giovedì, dicembre 10, 2015

Microsoft Security Bulletin MS15-127 - Critical

https://technet.microsoft.com/en-us/library/security/ms15-127.aspx

State-sponsored hackers spread backdoors in Middle East

http://www.ehackingnews.com/2015/12/state-sponsored-hackers-spread.html

Revealed: Mystery 7-year cyberspy campaign in Latin America

http://www.theregister.co.uk/2015/12/10/packrat_spying_latin_america/

Microsoft warns of possible attacks after Xbox Live certificate leaked |

http://nakedsecurity.sophos.com/2015/12/10/microsoft-warns-of-possible-attacks-after-xbox-live-certificate-leaked/

Phony WhatsApp update could cost you much more than a dollar |

http://nakedsecurity.sophos.com/2015/12/10/phony-whatsapp-update-could-cost-you-much-more-than-a-dollar/

Anonymous tumba la web del primer ministro nipón por la caza de ballenas

http://elpais.com/elpais/2015/12/10/ciencia/1449737153_237403.html

All eyes on the jailbroken as iOS, Mac OS X threat level ratchets up

http://www.theregister.co.uk/2015/12/10/ios_mac_osx_threat_trends/

'Legacy' Wordpress blog site of The Independent serving malware

http://www.theregister.co.uk/2015/12/10/legacy_wordpress_blog_site_of_ithe_independenti_serving_malware/

Brit-American hacker duo throws pwns on IoT BBQs, grills open admin

http://www.theregister.co.uk/2015/12/10/american_hacker_duo_throws_pwns_on_iot_bbqs_grills_open_admin/

Kaspersky, McAfee, and AVG all vulnerable to major flaw

http://www.theregister.co.uk/2015/12/10/kaspersky_mcafee_avg_vulnerable/

Epic failure of Phone House & Dutch telecom providers to protect personal data: How I could access 12+ million records #phonehousegate | Weblog | Sijmen Ruwhof

http://sijmen.ruwhof.net/weblog/608-personal-data-of-dutch-telecom-providers-extremely-poorly-protected-how-i-could-access-12-million-records

Someone Just Tried to Take Down Internet's Backbone with 5 Million Queries/Sec

http://thehackernews.com/2015/12/dns-root-servers-ddos-attack.html

lunedì, novembre 30, 2015

Hacker holds UAE bank to ransom, demands $3m

http://gulfnews.com/xpress/dubai/courts-crime/hacker-holds-uae-bank-to-ransom-demands-3m-1.1626394

Can't get a break: Pwned Linux ransomware pwned again, infects 3000

http://www.theregister.co.uk/2015/12/01/cant_get_a_break_pwned_linux_ransomware_pwned_again_infects_3000/

Belkin's N150 router is perfect for learning hacking skills – wait, what, it's in production?

http://www.theregister.co.uk/2015/12/01/hole_in_belkin_home_router/

Cisco's telco-grade uber-routers can make almost anyone root

http://www.theregister.co.uk/2015/12/01/cisco_asr_1000s_get_root_vuln_patch/

Millions of Internet Things are “secured” by the same “private” keys |

http://nakedsecurity.sophos.com/2015/11/30/millions-of-internet-things-are-secured-by-the-same-private-keys/

How Corporate America keeps huge hacks secret November 30

http://money.cnn.com/2015/11/30/technology/secret-deals-hacked-companies/index.html?iid=SF_LN

VPN users menaced by port forwarding blunder • The Register

http://www.theregister.co.uk/2015/11/30/port_fail_vpn/

Port Fail: Vulnerability reveals real IP | Perfect Privacy

https://www.perfect-privacy.com/blog/2015/11/26/ip-leak-vulnerability-affecting-vpn-providers-with-port-forwarding/

Cops arrest 2 for operating “Fully UnDetectable” malware service |

https://nakedsecurity.sophos.com/2015/11/30/cops-arrest-2-for-operating-fully-undetectable-malware-service/

Just in time for Xmas: Extra stealthy Point of Sale malware • The Register

http://www.theregister.co.uk/2015/11/30/pro_pos_malware/

mercoledì, settembre 23, 2015

Los ‘hackers’ tienen 5,6 millones de huellas de los funcionarios de EE UU

http://tecnologia.elpais.com/tecnologia/2015/09/23/actualidad/1443033278_219253.html

