Post

Visualizzazione dei post da 2015

Researcher criticises 'weak' crypto in Internet of Things alarm system

http://www.theregister.co.uk/2015/12/31/iot_alarm_crypto/

BBC News: AVG's Web TuneUp put millions of Chrome users at risk

http://www.bbc.co.uk/news/technology-35198435

Porno su maxischermo del casinĆ² a Portorose: catturato - Cronaca - Il Piccolo

http://ilpiccolo.gelocal.it/trieste/cronaca/2015/12/30/news/porno-su-maxischermo-del-casino-a-portorose-catturato-il-colpevole-1.12695221

Google probes AVG Chrome widget after 9m users exposed by bugs • The Register

http://www.theregister.co.uk/2015/12/29/avg_google_chrome_extension/

Critical Flaws Found in Network Management Systems

https://threatpost.com/critical-flaws-found-in-network-management-systems/115649/

Botnet of Aethra Routers Used for Brute-Forcing WordPress Sites

http://news.softpedia.com/news/botnet-of-aethra-routers-used-for-brute-force-wordpress-sites-498028.shtml

Password-less database 'open-sources' 191m US voter records on the web

http://www.theregister.co.uk/2015/12/28/security_researcher_spots_191_millionrecord_us_voter_database_online/

Patch now! Flash-exploitin' PC-hijackin' attack spotted in the wild by Huawei bods

http://www.theregister.co.uk/2015/12/28/adobe_flash_security_update/

Feds widen probe into lottery IT boss who rooted game for profit

http://www.theregister.co.uk/2015/12/24/feds_widen_investigation_into_lottery_it_boss_who_rooted_game_for_profit/

BBC News: Hyatt hotel visitors hit by payments system hack attack

http://www.bbc.co.uk/news/technology-35175263

BBC News: Man pleads guilty to financial news hack

http://www.bbc.co.uk/news/technology-35166992

Keeping browsing experience in users’ hands | Microsoft Malware Protection Center

https://blogs.technet.microsoft.com/mmpc/2015/12/21/keeping-browsing-experience-in-users-hands/

Nota senza titolo

http://www.theregister.co.uk/2015/12/21/iranian_hackers_target_new_york_dam/

Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors | WIRED

http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/

Juniper Networks finds backdoor code in its firewalls

http://www.engadget.com/2015/12/17/juniper-networks-finds-backdoor-code-in-its-firewalls/

Microsoft Trusted Root Certificate program getting a lot less trusting • The Register

http://www.theregister.co.uk/2015/12/17/microsoft_trusted_root_certificate_cull/

Chinese Hacker Pockets $170,000 After Hacking Airline Website

http://news.softpedia.com/news/chinese-hacker-pockets-170-000-after-hacking-airline-website-497771.shtml

Patch madness! 273 vulnerabilities from four vendors in one week - SC Magazine UK

http://www.scmagazineuk.com/patch-madness-273-vulnerabilities-from-four-vendors-in-one-week/article/459376/?platform=hootsuite

Press Backspace 28 times to own unlucky Grub-by Linux boxes

http://www.theregister.co.uk/2015/12/17/press_backspace_28_times_to_own_any_grubby_linux_box/

Project Zero: FireEye Exploitation: Project Zero’s Vulnerability of the Beast

http://googleprojectzero.blogspot.com/2015/12/fireeye-exploitation-project-zeros.html

Exploit upgrade for Microsoft Word Intruder crimeware kit |

http://nakedsecurity.sophos.com/2015/12/14/exploit-upgrade-for-microsoft-word-intruder-crimeware-kit/

Car parking apps vulnerable to man-in-the-middle attacks |

http://nakedsecurity.sophos.com/2015/12/15/car-parking-apps-vulnerable-to-man-in-the-middle-attacks/

FireEye flamed: single email allows total network access

http://www.theregister.co.uk/2015/12/16/fireeye_ultra_critical_flaw/

Patch now! Joomla attacked in remote code execution blitzkrieg

http://www.theregister.co.uk/2015/12/15/joomla_vuln/

European Space Agency records leaked for amusement, attackers say

http://www.csoonline.com/article/3014507/security/european-space-agency-records-leaked-for-amusement-attackers-say.html

Attack Against DNS Root Servers

http://www.root-servers.org/news/events-of-20151130.txt

MacKeeper Leaks 13 Million Mac Owners' Data, Leaves Passwords Open To Easy Cracking - Forbes

http://www.forbes.com/sites/thomasbrewster/2015/12/14/mackeeper-13-million-apple-mac-data-leak-passwords/

Nota senza titolo

http://www.theregister.co.uk/2015/12/14/latentbot_memory_resident_malware/

Nota senza titolo

http://www.theregister.co.uk/2015/12/14/trend_micro_glass_tank/

Nota senza titolo

http://www.bbc.co.uk/news/technology-35091534

Russian friends make German web scum the 'best' in European Union

http://www.theregister.co.uk/2015/12/14/trend_micro_umarkt/

Apple's App Store infected with XcodeGhost malware in China - BBC News

http://www.bbc.co.uk/news/technology-34311203

Predictable: How AV flaw hit Microsoft's Windows defences • The Register

http://www.theregister.co.uk/2015/12/11/anti_virus_trips_up_windows_defences/

Car parking mobile apps are vulnerable to hacking, say infosec folk • The Register

http://www.theregister.co.uk/2015/12/11/mobile_parking_apps_audit/

Android Gmail bug lets you spoof your email address

http://nakedsecurity.sophos.com/2015/11/18/android-gmail-bug-lets-you-spoof-your-email-address/

The Casino Malvertising Campaign

https://blog.malwarebytes.org/malvertising-2/2015/11/the-casino-malvertising-campaign/

Who's running dozens of top-secret unpatched databases? The Dept of Homeland Security

http://www.theregister.co.uk/2015/11/20/homeland_securitys_secret_unpatched_pcs_dbs/

