takes us on a visit to China via The Hacker News January Edition Magazine Article and makes us wonder just how influential China's hacking is on world internet security. Read and decide for yourself : When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threat to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather
Cyber War : Another 7000 Israel credit cards Exposed on Internet

Cyber War : Another 7000 Israel credit cards Exposed on Internet

Jan 18, 2012
Cyber War : Another 7000 Israel credit cards Exposed on Internet This week has began under worse auspices worse for Israel, which, despite its attention to the cyber threats posed by cyber-space, has been victim of a series of attacks that have checkmated the government of Jerusalem. Kosova Hacker's Security Group of Hackers today claim to release another Another 7000 Israel credit cards on Internet. Last week  xOmar from  "group-xp"  threatened the Israeli people by exposing millions of credit cards. After that Israel said that it will respond to cyber-attacks in the same way it responds to violent terrorist acts, by striking back with force against hackers who threaten the Jewish state.  The Dump of these 7000 Cards are posted on Tinypaste  by Kisova Hackers. Th3 Dir3ctorY, ThEtA.Nu, & X|CRIPO, three hackers from  Kosova Hacker's Security  Group posted all the credentials including full name of the card holder, CCV, card no, expiry date. More, Saudi cybe
Cybersecurity
Expert Insights
Cybersecurity Resources