The recently discovered cyber espionage campaign âRed Octoberâ has shocked world wide security community, the principal questions raised are: Who is behind the attacks? How is possible that for so long time the campaign went undetected? Which is the role of AV company in these operations? To try to understand who is behind the attacks […]
The year is start way for Oracle Java platform, a new Java 0-day vulnerability has been discovered and worldwide security community is very concerned on the potential effect of the bug. We have discovered how much dangerous could be the exploit of a zero-day vulnerability especially against institutional targets and governments (e.g. Elderwood project), state-sponsored hackers […]
Law enforcement and intelligence agencies conscious of the high risks related to cyber threats have started massive monitoring campaign, everything must be controlled to avoid unpleasant surprises. The trend is shared by every governments of the planet, intelligence agencies are making great investments in term of money and resources to define new methods and to […]
The European Network and Information Security Agency (ENISA) is the EUâs agency responsible for cyber security issues of the European Union, its last report âENISA Threat Landscape – Responding to the Evolving Threat Environmentâ, summarizing the principal threats and providing also useful indication on the emerging trends. The report proposes the list of top threats […]
Itâs the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Googleâs web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts. Microsoft has been immediately started the […]
The last couple of years has been characterized by the raise of state-sponsored cyber attacks, governments have increased cyber capabilities to defend their critical infrastructures from offensive originated in the cyberspace but they also improved tactics to offend and spy on foreign government networks. Governments and private business of countries such as US, Japan and […]
Fortinet company, the worldwide provider of network security appliances and a market leader in unified threat management (UTM), has recently published the report âFortinet 2013 Cybercrime Reportâ that deepens the phenomenon of cybercrime. The report highlights that cybercrime is assuming an amazing relevance, what really surprise is its organizational capacity that has nothing to envy […]
Everywhere is possible to read rivers of words on the impressive diffusion of social networks and mobile devices, both technologies used in the last months as privileged channels of attacks due their large audience. We all know how much dangerous are botnets and how many malicious purposes could be achieved with their diffusion, today I […]
During the last week introduced you the excellent work done by the Group-IB, a security firm resident of the Moscow-based Skolkovo Foundation that has received a grant in the amount of 30m rubles (approximately $966,000) for the development of a global counter-cybercrime system named the CyberCop. It was for me the opportunity to receive many interesting […]
On September 2012 the German security firm G Data Software detected a botnet with a particular feature, it is controlled from an Internet Relay Chat (IRC) server running as a hidden service of the Tor. There are pro and cons for this design choice, of course the greatest advantage resides in the difficulty for the localization of the […]