Crash Google Chrome with one tiny URL: We cram a probe in this bug

http://www.theregister.co.uk/2015/09/20/chrome_url_crash/

Volkswagen Accused Of Hacking 482,000 Diesels To Fake U.S. Emissions Tests

https://www.yahoo.com/autos/volkswagen-charged-with-hacking-482000-diesels-to-129357726737.html

I primi virus dentro l’App Store: colpite almeno 39 applicazioni - Il Sole 24 ORE

http://www.ilsole24ore.com/art/tecnologie/2015-09-21/app-store-hackerato-la-prima-volta-colpite-almeno-39-applicazioni-120432.shtml?uuid=ACb6Gb1

The UK IS better than Europe, FACT! (at implementing cybersecurity measures) • The Register

http://www.theregister.co.uk/2015/09/22/trend_micro_quocira_cybercrime_scene_uk_europe/

eBay phishing sites hosted by… eBay | Netcraft

http://news.netcraft.com/archives/2015/09/23/ebay-phishing-sites-hosted-by-ebay.html

Chinese ad firm pwns Android users, creates hijackable global botnet • The Register

http://www.theregister.co.uk/2015/09/23/chinese_ad_firm_pwns_android_users_creates_hijackable_global_botnet/

Malware With Your News? Forbes Website Victim of Malvertising Attack « Threat Research

https://www.fireeye.com/blog/threat-research/2015/09/malvertising_attack.html

GM Took 5 Years to Fix a Full-Takeover Hack in Millions of OnStar Cars

http://www.wired.com/2015/09/gm-took-5-years-fix-full-takeover-hack-millions-onstar-cars/

martedì, aprile 28, 2015

Romanian rozzers round up alleged $15 MILLION ATM cybercrim gang

http://www.theregister.co.uk/2015/04/28/romanian_police_arrest_25_15m_swindle_allegations/

Nigerian accused of hacking bank computer to steal $340 million

https://nakedsecurity.sophos.com/2015/04/24/nigerian-accused-of-hacking-bank-computer-to-steal-340-million/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Security researcher barred from United flight after hack tweet

https://nakedsecurity.sophos.com/2015/04/20/security-researcher-barred-from-united-airlines-flight-after-hack-tweet/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Fukushima nuke plant owner told to upgrade from Windows XP

http://www.theregister.co.uk/2015/04/23/fukushima_nuke_plant_owner_told_to_upgrade_from_windows_xp/

POS vendor used same password – 166816 – non-stop since 1990 • The Register

http://www.theregister.co.uk/2015/04/23/166816_the_pos_pin_for_win_since_1990/

UK rail signals could be hacked to cause crashes, claims prof • The Register

http://www.theregister.co.uk/2015/04/24/uk_rail_signal_upgrade_hacker_risk_claims_prof/

Tesla Twitter account and website hijacked, Elon Musk pwned

http://www.theregister.co.uk/2015/04/27/tesla_hijack/

Student jailed for using keylogger to up his exam marks

https://nakedsecurity.sophos.com/2015/04/27/student-jailed-for-using-keylogger-to-up-his-exam-marks/

US hospitals to treat medical device malware with AC power probes

http://www.theregister.co.uk/2015/04/27/us_hospitals_to_treat_medical_device_malware_with_ac_power_probes/

Man-in-the-Middle diddle hits 25,000 iOS apps

http://www.theregister.co.uk/2015/04/28/sourcedna_ssl_bug_ios/

Could a hacker *really* bring down a plane from a phone in seat 12C?

https://nakedsecurity.sophos.com/2015/04/17/could-a-hacker-really-bring-down-a-plane-from-a-mobile-phone-in-seat-12c/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Tampering with US voting machine as easy as ‘abcde’, audit finds

https://nakedsecurity.sophos.com/2015/04/17/tampering-with-us-voting-machine-as-easy-as-abcde-says-virginia-report/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

lunedì, febbraio 23, 2015

More than 2000 security events

I am collecting security events in a public and searchable archive: https://www.evernote.com/pub/bartolialberto/news

As of July 2015, this archive contains more than 2300 entries.

Since February 2015, new entries are published also on this blog (except for a few weeks in which the updating machinery did not work...=.