Cyber Crime

Pierluigi Paganini September 05, 2014
IptabLes and IptabLex botnet targeting Linux servers to run large-scale DDoS attacks

Experts at Akamai-Prolexic discovered a botnet dubbed IptabLes and IptabLex that infects and exploits poorly-maintained Linux servers to run DDoS attacks. Akamai’s Prolexic division has uncovered a new botnet dubbed IptabLes and IptabLex, which was used in a series of attacks targeting malware based on Linux servers. The experts revealed that the IptabLes and IptabLex botnet compromises misconfigured and […]

Pierluigi Paganini September 04, 2014
AlienVault discovered Watering Hole attacks using Scanbox for reconnaissance

Security experts at AlienVault discovered a series of watering hole attacks using the Scanbox reconnaissance Framework that is targeting several industries. Security experts at AlienVault Labs have uncovered a watering hole attack with a singular characteristic, the attackers are using a framework developed for reconnaissance as the primary infection vector. The attackers deployed a malicious JavaScript on the targeted […]

Pierluigi Paganini September 04, 2014
Analyze VirusTotal Metadata to profile hackers

An independent researcher has analyzed for years the metadata on submissions to VirusTotal service identifying patterns related to many bad actors. VirusTotal is the Google owned company which offers free checking of URLs and files for viruses and other malicious code, its systems use up to 54 different antivirus software to scan files and URLs provided by the userscheck. Cyber criminals […]

Pierluigi Paganini September 03, 2014
Brazilian cyber criminals targeting home routers

Experts at Kaspersky spotted an interesting attack from Brazilian criminals that try to change the DNS settings of home routers by using a web-based attack. Experts at Kaspersky Lab have uncovered a hacking campaign conducted by Brazilian threat actors which is targeting home routers by using a web-based attack. The hackers are adopting different techniques, […]

Pierluigi Paganini September 03, 2014
Hacking traffic light systems

In this article published on the Infosec Institute are analyzed the principal studies on the security of traffic light systems and techniques to hack them. http://resources.infosecinstitute.com/hacking-traffic-light-systems/ We often see movie scenes in which hackers are able to hack systems for the control of traffic lights, with catastrophic consequences, unfortunately we must be conscious that threat […]

Pierluigi Paganini September 03, 2014
Namecheap accounts compromised using the CyberVor’s archive

Hosting provider Namecheap warned its customers that hackers compromised some of its users’ accounts using the CyberVor’s archive of credentials. Hosting provider Namecheap announced that earlier this week that hackers compromised some of its users’ accounts, apparently using the “CyberVor” collection of 1.2 billion usernames and passwords compiled by Russian hackers.  “CyberVor” (“vor” means “thief” in Russian) […]

Pierluigi Paganini September 02, 2014
Bogus cellphone towers found in the US

CryptoPhone 500 security firm has found 17 bogus cellphone towers in the US with a heavily customized handset exploited for surveillance activities. Seventeen mysterious cellphone towers have been discovered in the USA, they are identical to legitimate towers, the unique difference is related a heavily customized handset built for Android security. According to the Popular Science, […]

Pierluigi Paganini September 02, 2014
Alleged iCloud flaw exploited in Naked celebrity hack

Investigation on celebrities naked pictures leaked online raises suspicion that hackers breached iCloud accounts exploiting a flaw in the “Find my IPhone” feature. An alleged hack of Apple’s iCloud accounts of many celebrities seems to be the cause of the leakage online hundreds of naked photos purportedly belonging to more than 100 actors and singers.  On […]

Pierluigi Paganini September 01, 2014
The case of Linux DDoS Trojan ported to Windows

Experts at Dr.Web detected a Linux DDoS Trojan designed to infect also Windows OS, the circumstance is considered rare in the criminal ecosystem. The Russian antivirus company Dr. Web discovered that a Chinese DDoS Trojan written for Linux operating system seems have jumped to Windows, an event considered rare. “Cases of Linux malware being tailored by […]

Pierluigi Paganini September 01, 2014
APWG Q2 2014 report, phishing is even more dangerous

The APWG Report Q2 2014 states that phishing activities continue to increase, phishers are targeting Crypto Currency, Payment Services and Retail Sites. The APWG has published its new report related to phishing activities in the period April – June 2014, the document titled “Phishing Activity Trends Report, 2nd Quarter 2014” states that online payment services […]