August 2011 Cyber Attacks Timeline (Part I)

Update Sep 2: August 2011 Cyber Attacks Timeline (Complete List)... Read More

The Secret Behind LOIC? Simple!

Everyone dealing with Information Security knows very well that SNMP (which stands for Simple Network Management Protocol and corresponds to the standard UDP protocol used to monitor servers and network elements) is considered insecure. In too many circumstances network administrators forget to change the default community strings (the strings used to “softly” authenticate the manager and the agents) from their default values which are typically “public” for read-only access and “private” for read-and-write access on the monitored device. This happens sometimes for thoughtlessness, or simply because network administrators do not consider changing the default security strings a security issues.... Read More

The Dangerous Liaisons (Updated)

Did you know that a smartphone might involve as many as 250,000 patent claims? You may easily understand why the $ 4.5 billion auction to buy 6,000 Nortel patents by the consortium formed by Apple, Microsoft, Research in Motion, Sony Ericsson and EMC was so cruel. You may also easily understand why Google, the loser of the Nortel auction, decided to react immediately acquiring Motorola and its patent portfolio made of more than 17,000 approved patents (and another 7,500 patents filed and pending approval) for the large sum of $ 12.5 billion.... Read More

Antisec hacks another Defense Contractor

Update August 19: As part of #FFF IV Antisec has released full torrent for Vanguard Defense Industries Hack.... Read More

Looking Inside a Year of Android Malware

As you will probably know my Birthday post for Android Malware has deserved a mention from Engadget and Wired. Easily predictable but not for me, the Engadget link has been flooded by comments posted by Android supporters and adversaries, with possible trolls’ infiltrations, up to the point that the editorial staff has decided to disable comments from the article. The effect has been so surprising that someone has also insinuated, among other things, that I have been paid to talk s**t on the Android.... Read More

MySpace Hacked? No It wasn’t!

Update: Next Web pointed out that that what has been reported is a standard error message used by MySpace since 2009. I know these are hard times of hoaxes and psychological terrorism driven by the recent hacks by Anonymous and LulzSec but I hope that the lesson will be learned. Probably it would be better, in times like these, to use clearer error messages. At any rate this is only the latest demonstration of what it means to be hacking in the time of Twitter: advertising an attack, too often before performing it, has become even more important than the effect of the attack itself.... Read More

One Year Of Android Malware (Full List)

Update August 14: After the list (and the subsequent turmoil) here is the Look Inside a Year Of Android Malware.... Read More

Riot In Motion

As an (in)direct consequence of the London Riots, a crew of hackers called TeaMp0isoN has defaced the The Official BlackBerry Blog after RIM has indicated to assist London police, who are investigating the use of the messaging service in organizing riots, with a “very extensive monitoring of the BlackBerry Messenger model”.... Read More

Happy Birthday! One Year of Android Malware

Exactly One year ago (9 August 2010) Kaspersky discovered the first SMS Trojan for Android in the Wild dubbed SMS.AndroidOS.FakePlayer.a. This is considered a special date for the Google Mobile OS, since, before then, Android Malware was a litte bit more than en exercise of Style, essentially focused on Spyware. After that everything changed, and mobile malware targeting the Android OS become more and more sophisticated.... Read More