Hackers add exploit kit to article asking 'Is cyber crime out of control?'

http://www.theregister.co.uk/2015/12/11/grauniad_asks_is_cyber_crime_out_of_control_vxers_answer_with_hack/

Microsoft Security Bulletin MS15-127 - Critical

https://technet.microsoft.com/en-us/library/security/ms15-127.aspx

State-sponsored hackers spread backdoors in Middle East

http://www.ehackingnews.com/2015/12/state-sponsored-hackers-spread.html

Revealed: Mystery 7-year cyberspy campaign in Latin America

http://www.theregister.co.uk/2015/12/10/packrat_spying_latin_america/

Microsoft warns of possible attacks after Xbox Live certificate leaked |

http://nakedsecurity.sophos.com/2015/12/10/microsoft-warns-of-possible-attacks-after-xbox-live-certificate-leaked/

Phony WhatsApp update could cost you much more than a dollar |

http://nakedsecurity.sophos.com/2015/12/10/phony-whatsapp-update-could-cost-you-much-more-than-a-dollar/

Anonymous tumba la web del primer ministro nipĆ³n por la caza de ballenas

http://elpais.com/elpais/2015/12/10/ciencia/1449737153_237403.html

All eyes on the jailbroken as iOS, Mac OS X threat level ratchets up

http://www.theregister.co.uk/2015/12/10/ios_mac_osx_threat_trends/

'Legacy' Wordpress blog site of The Independent serving malware

http://www.theregister.co.uk/2015/12/10/legacy_wordpress_blog_site_of_ithe_independenti_serving_malware/

Brit-American hacker duo throws pwns on IoT BBQs, grills open admin

http://www.theregister.co.uk/2015/12/10/american_hacker_duo_throws_pwns_on_iot_bbqs_grills_open_admin/

Kaspersky, McAfee, and AVG all vulnerable to major flaw

http://www.theregister.co.uk/2015/12/10/kaspersky_mcafee_avg_vulnerable/

Epic failure of Phone House & Dutch telecom providers to protect personal data: How I could access 12+ million records #phonehousegate | Weblog | Sijmen Ruwhof

http://sijmen.ruwhof.net/weblog/608-personal-data-of-dutch-telecom-providers-extremely-poorly-protected-how-i-could-access-12-million-records

Someone Just Tried to Take Down Internet's Backbone with 5 Million Queries/Sec

http://thehackernews.com/2015/12/dns-root-servers-ddos-attack.html

Microsoft Security Bulletin MS15-127 - Critical

https://technet.microsoft.com/en-us/library/security/ms15-127.aspx

Why Algebraic Eraser may be the riskiest cryptosystem you’ve never heard of

http://arstechnica.com/security/2015/11/why-algebraic-eraser-may-be-the-most-risky-cryptosystem-youve-never-heard-of/

Ad Fraud Botnet Might Cause $3 Billion in Damages to Online Advertisers

http://news.softpedia.com/news/ad-fraud-botnet-might-cause-3-billion-in-damages-to-online-advertisers-496377.shtml

Nota senza titolo

http://www.bbc.co.uk/news/technology-35050226

Windows' Nemesis: Pre-boot malware pwns payment processors • The Register

http://www.theregister.co.uk/2015/12/07/bootkit_malware_targets_payment_processing_firms/

Day 2: UK research network Janet still being slapped by DDoS attack

http://www.theregister.co.uk/2015/12/08/uk_research_network_janet_ddos/

A search engine for the Internet of (insecure) Things |

http://nakedsecurity.sophos.com/2015/12/08/a-search-engine-for-the-internet-of-insecure-things/

Microsoft leaks Xboxlive SSL server cert

http://www.theregister.co.uk/2015/12/09/microsoft_leaks_xboxlive_ssl_server_cert/

Kill Flash Now: 78 bugs patched in latest update

http://www.theregister.co.uk/2015/12/08/78_flash_bug_patches/

It's nearly 2016, and Windows DNS servers can be pwned remotely

http://www.theregister.co.uk/2015/12/08/patch_tuesday_december2015/

Linksys routers vulnerable through CGI scripts • The Register

http://www.theregister.co.uk/2015/12/08/linksys_routers_vulnerable_through_cgi_scripts/

Yahoo Mail fixed against evil emails you didn’t need to open |

https://nakedsecurity.sophos.com/2015/12/07/yahoo-mail-fixed-against-evil-emails-you-didnt-need-to-open/

Nota senza titolo

http://www.theregister.co.uk/2015/12/07/janet_under_persistent_ddos_attack/

Forced authorisation chip and PIN scam hitting high-end retailers | Bentham's Gaze

https://www.benthamsgaze.org/2015/12/01/forced-authorisation-chip-and-pin-hitting-high-end-retailers/

Windows' Nemesis: Pre-boot malware pwns payment processors • The Register

http://www.theregister.co.uk/2015/12/07/bootkit_malware_targets_payment_processing_firms/

Industrial gas detectors vulnerable to a remote attacker |

https://nakedsecurity.sophos.com/2015/12/07/industrial-gas-detectors-vulnerable-to-a-remote-attacker-with-low-skill/

Whisper this, but Java deserialisation vulnerability affects more libraries • The Register

http://www.theregister.co.uk/2015/12/07/java_deserialisation_research_library_vulnerable/

Russian "Pawn Storm" expands, rains hell on NATO, air-gapped PCs

http://www.theregister.co.uk/2015/12/07/op_pawn_storm/

Lock up your top-of-racks, says Cisco, there's a bug in the USB code

http://www.theregister.co.uk/2015/12/07/lock_up_your_topofracks_says_cisco_theres_a_bug_in_the_usb_code/

OopSSL: Pushme-Pullyou for OpenSSL patches

http://www.theregister.co.uk/2015/12/06/oopssl_openssl_patch_pushed_pulled_pushed_again/

