The Tech That Safeguards the Conclave’s Secrecy

Following the death of Pope Francis, the Vatican is preparing to organize a new conclave in less than 20 days. This is how they’ll tamp down on leaks...

romevaticancard.com Cross Site Scripting vulnerability OBB-3474041

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign...

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign...

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether its any safer months after its first vulnerability was reported. We talked about how Apples security is hampering the detection of potentially unwante...

TA416 APT Rebounds With New PlugX Malware Variant

The TA416 advanced persistent threat APT actor is back with a vengeance: After a month of inactivity, the group was spotted launching spear-phishing attacks with a never-before-seen Golang variant of its PlugX malware loader. TA416, which is also known as “Mustang Panda” and “RedDelta,” was spott...

Hackers Continue Cyberattacks Against Vatican, Catholic Orgs

A state-sponsored threat group linked to China has been engaged in a five-month long cyberattack against the Vatican and other Catholic Church-related organizations. Attacks have come in the form of spear phishing emails laced with the PlugX remote access tool RAT as the payload. Researchers with...

IT Security in The New Pope

Lol, IT Security is everywhere. Even in the first episode of "The New Pope" TV series the sequel of "The Young Pope", 2016 some monks change credentials in the Vatican's IT systems under cover of night. This happened after, well, some unexpected changes in the corporate culture and organizational...

CVE-2014-7742

The Noticias del Vaticano aka com.wNoticiasdelVaticano application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Noticias del Vaticano aka com.wNoticiasdelVaticano application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Vatican Web Site Cross Site Scripting

Official Vatican web site Cross Site Scripting Time Line Vulnerability No one has responded to multiple security advisories sent to Vatican -------------------------------------------------------------------- Title: Official Vatican web site Cross Site Scripting Vendor: http://vatican.va...

Vatican Cross Site Scripting

vaticanstate.va XSS Vulnerability webcam page ======================================================== Site: http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3 Discovered by: Andrea Menin base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ== Follow me: http://www.linkedin.com/in/andreamenin...

Vatican Radio hacked by Anonymous Hackers

Vatican Radio hacked by Anonymous Hackers The hacktivist group Anonymous has taken down the Vatican's website for a second time. The attack is part of the organization's recent declaration of war against religion. The personal data of journalists at Vatican radio was leaked online and the Vatican...

Anonymous Takedown several Vatican Websites

Anonymous Takedown several Vatican Websites The Italian Anonymous Hackers took down the Vatican's website Vatican.va on Wednesday in retaliation for the "corruption" of the Roman Catholic Church. On an Italian-language website Anonymous accused the Catholic Church of being responsible for various...

Vatican magazine says hackers do God's work !

Computer hackers embody classic Christian virtues, a Vatican publication says, and shouldn't be perceived negatively. In their passionate commitment to creating, and their openness to sharing ideas, hackers see their online exploits as "a form of participation in the 'work' of God in creation,"...