Category Archives: Security

1-15 July 2015 Cyber Attacks Timeline

This first half of July will be long remembered for the Infosec Professionals: undoubtedly the dramatic Hacking Team leak has characterized this fortnight and has written one of the most controversial pages of the Infosec Annals.  Security researchers and activists are still digging into the trove of documents (and 0-days) siphoned from the Italian company, and this story, that is unveiling new details every day, is far from being completed.... Read More

June 2015 Cyber Attacks Statistics

It’s time to aggregate the data collected from the Cyber Attacks Timelines of June (part I and part II) into statistics.
... Read More

The Same Attacker Behind the Breaches Against Hacking Team and Gamma International

The alleged author of the huge breach against Hacking Team in which 400 Gb of data were leaked, has come out of stealth, posting a series of tweets in which he claimed responsibility for the attack:... Read More

16-30 June 2015 Cyber Attacks Timeline

Great news! With this article, I have decided to change the timeline, moving from a static infographic-style format, to a tabular format, which allows to sort, filter and search for specific items inside the timeline.... Read More

Plex Forum Compromised (Change your Password Now!)

If you are a user of Plex, you’d better change your password now. On Tuesday the developers of the Popular Media Server have sent out an email notification reporting that the sever hosting the forums and the blog has been compromised, and consequently all the users are required to change their password.... Read More

1-15 June 2015 Cyber Attacks Timeline

I know you were losing all your hopes… Don’t panic! Even if with a little delay, here we go with the 1-15 June Cyber Attacks timeline.

This first half of June has been quite troubled from an infosec standpoint, with a couple of events that overshadowed all the rest and that will be probably remembered for a long time (and who can tell how long the consequences will last), I am obviously talking about the breach(es) suffered by the Office Of Personnel Management and the cyber attack executed against Kaspersky using a revamped version of Duqu dubbed Duqu 2.0.

read more

The Importance of Data (Part II)

In a previous post entitled “The Importance of Data (Part I)” we have shown several charts built using the data collected from Hackmageddon.... Read More

The Importance of Data (Part I)

In information security, raw data is an important piece of information to understand the threat landscape, however it must be opportunely correlated to create value added.... Read More

OPM Breach Discovered During a Product Demo (and Undetected for Over a Year)

In information security, a product demo is quite important inside the sales process. Normally conceived as a necessary step to show the product features and integration capabilities in a real world condition (hopefully with some well established success criteria), it often turns out to be a sort of red pill capable to show “how deep the rabbit hole goes”, in other terms, how many threats (more or less serious) have gone undetected until that moment.... Read More

May 2015 Cyber Attacks Statistics

Countries May 2015It’s time to aggregate the two timelines of May 2015 (Part I and Part II) into statistics. Nothing new for the Country Distribution: the US rank at number one (and the UK appear a valuable target either, as it gets the second place emerging over the other countries).... Read More