High-Profile Mobile Apps At Risk Due to Three-Year-Old Vulnerability

http://blog.trendmicro.com/trendlabs-security-intelligence/high-profile-mobile-apps-at-risk-due-to-three-year-old-vulnerability/

Domination: Crims steal admin logins, infect sites, drop Cryptowall 4

http://www.theregister.co.uk/2015/12/04/domination_crims_steal_admin_logins_infect_sites_drop_cryptowall_4/

Dorkbot - botnet

https://www.us-cert.gov/ncas/alerts/TA15-337A

Anatomy of a Wi-Fi hole: Take care in your hotel this Christmas! |

https://nakedsecurity.sophos.com/2015/12/03/anatomy-of-a-wi-fi-hole-take-care-in-your-hotel-this-christmas/

Ponmocup is the '15 million' machine botnet you've never heard of • The Register

http://www.theregister.co.uk/2015/12/03/ponmocup_is_the_15_million_machine_botnet_youve_never_heard_of/

Industrial control system gateway fix opens Heartbleed, Shellshock • The Register

http://www.theregister.co.uk/2015/12/03/industrial_control_system_gateway_fix_opens_heartbleed_shellshock/

Popular 3G/4G data dongles are desperately vulnerable, say hackers • The Register

http://www.theregister.co.uk/2015/12/03/3g4g_data_dongles_vulnerable/

Australia Bureau of Meteorology 'hacked' - BBC News

http://www.bbc.co.uk/news/world-australia-34980884

VTech Hacker Explains Why He Hacked the Toy Company | Motherboard

http://motherboard.vice.com/read/vtech-hacker-explains-why-he-hacked-the-toy-company

Insecure App Exposed Billboard Lights to Hacker Attacks | SecurityWeek.Com

http://www.securityweek.com/insecure-app-exposed-billboard-lights-hacker-attacks

DHS Giving Firms Free Penetration Tests — Krebs on Security

http://krebsonsecurity.com/2015/12/dhs-giving-firms-free-penetration-tests/

Conficker, back from the undead, dominates malware threat landscape

http://www.theregister.co.uk/2015/12/01/conficker_dominates_threat_landscape_malware/

Hacker holds UAE bank to ransom, demands $3m

http://gulfnews.com/xpress/dubai/courts-crime/hacker-holds-uae-bank-to-ransom-demands-3m-1.1626394

Can't get a break: Pwned Linux ransomware pwned again, infects 3000

http://www.theregister.co.uk/2015/12/01/cant_get_a_break_pwned_linux_ransomware_pwned_again_infects_3000/

Belkin's N150 router is perfect for learning hacking skills – wait, what, it's in production?

http://www.theregister.co.uk/2015/12/01/hole_in_belkin_home_router/

Cisco's telco-grade uber-routers can make almost anyone root

http://www.theregister.co.uk/2015/12/01/cisco_asr_1000s_get_root_vuln_patch/

Millions of Internet Things are “secured” by the same “private” keys |

http://nakedsecurity.sophos.com/2015/11/30/millions-of-internet-things-are-secured-by-the-same-private-keys/

How Corporate America keeps huge hacks secret November 30

http://money.cnn.com/2015/11/30/technology/secret-deals-hacked-companies/index.html?iid=SF_LN

VPN users menaced by port forwarding blunder • The Register

http://www.theregister.co.uk/2015/11/30/port_fail_vpn/

Port Fail: Vulnerability reveals real IP | Perfect Privacy

https://www.perfect-privacy.com/blog/2015/11/26/ip-leak-vulnerability-affecting-vpn-providers-with-port-forwarding/

Cops arrest 2 for operating “Fully UnDetectable” malware service |

https://nakedsecurity.sophos.com/2015/11/30/cops-arrest-2-for-operating-fully-undetectable-malware-service/

Just in time for Xmas: Extra stealthy Point of Sale malware • The Register

http://www.theregister.co.uk/2015/11/30/pro_pos_malware/

Nota senza titolo

http://www.theregister.co.uk/2015/11/27/malvertisers_spray_readers_digest_stinky_feet_with_exploit_kit/

Nota senza titolo

http://www.theregister.co.uk/2015/11/27/nine_percent_of_encrypted_traffic_open_to_hijack_from_shared_keys/

Mr Grey, the Russian hacker who helped haul in 1.2 billion logins • The Register

http://www.theregister.co.uk/2015/11/27/mr_grey_the_russian_hacker_who_helped_haul_in_12_billion_logins/

Researcher reveals Chinese e-crime shopping list • The Register

http://www.theregister.co.uk/2015/11/26/trend_micro_china_protype_nation/

Dell apologizes for HTTPS certificate fiasco, provides removal tool | Ars Technica

http://arstechnica.com/security/2015/11/dell-apologizes-for-https-certificate-fiasco-provides-removal-tool/

Lazy IoT, router makers reuse skeleton keys over and over in thousands of devices – new study • The Register

http://www.theregister.co.uk/2015/11/26/lazy_iot_skeleton_keys/

Hacker predicts AMEX card numbers, bypasses chip and PIN • The Register

http://www.theregister.co.uk/2015/11/25/kamkar_credit_card/

Nota senza titolo

http://www.bbc.co.uk/news/technology-34920557

Nota senza titolo

http://www.bbc.co.uk/news/technology-34920197

Nota senza titolo

http://www.bbc.co.uk/news/technology-34910649

Pen tester sounds alert over 'gaping' flaws in Brit alarm platform

http://www.theregister.co.uk/2015/11/24/dualcom_cameras_vulnerability/

Superfish 2.0 worsens: Dell's dodgy security certificate is an unkillable zombie

http://www.theregister.co.uk/2015/11/23/dell_security_nightmare_gets_worse/

British duo arrested for running malware encryption service

http://www.theregister.co.uk/2015/11/24/refudme_anti_antivirus/

World's most complex cash register malware plunders millions in US

http://www.theregister.co.uk/2015/11/24/modpos_point_of_sale_malware/

Dell does a Superfish, ships PCs with easily cloneable root certificates | Ars Technica

http://arstechnica.com/security/2015/11/dell-does-superfish-ships-pcs-with-self-signed-root-certificates/

