Cyber Crime

Pierluigi Paganini November 11, 2013
FireEye has identified a new IE zero-day exploit

FireEye Labs has identified a new IE zero-day exploit used for a watering hole attack in the US. As usual it is crucial to track and mitigate so dangerous threats in time to avoid serious problems. FireEye Labs has detected a new series of attacks based on the exploit of a new IE zero-day vulnerability […]

Pierluigi Paganini November 08, 2013
The Silk Road black market reloaded … 2.0 is out!

A new version of the popular black market Silk Road has been launched, the greatest illegal marketplace on Tor network has risen again. The Silk Road is up again, the biggest black market of the Tor network came online on Wednesday. Silk Road was seized by the FBI last October, law enforcement has also identified […]

Pierluigi Paganini November 07, 2013
GreatestArcadeHits serves ZEUS ZBOT banking trojan

Intelligence Ian Malloy has discovered an hidden variant of the popular Zeus banking trojan in the GreatestArcadeHits servers. GreatestArcadeHits.* serves up more than entertainment, in fact they don’t serve up entertainment at all.  Hidden in the application is the infamous ZEUS/ZBOT, a banking trojan that has the capacity to spoof online banking sites to steal […]

Pierluigi Paganini November 07, 2013
Google Bot activity abused doing SQL Injection Attacks

Security experts at Securi firm have recently detected a series of SQL Injection attacks conducted abusing of the Google Bot activity. The exploitation of search engines like Google and Bing to conduct an attack represents an optimal choice for hackers that intend to stay hidden during the offensive. No IT administrator would block traffic from […]

Pierluigi Paganini November 05, 2013
LinkedIn – How to exploit social media for targeted attacks

  The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]

Pierluigi Paganini November 02, 2013
Cyberbullying Infograph – know to fight it

The post is an intro to Cyberbullying concept and proposes an interesting infograph to better understand the entity of the forms of cyber harassment. Cyberbullying is the use of the Internet and any other technology to harm or harass other people, in a deliberate, repeated, and hostile manner.  Unfortunately this phenomena are in constant increase, in […]

Pierluigi Paganini November 02, 2013
Finland’s Ministry of Foreign Affairs hit by extensive cyber espionage

Finland’s foreign minister announced that foreign intelligence agents had carried out large-scale cyber espionage into government communications. The Finnish Ministry of Foreign Affair networks has been targeted in a cyber espionage operation lasting at least four years, the news has been reported by the Finnish commercial broadcaster MTV3. Finland’s foreign minister Erkki Tuomioja confirmed the shocking news, a large […]

Pierluigi Paganini November 01, 2013
Anonymous OpNSA Campaign – OSINT to predict DDoS attacks on Nov 5th

  OpNSA analyzed with OSINT techniques based on the correlation of media activities and physical protests. The analysts provided a forecast on next attacks. Web Intelligence analysis alerts on early signs of an Anonymous cyber campaign dubbed OpNSA that as usual will address with DDoS attack principal US Government websites. Security experts don’t exclude the […]

Pierluigi Paganini November 01, 2013
I don’t like – Facebook Clickjacking and track screen cursors

A misleading script to increase the number of “I like” and an invasive technology to track screen cursors are threatening the Facebook users. The social media are money machines, the interest of private companies, governments and cybercrime are increasing exponentially. Security experts are observing an alarming trend, a growing number of subjects are spending a […]

Pierluigi Paganini October 31, 2013
Prolexic on the Distributed Reflection Denial of Service attacks

Prolexic DDoS Attack Report reveals an increasing interest of cybercrime in Distributed Reflection Denial of Service technique, efficient and cost-effective. Prolexic Quarterly Global DDoS Attack Report revealed an increasing interest of cybercrime in Distributed Reflection Denial of Service technique (DNS reflection DDoS attack aka or DrDoS) and for this reason the company specialized in DDoS […]