Cyber Crime

Pierluigi Paganini July 04, 2012
Citadel trojan, migration of cybercrime to the deep web

We all remember the Citadel trojan, based on  the Zeus experience has evolved becoming one of the most interesting cyber criminal project. Few months ago I wrote on the excellent customer relationship management (CRM) model implemented by its creators. Thanks a malware evolution dictated by market needs, the trojan has evolved in time, many instances […]

Pierluigi Paganini June 26, 2012
Capfire4, malware-as-a-service platform for crime

It’s not first time we discuss of cybercrime and in particular of its organizational models, creative servicex offer any kind of support to organizations and individuals that desire to conduct an attack against specific target. Cyber criminals in the past have already used cloud architectures to rent computational resources to involve in powerful cyber attacks. […]

Pierluigi Paganini June 22, 2012
A virus specialized for AutoCAD, a perfect cyber espionage tool

In recent years we are assisting to a profoundly change in the nature of malware, it is increased the development for spy purposes, for its spread in both private and government sectors. The recent case of Flame malware has demonstrated the efficiency of a malicious agent as a gathering tool in a typical context of […]

Pierluigi Paganini June 21, 2012
Wikiboat against the Pentagon, risks on Anonymous evolution

We live in the cyber era, governments measure their capabilities in the cyberspace with reciprocal attacks of increasing complexity.Every government is developing an adequate cyber strategy investing huge quantity of money in the establishment of cyber units, on formation of groups of cyber experts and on the development of new cyber weapons. In this scenario […]

Pierluigi Paganini June 20, 2012
Malware and new sophisticated cyber techniques against banking

Money motivates the cyber assault to banking by cybercrime, but the finance world is also considered a privileged target for sponsored-state attacks as part of cyber offense strategies. Let’s consider that the banking world is profoundly changing, the introduction of mobile devices, social networks, the openess to web services, the coming of new technologies such […]

Pierluigi Paganini June 18, 2012
On new generation of P2P botnets

Zeus is one of the longest-running malware that raged for months, appearing in various forms on the web thanks to the continuous changes made by the cybercrime industry. This time the news is really interesting, Symantec security researchers have detected a new variant of Zeus that not relies on command and control (C&C) servers for […]

Pierluigi Paganini June 16, 2012
The malware factory

Article Published on The Hacker New Magazine – June Edition “Malware” With the term malware we refer a heterogeneous family of malicious software designed with the purpose to disrupt computer operation, gather sensitive information, or gain unauthorized access to victims systems. With the term we indicate in fact several types of malicious code such as computer […]

Pierluigi Paganini June 13, 2012
Cyber security during sporting events

Excerpt from the article published on the last edition of PenTest AUDITING & STANDARDS 05 2012.  The article offers an overview on cyber security issues relating to sports events, competitions that are a priority target for terrorists and cyber criminals. What weight has the information security component on the overall organization? An analysis of the main types of computer attacks and possible consequences in a highly critical contest such as a sporting event. Introduction Whenever we see a major sporting event we […]

Pierluigi Paganini June 11, 2012
Anonymous, #OPIndia against censorship

Again Anonymous, again another hack in the name of freedom and against the censorship, this time the famous Anonymous have attacked the Mahanagar Telephone Nigam Limited (MTNL), bringing down its web site because the company is responsible of internet monitoring and censoring. The group posted on their website the following message ”We are against Internet […]

Pierluigi Paganini June 09, 2012
Google Online Security against state-sponsored attacks

According to a post of Eric Grosse, VP of security engineering at Google, on Google Online Security blog the company is constantly monitoring the web for malicious activity on its systems, with particular attention to attacks made by third parties to illegally access into users’ accounts. Google declared that is ready to adopt measurements to mitigate […]