Superfish 2.0: Dell ships laptops, PCs with gaping internet security hole • The Register

http://www.theregister.co.uk/2015/11/23/dude_youre_getting_pwned/

United Airlines Bug Bounty: An experience in reporting a serious vulnerability - Randy Westergren

http://randywestergren.com/united-airlines-bug-bounty-an-experience-in-reporting-a-serious-vulnerability/

Criminal Ruskie BOFHs help hackers steal $790 million in three years • The Register

http://www.theregister.co.uk/2015/11/23/790_million_russian_financial_cybercrime/

Android adware can install itself even when users explicitly reject it | Ars Technica

http://arstechnica.com/security/2015/11/android-adware-can-install-itself-even-when-users-explicitly-reject-it/

Criminal are mostly hacking-by-numbers with exploit kits • The Register

http://www.theregister.co.uk/2015/11/19/exploit_kits_up_75percent_infoblox/

Hacking group Strontium dogs NATO and government targets • The Register

http://www.theregister.co.uk/2015/11/18/hacking_group_strontium_dogs_nato_and_government_targets/

Vicious Chrome V8 JavaScript Exploit Leaves All Android Devices Ripe For Attack | HotHardware

http://hothardware.com/news/vicious-chrome-javascript-v8-exploit-leaves-all-android-devices-ripe-for-attack

Botnet that enslaved 770,000 PCs worldwide comes crashing down

http://arstechnica.com/security/2015/04/botnet-that-enslaved-770000-pcs-worldwide-comes-crashing-down/

Badware in the firmware all over the place

http://www.theregister.co.uk/2015/11/16/badware_in_the_firmware_all_over_the_place/

Target stores attacked by pornographic pranksters - BBC News

http://www.bbc.com/news/technology-34556644

Ransomware-as-a-service surfaces, wants 10 percent profit cut

http://www.theregister.co.uk/2015/11/13/ransomwareasaservice_surfaces_wants_10_percent_profit_cut/

FastMail falls over as web service extortionists widen attacks and up their prices • The Register

http://www.theregister.co.uk/2015/11/11/fastmail_web_service_extortion/

Naked Security

https://nakedsecurity.sophos.com/2015/11/11/three-indicted-for-massive-hack-and-fraud-scheme-that-targeted-jpmorgan/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Latest Android phones hijacked with tidy one-stop-Chrome-pop • The Register

http://www.theregister.co.uk/2015/11/12/mobile_pwn2own/

Booming crypto ransomware industry employs new tricks to befuddle victims | Ars Technica

http://arstechnica.com/security/2015/11/booming-crypto-ransomware-industry-employs-new-tricks-to-befuddle-victims/

XOR DDoS Botnet Launching 20 Attacks a Day From Compromised Linux Machines | Akamai

https://www.akamai.com/us/en/about/news/press/2015-press/xor-ddos-botnet-attacking-linux-machines.jsp

Severe SAP HANA vulnerabilities allow hackers to take full control | ZDNet

http://www.economist.com/news/briefing/21677228-technology-behind-bitcoin-lets-people-who-do-not-know-or-trust-each-other-build-dependable

Packet floods can bork Borg's security kit

http://www.theregister.co.uk/2015/11/10/packet_floods_can_bork_borgs_security_kit/

Comodo kills 'forbidden' certs

http://www.theregister.co.uk/2015/11/10/comodo_kills_forbidden_certs/

Severe SAP HANA vulnerabilities allow hackers to take full control | ZDNet

http://www.zdnet.com/article/severe-sap-hana-vulnerabilities-allow-hackers-to-take-full-control/

The Economist spreading malware

http://www.economist.com/help/pagefair

Epic Fail: Power Worm Ransomware Accidentally Destroys Victim's Data During Encryption - Softpedia

http://news.softpedia.com/news/epic-fail-power-worm-ransomware-accidentally-destroys-victim-s-data-during-encryption-495833.shtml

What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability. |

http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

Naked Security

https://nakedsecurity.sophos.com/2015/11/06/encrypted-email-provider-protonmail-caves-in-to-extortion-hands-over-6000/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

ProtonMail: encrypted email provider held ransom by hackers | Technology | The Guardian

http://www.theguardian.com/technology/2015/nov/05/protonmail-service-held-ransom-by-hackers?CMP=twt_gu

ProtonMail still under attack by DDoS bombardment • The Register

http://www.theregister.co.uk/2015/11/05/protonmail_ddos_attack/

An Analysis of Reshipping Mule Scams | Bentham's Gaze

https://www.benthamsgaze.org/2015/10/27/an-analysis-of-reshipping-mule-scams/

Stuxnet-style code signing of malware becomes darknet cottage industry

http://www.theregister.co.uk/2015/11/04/code_signing_malware/

US, UK big banks to simulate mega-hacker cyber-attack

http://www.theregister.co.uk/2015/11/05/banks_to_face_cyber_security_test_this_month/

Want Some Nuclear Power Plant 'Zero-Day' Vulnerabilities? Yours For Just $8, 000 - Forbes

http://www.forbes.com/sites/thomasbrewster/2015/10/21/scada-zero-day-exploit-sales/

