Cyber Crime

Pierluigi Paganini July 23, 2014
Operation Emmental, a sophisticated campaign which is targeting banking industry

Trend Micro has discovered a malicious campaign named Operation Emmental, which is targeting online banking systems of financial institutions worldwide. Trend Micro has published a report on a hacking campaign dubbed “Operation Emmental” which targeted Swiss bank accounts whit a multi-faceted attack that is able to bypass two factor authentication implemented by the organization to secure its customers. The […]

Pierluigi Paganini July 22, 2014
Gyges, the mixing of commercial malware with cyber weapon code

Sentinel Labs firm discovered a sophisticated malware dubbed Gyges that is the mixing of commercial malicious code with code of alleged cyber weapon. Experts at Sentinel Labs security firm have discovered Gyges malware in the wild in March 2014, the malicious code appears very sophisticated to the researches which attributed it to a state-sponsored project. The level of complexity […]

Pierluigi Paganini July 21, 2014
Cybercrime exploits the crash of Malaysia Airlines Flight MH17

Security experts at TrendMicro have detected a spam campaign via Twitter which exploits the incident occurred to Malaysia Airlines Flight MH17. Unfortunately, tragedies like the one occurred to the Malaysia Airlines Flight MH17 or the recent escalation in Gaza are excellent occasions for cyber criminals that try to exploit the public attention to carry out illegal activities. […]

Pierluigi Paganini July 20, 2014
Discovered a new Havex variant which hit SCADA via OPC

Researchers at FireEye have detected a new variant of Havex RAT, which scans SCADA network via Object linking and embedding for Process Control (OPC). Security experts at F-Secure and Symantec have recently announced a surge of malicious campaigns based on “Havex” malware against critical infrastructure. The bad actors behind the Havex campaign mainly targeted companies in the energy […]

Pierluigi Paganini July 19, 2014
A new PushDo botnet variant infected 11,000 machine in 24 hours

Security Experts at Bitdefender report that a new PushDo variant emerged from the underground compromising 11,000 machine in 24 hours. Security experts at BitDefender have recently detected a surge in the number of Pushdo trojan infections analyzing data from e sinkholing of C&C domains used by the malware. The experts discovered that the new Pushdo campaign is […]

Pierluigi Paganini July 19, 2014
Critroni, a sophisticated ransomware which uses Tor Network as C&C

A security researcher has detailed Critroni ransomware, a new sophisticated malware which is being sold in different underground forums. In 2013 ransomware were among the menaces that monopolized the threat landscape, malware such as Cryptolocker infected hundreds of thousand machines worldwide. Critroni (aka CTB-Locker) is the name of the last ransomware which captured the attention of security experts, the malware […]

Pierluigi Paganini July 18, 2014
A major cyber attack hits Nasdaq systems to destroy US Finance

Russian hackers hit Nasdaq critical systems with with a malware-based attack with the primary intent to sabotage the U.S. financial world. It was October 2010 when the FBI started an investigation on alleged malware-based cyber attacks against on Nasdaq, probably related to the operation of a state-sponsored group of hackers. After more than 12 months in which […]

Pierluigi Paganini July 16, 2014
SSL Blacklist a new weapon to fight malware and botnet

A Security Researcher at Abuse.ch has started SSL blacklist project to create an archive of all the digital certificates used for illicit activities. In recent years security experts have discovered many cases in which bad actors have abused of digital certificates for illicit activities, from malware distribution to Internet surveillance. Botmasters are exploiting new techniques to avoid detection by security experts and […]

Pierluigi Paganini July 15, 2014
Kronos, the new banking trojan from Russian underground

Experts at Trusteer have recently discovered an adv on the Russian underground market regarding a new financial Trojan dubbed Kronos. Russian underground is probably the most prolific market for sale of banking malware, malicious code like Citadel, Zeus, Gozi have infected millions computers worldwide dominating the malware threat landscape. The huge demand for banking trojan  is creating the conditions […]

Pierluigi Paganini July 14, 2014
Feds issue advisory on keylogger in hotel business centers

US Secret Service and the NCCIC have alerted hoteliers about a potential presence of keyloggers in the machines provided to guests in hotel business centers. US Secret Service and the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) have issued a non-public security advisory in the hospitality industry to warn on the activities of cyber […]