Anonymous vs Syrian Electronic Soldiers

Hactivism is making possible to bring wars and revolutions on the cyberspace, the fifth domain of war. In particular the Arab Spring has given the definitive consecration to politically driven hacking actions that have proven to be a key factor inside the protests that are changing the political landscape in the Middle East: non conventional weapons used together with “traditional” methods by both parties involved on revolutions: cyber-opponents vs cyber-supporters.... Read More

The Beauty (RC4) and The BEAST (TLS)

Hard times for Information Security and for the authentication models it had been built upon. The inglorious falls of  SecureID and Certification Authority Authentication models were not enough in this troubled 2011 and now it looks like the last authentication bastion was breached after Thai Duong and Juliano Rizzo unleashed their BEAST (Browser Exploit Against SSL/TLS) attack.... Read More

Cyberwar, Il Quinto Dominio Della Guerra

Le Cyberwar sono state definite il quinto dominio della guerra. Ma se doveste spiegare in parole semplici a cosa corrisponde una Cyberwar come la definireste? In queste slide divulgative, redatte in occasione di un convegno al quale sono stato invitato, ho cercato di inserire la mia personalissima risposta con gli esempi più famosi del 2011 e alcuni collegamenti, apparentemente improbabili, alla vita di tutti i giorni.... Read More

September 2011 Cyber Attacks Timeline (Part I)

So here it is, also for this month, the first part of My Cyber Attacks Timeline covering the first half of September.... Read More

Processor Assisted Or OS Embedded Endpoint Security?

Yesterday, September the 13th 2011, the Information Security Arena has been shaken by a couple of announcements earthquakes unleashed by two of the most important players in this market.... Read More

An E-mail Attack to Ground Zero

Easily Predictable, the 10th 9/11 anniversary turned out to be a too tempting opportunity for unscrupulous hackers and cyber pranksters. Probably the NBC News Twitter account (and its 130,000 followers) will remember this anniversary eve for a long time after, late on Friday September the 9th, the Twitter account started to tweet false reports of a plane attack on ground zero.... Read More

Is It Time for DNSSEC?

[caption id="" align="alignleft" width="300" caption="DNSSEC in European Country Code Top Level Domains (green=deployed, yellow=planning to deploy) Source RIPE NCC"][/caption]

The media are in a frenzy today, reporting a wave of attacks against popular websites such as Daily Telegraph, The Register, UPS, Acer, and others. All the attacks utilized the same method (DNS Hijacking) and have been carried on by the same Turkish Group: Turkguvenligi.... Read More