CSC, NetCracker IT staff worked on US military telecoms 'without govt security clearance' • The Register

http://www.theregister.co.uk/2015/11/02/netcracker_csc_dod_settlement/

Medical device password

https://twitter.com/XSSniper/status/661201580738260992

Vaticano: violati i file riservati di un computer, sospetti sui «corvi»

http://roma.corriere.it/notizie/cronaca/15_ottobre_31/vaticano-violati-file-riservati-computer-sospetti-corvi-d45fb7aa-7f9e-11e5-8b57-f1b8d18d1f0e.shtml

Researchers Find Vulnerabilities in Use of Certificates for Web Security

http://cmns.umd.edu/news-events/features/3304

Three quarters of cars stolen in France 'electronically hacked' - Telegraph

http://www.telegraph.co.uk/news/worldnews/europe/france/11964140/Three-quarters-of-cars-stolen-in-France-electronically-hacked.html?utm_content=buffera411a&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Accountant robbed of 1600 records in Xero tax fraud raid: report • The Register

http://www.theregister.co.uk/2015/10/30/vic_accountant_robbed_of_1600_records_in_xero_tax_fraud_raid_report/

Hacker Steals, Drives Away Jaguar XFR Exploiting Flaw in Wireless System

https://www.hackread.com/hacker-steals-drives-away-jaguar-xfr/

Hacking Fitbit - Schneier on Security

https://www.schneier.com/blog/archives/2015/10/hacking_fitbit.html?utm_source=twitterfeed&utm_medium=twitter

Hackers hit NATO, White House – then aimed at MH17 air disaster probe

http://www.theregister.co.uk/2015/10/22/pawn_storm_hackers_targeted_mh17/

Malware menaces Merkel's minion, says Spiegel

http://www.theregister.co.uk/2015/10/27/malware_menaces_merkels_minion_says_spiegel/

TalkTalk cyber-attack: Website hit by 'significant' breach - BBC News

http://www.bbc.com/news/uk-34611857

How a criminal ring defeated the secure chip-and-PIN credit cards

https://twitter.com/

How a criminal ring defeated the secure chip-and-PIN credit cards

http://arstechnica.com/tech-policy/2015/10/how-a-criminal-ring-defeated-the-secure-chip-and-pin-credit-cards/

9 cuffed over £60 million banking scam targeting UK businesses

http://feedly.com/index.html

9 cuffed over £60 million banking scam targeting UK businesses

http://www.theregister.co.uk/2015/10/23/uk_phishing_scam_arrests/

Wikileaks pubblica le mail del capo della Cia beffato da un teenager

http://www.corriere.it/esteri/15_ottobre_22/wikileaks-pubblica-mail-capo-cia-beffato-un-teenager-7fe31a24-789f-11e5-95d8-a1e2a86e0e17.shtml

X-Ray Scans Expose an Ingenious Chip-and-Pin Card Hack

http://www.wired.com/2015/10/x-ray-scans-expose-an-ingenious-chip-and-pin-card-hack/

ISIS is attacking the U.S. energy grid (and failing) - Oct. 15, 2015

http://money.cnn.com/2015/10/15/technology/isis-energy-grid/index.html

I Built a Botnet that Could Destroy Spotify with Fake Listens | Motherboard

http://motherboard.vice.com/read/i-built-a-botnet-that-could-destroy-spotify-with-fake-listens

How is NSA breaking so much crypto?

https://freedom-to-tinker.com/blog/haldermanheninger/how-is-nsa-breaking-so-much-crypto/

Think Twice about Android Root

http://ucrtoday.ucr.edu/32320

Weak Diffie-Hellman and the Logjam Attack

https://weakdh.org/

In 2015, your Windows PC can be owned by opening a spreadsheet • The Register

http://www.theregister.co.uk/2015/10/13/patch_tues_october/

Hackers Can Silently Control Siri From 16 Feet Away

http://www.wired.com/2015/10/this-radio-trick-silently-hacks-siri-from-16-feet-away/

VW scandal and cheating software

http://www.cnn.com/2015/09/28/opinions/schneier-vw-cheating-software/index.html

SHA-1 hashing algorithm could succumb to $75K attack, researchers say

http://www.networkworld.com/article/2990801/sha-1-hashing-algorithm-could-succumb-to-75k-attack-researchers-say.html

Certificate authorities issue SSL certificates to fraudsters | Netcraft

http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html

WordPress Security: Brute Force Amplification Attack Targeting Thousand of Blogs

http://thehackernews.com/2015/10/WordPress-BruteForce-Amplification.html

Dow Jones Hacked, Affecting Thousands

http://www.infosecurity-magazine.com/news/dow-jones-hacked-affecting/

Mobile advertising DDoS JavaScript drip serves site with 4.5bn hits • The Register

http://www.theregister.co.uk/2015/09/28/mobile_malvertiser_ddos_javascript_drip_serves_site_with_45_billion_hits/

US state police cars hacked

https://nakedsecurity.sophos.com/2015/10/02/us-state-police-cars-hacked/

Cyber Security at Civil Nuclear Facilities: Understanding the Risks

https://www.chathamhouse.org//node/18747

Cyber Attack on Finland is a Warning for the EU

https://www.chathamhouse.org//node/13246

Search engine can find the VPN that NUCLEAR PLANT boss DIDN'T KNOW was there - report

http://www.theregister.co.uk/2015/10/05/nuclear_plants_cyber_denial_man_in_the_middle/

A billion Android phones are vulnerable to new Stagefright bugs

http://arstechnica.com/security/2015/10/a-billion-android-phones-are-vulnerable-to-new-stagefright-bugs/

The 100 car models at risk of being stolen due to security 'flaw'

http://www.birminghammail.co.uk/news/midlands-news/revealed-100-car-models-risk-10214218

87% of Android devices insecure because manufacturers fail to provide security updates | Light Blue Touchpaper

https://www.lightbluetouchpaper.org/2015/10/08/87-of-android-devices-insecure-because-manufacturers-fail-to-provide-security-updates/

