Malware

Pierluigi Paganini November 05, 2013
LinkedIn – How to exploit social media for targeted attacks

  The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]

Pierluigi Paganini November 02, 2013
Finland’s Ministry of Foreign Affairs hit by extensive cyber espionage

Finland’s foreign minister announced that foreign intelligence agents had carried out large-scale cyber espionage into government communications. The Finnish Ministry of Foreign Affair networks has been targeted in a cyber espionage operation lasting at least four years, the news has been reported by the Finnish commercial broadcaster MTV3. Finland’s foreign minister Erkki Tuomioja confirmed the shocking news, a large […]

Pierluigi Paganini October 27, 2013
Subcontractors are for hackers the weakest link in security chain

Hackers use to target subcontractors to hit big enterprises due the poor level of security they offer, in the energy sector this trend is very concerning. Let’s follow the discussion on the hacking world and the way hackers impact business with their activities. We discussed about the role of hackers for companies and their employment […]

Pierluigi Paganini October 26, 2013
PHP.net compromised and redirecting to Magnitude exploit kit

Google detected a malware on PHP.net website, the internal team confirmed that the website was compromised and redirecting to a Magnitude exploit kit. php.net website was serving malware, the alert was launched by Google’s Safe Browsing service that alerted internet users.  Subsequent investigation confirmed that some of the project’s servers did get compromised, attackers succeeded to infect […]

Pierluigi Paganini October 24, 2013
Android Wroba banking trojan targeted Korean users

The Antivirus vendor Malwarebytes revealed that the Wroba banking trojan distributed via file sharing sites and alternative markets targeted Korean users. Today I presented at Cyber Threat Summit 2013 the topic “Modern online-banking cybercrime” and just a few hours after it is appeared the new Android banking Trojan targeting Korean banks. The number of malware […]

Pierluigi Paganini October 10, 2013
Blackhole author arrested. The impact on the underground market

The author of the Blackhole exploits kit has been arrested after a long investigation. What will change in the offer of the criminal underground? The author of the popular Blackhole exploit kit, also know as Paunch, has been arrested. The cybercrime underground has lost one of its principal actors considering that the malicious kit is one of […]

Pierluigi Paganini October 08, 2013
How to exploit iFramed based traffic E-shop for illegal activities

What is an E-shop for iFramed traffic and how does cybercrime exploit it? In this post thanks to the investigation of the incredible Dancho Danchev I’ll try to answer to these questions. On numerous occasion I remarked the need to carefully observe the evolution of the underground market to identify dangerous trends that can leave portend a new wave of […]

Pierluigi Paganini October 05, 2013
Reading IBM X-Force 2013 Mid-Year Trend and Risk Report

IBM issued the X-Force 2013 Mid-Year Trend and Risk Report, a detailed analysis of current security landscape, including data on main cyber threats and information on mitigation techniques. IBM issued the X-Force 2013 Mid-Year Trend and Risk Report, a study that identifies Social media as the main target of cyber criminal activities. The powerful social networking […]

Pierluigi Paganini September 30, 2013
F-Secure published Threat Report H1 2013 on security landscape

IT security firm F-Secure has published its Threat Report H1 2013, the document proposes a focus on Java exploits, mobile threats, Bitcoin mining, APTs and Mac malware. F-Secure security firm has released the Threat Report H1 2013 that provides an overview on cyber security landscape analyzing the events that characterized the first part of the year. The primary cause of incidents according the […]

Pierluigi Paganini September 28, 2013
Criminals hacked illegal service exposing Americans to Identity theft

An identity theft service that sells personal information on millions of US citizens has been hacked. Millions of US citizens exposed to Id Theft. Around 5 Millions of Americans are exposed to the concrete risk of identity theft, this is one of most clamorous and grotesque case of data breach, hackers stolen data on US citizens that were stored in the […]