Friday, May 27, 2016

Most read of the week: on prison for warn of a hole

We thought, at this point, all of us we had understood who warn of a hole in our system deserves, at least, our gratitude or even a gift. But the story hasn't got a happy end for a Slovenian student who discovered failures in the Police communication protocol. He reported them and he was judged and sentenced to prison. Today is something "incredible", as it's sad the informer Pierluigi Paganini, who has been by far our most read recommendation.

The student, 26, called Dejan Ornig, was accused by "attack an information system, falsify documents and audio records" by his investigation about the TETRA protocol, used by the Slovenian police, as well intelligence services, the army and penitentiary administration of this country that, according to Ornig, it was poorly implemented.  To top that, the investigation was part of a scholarly project. The sentence was of 15 months in prison, that he won't start in exchange of not hack on 3 years.

Miles ago, other stories have attracted the attention of our readers. For example the case of a keylogger discovered in a company, camouflaged as an USB charger. Also we have good stories in the new focus of the Spanish blog "El Lado del Mal", where Chema Alonso has given limelight - and the pen - to researchers who are giving us stories more technical that we were used to but so good as the "Taximeter Hacking on Spain via Shodan".

This week has been productive on good researchers and our readers has appreciated that with their visits. Is the case of the great study about a controversial topic as the "Attributing Cyber Attacks" of the Journal of Strategic Studies. Also the Palo Alto Networks, Wekby, and their DNS petitions as C&C mechanism. And a proof of concept what goose bumps us of the potential damage it can make in mid users: the attack called "pastejacking" that use the clipboard as an attack vector.

Lastly, of our own production we also highlight the sum of an investigation, of HP Enterprise, about the increasingly professionalization of cyber criminals and the organizations that group them, which is very similar, talking about the level of internal organization, to any international corporation.


Post a Comment