Thousands of 'directly hackable' hospital devices exposed online

http://www.theregister.co.uk/2015/09/29/thousands_of_directly_hackable_hospital_devices_found_exposed/

AdSense fraud still too easy, says Spanish boffin

http://www.theregister.co.uk/2015/09/29/adsense_fraud_still_too_easy_says_spanish_boffin/

Zero-day vulnerabilities found in Kaspersky and FireEye security products

https://grahamcluley.com/2015/09/zero-day-vulnerability-kaspersky-fireeye/

Cybercrooks quickly bypass Adobe Flash Player's improved security protections

http://www.networkworld.com/article/2978860/microsoft-subnet/cybercrooks-quickly-bypass-adobe-flash-players-improved-security-protections.html

Using Samsung's Internet-Enabled Refrigerator for Man-in-the-Middle Attacks - Schneier on Security

https://www.schneier.com/blog/archives/2015/08/using_samsungs_.html?utm_source=twitterfeed&utm_medium=twitter

Here Is How To Address Car Hacking Threats

http://social.techcrunch.com/2015/09/12/to-protect-cars-from-cyber-attacks-a-call-for-action/

Los ‘hackers’ tienen 5,6 millones de huellas de los funcionarios de EE UU

http://tecnologia.elpais.com/tecnologia/2015/09/23/actualidad/1443033278_219253.html

Crash Google Chrome with one tiny URL: We cram a probe in this bug

http://www.theregister.co.uk/2015/09/20/chrome_url_crash/

Volkswagen Accused Of Hacking 482,000 Diesels To Fake U.S. Emissions Tests

https://www.yahoo.com/autos/volkswagen-charged-with-hacking-482000-diesels-to-129357726737.html

I primi virus dentro l’App Store: colpite almeno 39 applicazioni - Il Sole 24 ORE

http://www.ilsole24ore.com/art/tecnologie/2015-09-21/app-store-hackerato-la-prima-volta-colpite-almeno-39-applicazioni-120432.shtml?uuid=ACb6Gb1

The UK IS better than Europe, FACT! (at implementing cybersecurity measures) • The Register

http://www.theregister.co.uk/2015/09/22/trend_micro_quocira_cybercrime_scene_uk_europe/

eBay phishing sites hosted by… eBay | Netcraft

http://news.netcraft.com/archives/2015/09/23/ebay-phishing-sites-hosted-by-ebay.html

Chinese ad firm pwns Android users, creates hijackable global botnet • The Register

http://www.theregister.co.uk/2015/09/23/chinese_ad_firm_pwns_android_users_creates_hijackable_global_botnet/

Malware With Your News? Forbes Website Victim of Malvertising Attack « Threat Research

https://www.fireeye.com/blog/threat-research/2015/09/malvertising_attack.html

GM Took 5 Years to Fix a Full-Takeover Hack in Millions of OnStar Cars

http://www.wired.com/2015/09/gm-took-5-years-fix-full-takeover-hack-millions-onstar-cars/

Les espions contrƓlaient les camƩras des hƓtels lƩmaniques

http://ilpiccolo.gelocal.it/trieste/cronaca/2015/09/22/news/fisco-a-trieste-nel-2013-dichiarati-redditi-per-3-4-miliardi-di-euro-1.12137291

Les espions contrƓlaient les camƩras des hƓtels lƩmaniques

http://ilpiccolo.gelocal.it/trieste/cronaca/2015/09/22/news/trieste-strattona-e-getta-a-terra-un-anziana-per-rapinarla-arrestato-1.12136862

Les espions contrƓlaient les camƩras des hƓtels lƩmaniques

http://www.lematin.ch/suisse/espions-controlaient-cameras-hotels-suisses/story/26110458

"La Volkswagen barava sulle emissioni": l'amministrazione Obama attacca

http://www.repubblica.it/motori/sezioni/ambiente/2015/09/18/news/_la_volkswagen_barava_sulle_emissioni_l_amministrazione_obama_attacca-123180395/

Homeland Insecurity: OIG audit identifies numerous deficiencies

http://www.theregister.co.uk/2015/09/16/dhs_cyber_audit_2015_deficiencies/

Schneider patches yet ANOTHER dumb vuln

http://www.theregister.co.uk/2015/09/17/schneider_patches_another_vuln/

Security Bug allows Hackers to take Control of Curiosity Rover's OS

http://www.ehackingnews.com/2015/09/security-bug-allows-hackers-to-take.html

Norway: Inmates watch pornographic movies by hacking prison TV system

http://www.ibtimes.co.uk/norway-inmates-watch-pornographic-movies-by-hacking-prison-tv-system-1516889

Is, il Telegraph: "Hackerate mail di ministri del governo Cameron"

http://www.repubblica.it/esteri/2015/09/12/news/is_il_telegraph_hackerate_mail_di_ministri_del_governo_cameron_-122706338/

Ruskie ICS hacker drops nine holes in popular Siemens power plant kit

http://www.theregister.co.uk/2015/08/31/ruskie_ics_hacker_drops_nine_holes_in_popular_siemens_power_plant_kit/

Malware menaces poison ads as Google, Yahoo! look away • The Register

http://www.theregister.co.uk/2015/08/27/malvertising_feature/

Why is the smart home insecure? Because almost nobody cares • The Register

http://www.theregister.co.uk/2015/08/27/smart_home_insecure/

Bugged, Tracked, Hacked

http://www.9jumpin.com.au/show/60minutes/stories/2015/august/phone-hacking/

UDP-Based Amplification Attacks | US-CERT

https://www.us-cert.gov/ncas/alerts/TA14-017A

Yet another Android security flaw: This time EVERYTHING is affected

http://www.theregister.co.uk/2015/08/20/android_multitasking_flaw/

Lottery security chief found guilty of hacking Hot Lotto to win $14.3 million

http://www.hotforsecurity.com/blog/lottery-security-chief-found-guilty-of-hacking-hot-lotto-to-win-14-3-million-12342.html

