-
Jan 2, 2020
100 years ago, Isaac Asimov was born: was one of the writers who brought science fiction out of its niche market and a great scientific popularizer with many articles and essays. His legacy is estimated in about 500 books of… read more »
-
Jan 1, 2020
20 years ago the entire world was afraid to descend into chaos as a result of computers not being able to cope with displaying a date containing year 2000: both computer experts and general public alike were convinced that computers… read more »
-
Dec 24, 2019
"The Hitchhiker's Guide to the Galaxy" is a cultural icon in science-fiction that spawned five books, stage shows, a 1981 TV series, a computer game, comic books and a major motion picture. But originally it was just a radio comedy… read more »
-
Dec 23, 2019
By default, containers run in unprivileged mode, that is, we cannot run Docker daemon inside a Docker container. However, a privileged Docker container is allowed to access to all the devices on the host woth the same privileges of the… read more »
-
Dec 20, 2019
POCKINT stands for "Pocket Intelligence".It is an OSINT multi purposes GUI program designed to be a lightweight and portable. POCKINT provides users with essential OSINT capabilities: input box accepts typical indicators (URL, IP, MD5) and gives users the ability to… read more »
-
Dec 19, 2019
According to a TrendMicro's report, 'The New Norm', the major cybersecurity risks for organizations in 2020 comes from DevOps, third-party libraries, container components and even remote workers. A pleasant reading for the Christmas holidays! The report [1] warns of a… read more »
-
Dec 18, 2019
Security research group Check Point Research recently uncovered a flaw in WhatsApp through which a single malicious user could crash the apps of all members of a group chat. After joining a group chat, a malicious user could edit specific… read more »
-
Dec 17, 2019
Some days ago, I've been looking at a website named "IBM 360 Model 20 Rescue and Restoration": a group of brave engineer started the project of restoration of an IBM System 360 Model 20, documenting all steps of the process.… read more »
-
Dec 16, 2019
Few news this week: a couple of link about ransomware (Ryuk and Snatch), an interesting attack on Intel CPUs, a Windows 0day and a phishing attack on Office365.Then, a security incident on S3 buckets and an interesting article about DNS… read more »
-
Dec 13, 2019
Google and Facebook help connect the world and provide crucial services to billions users, but this services come at a systemic cost. In a new report (a 60 page free PDF [1]), Amnesty International warned about Facebook and Google’s surveillance… read more »
-
Dec 12, 2019
British security firm Pen Test Partners tells us a creepy cybersecurity story set in a place difficult to associate with computers: the engine room of a ship. During a penetration test, the company discovered an unknown device connected to the… read more »
-
Dec 11, 2019
Security researcher Kishan Bagaria found a "bug" in AirDrop that let him repeatedly sent files to all devices able to accept files within wireless range of an attacker. How it works? The flaw, dubbed AirDoS, exploits the absence of receive… read more »
-
Dec 10, 2019
Security should be built into every part of the DevOps lifecycle, including inception, design, build, test, release, support, maintenance, and beyond. This model of security in DevOps is often called DevSecOps. DevSecOps aims to improve security through shared responsibility with… read more »
-
Dec 9, 2019
Last week was challenging: i left my old job and started in the same role in a new company.But, despite I haven’t had much spare time for reading my RSS feeds, I was able to collect some interesting news, especially… read more »
-
Dec 7, 2019
Android's December 2019 updates patches a small list of system and Qualcomm flaws across the operating system’s two patch levels [1].According with Google, a specific flaws (CVE-2019-2232) may allows an attacker to cause a permanent denial of service by simply… read more »
-
Dec 6, 2019
At the re:Invent event, Amazon Web Services reveiled a new tool that can help customers to avoid publishing of unsecured S3 buckets. Access Analyzer for S3 is a new feature that monitors your access policies, ensuring that the policies provide… read more »
-
Dec 5, 2019
Security researcher Omer Tsarfati from CyberArk has discovered [1] a vulnerability in Microsoft's OAuth implementation that may allows attacker to create authentication tokens with the victim’s permissions. This could let a malicious attacker access and control a victim’s account and… read more »
-
Dec 4, 2019
Recently, the italian hosting provider Netsons [1] discovered some unauthorized access on its Management System, occurred on March 2019. According with GDPR article 34 [2], Netsons had to inform its custover about the databreach. Here the statement: we would like… read more »
-
Dec 4, 2019
Researchers by cybersecurity firm Nyotron has discovered a new way that lets windows malware to modify files in a unique style that current anti-ransomware solutions are unable to identify. The technique [1] exploits documented Windows file system rename operations, altering… read more »
-
Dec 3, 2019
Hewlett Packard Enterprise has issued a notice about some of its solid-state hard drives: they have a defect that causes the crash of the drive after exactly 32.768 hours of operation (3 years, 270 days and 8 hours). A firmware's… read more »