You are driving your Cherokee Jeep like you normally do, you tune the radio on your favorite station, and you suddenly realize there is something completely wrong. The car does not follow your orders anymore: the radio tuner ignores your settings and chooses the radio station on its own, the windshield wipers turn on and, even worse, the car decides autonomously when steering, accelerating or braking.... Read More
This first half of July will be long remembered for the Infosec Professionals: undoubtedly the dramatic Hacking Team leak has characterized this fortnight and has written one of the most controversial pages of the Infosec Annals. Security researchers and activists are still digging into the trove of documents (and 0-days) siphoned from the Italian company, and this story, that is unveiling new details every day, is far from being completed.... Read More
Great news! With this article, I have decided to change the timeline, moving from a static infographic-style format, to a tabular format, which allows to sort, filter and search for specific items inside the timeline.... Read More
If you are a user of Plex, you’d better change your password now. On Tuesday the developers of the Popular Media Server have sent out an email notification reporting that the sever hosting the forums and the blog has been compromised, and consequently all the users are required to change their password.... Read More
I know you were losing all your hopes… Don’t panic! Even if with a little delay, here we go with the 1-15 June Cyber Attacks timeline.
This first half of June has been quite troubled from an infosec standpoint, with a couple of events that overshadowed all the rest and that will be probably remembered for a long time (and who can tell how long the consequences will last), I am obviously talking about the breach(es) suffered by the Office Of Personnel Management and the cyber attack executed against Kaspersky using a revamped version of Duqu dubbed Duqu 2.0.
In information security, a product demo is quite important inside the sales process. Normally conceived as a necessary step to show the product features and integration capabilities in a real world condition (hopefully with some well established success criteria), it often turns out to be a sort of red pill capable to show “how deep the rabbit hole goes”, in other terms, how many threats (more or less serious) have gone undetected until that moment.... Read More