Thousands of Apps Secretly Run Ads That Users Can't See

http://www.bloomberg.com/news/articles/2015-07-23/thousands-of-apps-secretly-run-ads-that-users-can-t-see

Car immobiliser easy to crack, say researchers - BBC News

http://www.bbc.com/news/technology-33906051

Hackers exploiting wide-open Portmap to amp up DDoS attacks • The Register

http://www.theregister.co.uk/2015/08/19/portmap_ddos_threat/

Microsoft drops rush Internet Explorer fix for remote code exec hole • The Register

http://www.theregister.co.uk/2015/08/19/microsoft_drops_rush_internet_explorer_fix_for_remote_code_exec_hole/

Adulterers antsy as 'entire' Ashley Madison databases leak online • The Register

http://www.theregister.co.uk/2015/08/18/ashley_madison_download/

Nasty Cisco attacks

https://www.schneier.com/blog/archives/2015/08/nasty_cisco_att.html?utm_source=twitterfeed&utm_medium=twitter

Nasty Cisco attacks

https://twitter.com/

Anti-botnet initiatives USELESS in sea of patch-hating pirates

http://www.theregister.co.uk/2015/08/18/antibotnet_initiatives_useless_in_sea_of_patchhating_pirates/

Anti-botnet initiatives USELESS in sea of patch-hating pirates

http://feedly.com/index.html

Another root hole in OS X. We know it, you know it, the bad people know it – and no patch exists • The Register

http://www.theregister.co.uk/2015/08/18/apple_local_root_os_x_yosemite/

Project Zero: Attacking ECMAScript Engines with Redefinition

http://googleprojectzero.blogspot.com/2015/08/attacking-ecmascript-engines-with.html

Firefox exploit found in the wild

https://twitter.com/jeremiahg

Security researchers hack a car and apply the brakes via text

http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text

Apple issues updates for lots of critical holes – patch now! | Naked Security

https://nakedsecurity.sophos.com/2015/08/13/apple-issues-updates-for-lots-of-critical-holes-patch-now/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Imperva demos cloudy man-in-the-middle attack

http://www.theregister.co.uk/2015/08/07/imperva_cloud_maninthemiddle_attack/

Amateurs Produce Amateur Cryptography - Schneier on Security

https://www.schneier.com/blog/archives/2015/05/amateurs_produc.html?utm_source=twitterfeed&utm_medium=twitter

Macroviruses are BACK and are the future of malware, says Microsoft • The Register

http://www.theregister.co.uk/2015/04/30/macros_the_future_of_malware_says_microsoft/

IETF updates TLS/SSL best practice guidance • The Register

http://www.theregister.co.uk/2015/05/07/ietf_updates_tlsssl_best_practice/

Attackers target new XSS in millions of WordPress sites • The Register

http://www.theregister.co.uk/2015/05/07/wordpresss_xss_twenty_fifteen/

Almost EVERY SAP install hackable, researchers say • The Register

http://www.theregister.co.uk/2015/05/08/sap_95_percent_vulnerable/

$7500 DDoS extortion hitting Aussie, Kiwi enterprises • The Register

http://www.theregister.co.uk/2015/05/08/ddos_hitting_oz_nz/

Ex-NSA security bod fanboi: Apple Macs are wide open to malware • The Register

http://www.theregister.co.uk/2015/05/07/mac_malware/

Cisco plugs remote code execution flaw in UCS Central control freak • The Register

http://www.theregister.co.uk/2015/05/08/cisco_ucs_vulnerability/

Smart grid security WORSE than we thought

http://www.theregister.co.uk/2015/05/11/smart_grid_security_worse_than_we_thought/

Infusion pump is hackable … but rumours of death are exaggerated

http://www.theregister.co.uk/2015/05/07/infusion_pump_is_hackable/

Ryanair stung after $5m Shanghai'd from online fuel account

http://www.theregister.co.uk/2015/04/30/ryanair_online_heist/

Anonymous e il sito dell'Expo intasato da giorni

http://www.zeusnews.it/n.php?c=22789

DDoSsers use reflection amplification to crank up the volume to 100Gbps+ • The Register

http://www.theregister.co.uk/2015/04/28/reflection_amps_drive_ddos_growth/

Romanian rozzers round up alleged $15 MILLION ATM cybercrim gang

http://www.theregister.co.uk/2015/04/28/romanian_police_arrest_25_15m_swindle_allegations/

Nigerian accused of hacking bank computer to steal $340 million

https://nakedsecurity.sophos.com/2015/04/24/nigerian-accused-of-hacking-bank-computer-to-steal-340-million/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Security researcher barred from United flight after hack tweet

https://nakedsecurity.sophos.com/2015/04/20/security-researcher-barred-from-united-airlines-flight-after-hack-tweet/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Fukushima nuke plant owner told to upgrade from Windows XP

http://www.theregister.co.uk/2015/04/23/fukushima_nuke_plant_owner_told_to_upgrade_from_windows_xp/

POS vendor used same password – 166816 – non-stop since 1990 • The Register

http://www.theregister.co.uk/2015/04/23/166816_the_pos_pin_for_win_since_1990/

UK rail signals could be hacked to cause crashes, claims prof • The Register

http://www.theregister.co.uk/2015/04/24/uk_rail_signal_upgrade_hacker_risk_claims_prof/

Tesla Twitter account and website hijacked, Elon Musk pwned

http://www.theregister.co.uk/2015/04/27/tesla_hijack/

Student jailed for using keylogger to up his exam marks

https://nakedsecurity.sophos.com/2015/04/27/student-jailed-for-using-keylogger-to-up-his-exam-marks/

US hospitals to treat medical device malware with AC power probes

http://www.theregister.co.uk/2015/04/27/us_hospitals_to_treat_medical_device_malware_with_ac_power_probes/

Man-in-the-Middle diddle hits 25,000 iOS apps

http://www.theregister.co.uk/2015/04/28/sourcedna_ssl_bug_ios/

Could a hacker *really* bring down a plane from a phone in seat 12C?

https://nakedsecurity.sophos.com/2015/04/17/could-a-hacker-really-bring-down-a-plane-from-a-mobile-phone-in-seat-12c/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Tampering with US voting machine as easy as ‘abcde’, audit finds

https://nakedsecurity.sophos.com/2015/04/17/tampering-with-us-voting-machine-as-easy-as-abcde-says-virginia-report/?utm_source=Naked%2520Security%2520-%2520Feed&utm_medium=feed&utm_content=rss2&utm_campaign=Feed

Your home automation things are a security nightmare • The Register

http://www.theregister.co.uk/2015/04/08/your_home_automation_things_are_a_security_nightmare/

Aw, snap! How huge HTML links can crash Chrome tabs in one click • The Register

http://www.theregister.co.uk/2015/04/07/chrome_awsnap_vuln/

Wi-Fi hotspots can put iPhones into ETERNAL super slow-mo • The Register

http://www.theregister.co.uk/2015/04/10/apple_phantom_attack_ios_fix/

Spanish election site in security cert warning screwup snafu

http://www.theregister.co.uk/2015/04/13/spanish_election_site_cert_screw_up/

Default admin password, weak Wi-Fi, open USB ports ... no wonder these electronic voting boxes are now BANNED • The Register

http://www.theregister.co.uk/2015/04/17/virginia_nixes_highly_pwnable_voting_boxes/

Hackers take down Google's Malaysian homepage

http://www.engadget.com/2015/04/14/google-malaysia-indirectly-hacked/

Energy utilities targeted by Office-spawned recon attack tool • The Register

http://www.theregister.co.uk/2015/04/02/valuable_energy_utilities_slapped_by_office_exploit_attacks/

Mystery 'Explosive' cyber-spy campaign traced back to Lebanon

http://www.theregister.co.uk/2015/04/01/lebanon_explosive_cyberspy_mystery_campaign/

Where do the most hackers come from? - Lawrence Pingree

http://blogs.gartner.com/lawrence-pingree/2013/03/08/where-do-the-most-hackers-come-from/

Cyber-attackers penetrate Reserve Bank networks

http://www.afr.com/news/economy/monetary-policy/cyberattackers-penetrate-reserve-bank-networks-20130311-ji534

Chasing APT: Persistence Pays Off — Krebs on Security

http://krebsonsecurity.com/2011/10/chasing-apt-persistence-pays-off/

Chinese CA Issues Certificates To Impersonate Google - Slashdot

http://it.slashdot.org/story/15/03/24/1730232/chinese-ca-issues-certificates-to-impersonate-google

Man escapes from jail after sending fake bail email

https://nakedsecurity.sophos.com/2015/03/31/man-escapes-from-jail-after-sending-fake-bail-email/

amazon.com XSS vulnerability - the Cross-Site Scripting Archive - XSSposed.org

go to link

Firefox, Chrome, Safari, IE exploited to own PCs, Mac at Pwn2Own 2015 • The Register

go to link

I soldi di Manenti? 50 milioni da Dubai con frodi informatiche

go to link

Sensitive apps with 6.3 BILLION downloads found open to FREAK • The Register

go to link

State Says it Needs to Rebuild Classified Computer Networks after Hack

go to link

Cisco posts kit to empty houses to dodge NSA chop shops

go to link

CREEPS rejoice: Small biz Cisco phones open to eavesdrop 0-day

go to link

Massive DDoS racks up $30,000-a-day Amazon bill for China activists

go to link

IBM discloses vulnerability in Dropbox's Android SDK

go to link

Top 10 Web Hacking Techniques of 2014

go to link

I soldi di Manenti? 50 milioni da Dubai con frodi informatiche

go to link

Fatally flawed RC4 should just die, shout angry securobods

go to link

Stealthy, Persistent DLL Hijacking Works Against OS X | Threatpost | The first stop for security news

go to link

Microsoft scrambles to kill Live.fi man-in-the-middle diddle

go to link

Pub O'clock probe finds thousands of repeated 512-bit RSA keys

go to link

Panda antivirus labels itself as malware, then borks EVERYTHING

go to link

Xen hypervisor bug found, fixed, phew...‏make sure you're patched!

go to link

Web security company inadvertently aids HMRC phishing attack | Netcraft

go to link

Ad bidding network caught slinging ransomware

go to link

Fareit trojan pwns punters with devious DNS devilry • The Register

go to link

Stuxnet Redux: Microsoft patches Windows vuln left open for FIVE YEARS • The Register

go to link

Yes our NAS boxen have a 0day, says Seagate: we'll fix it in May • The Register

go to link

GoPro intercettabili via Wi-Fi

go to link

Schneier on Security: FREAK: Security Rollback Attack Against SSL

go to link

Forbes Web site was compromised by Chinese cyberespionage group, researchers say

go to link

Forbes Web site was compromised by Chinese cyberespionage group, researchers say

go to link

Ouch! Google crocks capacitors and deviates DRAM to root Linux

go to link

US air traffic control 'vulnerable to hackers' says watchdog

go to link

White-listed phish slip through Google Apps

go to link

FREAKing hell: All Windows versions vulnerable to SSL snoop

go to link

D-Link Routers Haunted by Remote Command Injection Bug

go to link

FREAK out: Apple and Android SSL is WIDE OPEN to snoopers

go to link

More than 2000 security events

I am collecting security events in a public and searchable archive: https://www.evernote.com/pub/bartolialberto/news As of July 2015, this archive contains more than 2300 entries. Since February 2015, new entries are published also on this blog (except for a few weeks in which the updating machinery did not work...=.