Malware

Pierluigi Paganini November 22, 2011
Massive DNS poisoning: What happened to brazilian ISPs?

What is purpose for DNS cache poisoning attacks? DNS cache poisoning is an  attack methodology used to compromise in the Domain Name System and is made introduceding data artifacts into a DNS name server’s cache database that did not originate from authoritative sources. Consider that the domain name server translates a domain name into an specific […]

Pierluigi Paganini November 20, 2011
Elude control … let’s digitally sign malware code

F-Secure Researchers have discovered a digitally signed malware that has code signed with a stolen government certificate belonging to the Malaysian Agricultural Research and Development Institute. The issue has long been known and this attack methodic has triggered a widespread lack of confidence in the process of trusting based on the use of certificates. The impairment […]

Pierluigi Paganini November 18, 2011
Duqu … Do we really know the enemy?

In recent months we have read many reports related the analysis of the famous malware  and different assumptions about its genesis. Who designed the malicious agent? For what purpose? What features of Duqu we know? How can protect our structure from this threat? Let’s approach the questions step by step talking about its origin, on which much has been discussed. Comparing Stuxnet to Duqu Many researcher indicate that Stuxnet is the progenitor of the Duqu, both […]

Pierluigi Paganini November 17, 2011
Social Network “in-security”

In recent years social networks have succeeded  in the historic feat of bringing to the web a growing number of users. Jupiter users, the elderly, individuals and businesses all within the large network, many, too much, share the total awareness of what happens when they put their credentials or when attracted by a novice or by a video click on a link. Or this behavior often blind managers of the major social platforms do not provide useful information because it can spread real awareness of the threat they face. Social networks have […]

Pierluigi Paganini November 13, 2011
Trojan & Co, the new frontiers of espionage

Once upon a time the espionage made by agents who essentially lived in complete anonymity and free of the past were able to recover the greatest amount of information about their objectives by building dangerous relationships with the reality of interest. Over the years, and the overwhelming technological evolution,  scenarios are profoundly changed. Access to information most often passes through the circuits of a mobile device or a personal computer and this led to an increasing focus of many companies and government agencies in […]

Pierluigi Paganini November 06, 2011
Hacked MIT Server Used to Stage Attacks, Scan for Vulnerabilities

Bitdefender reseachers have discovered a number of brute force attacks against several web site. The attacks have been done using a server at the Massachusetts Institute of Technology (MIT). The hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server.  One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used […]

Pierluigi Paganini November 06, 2011
New variants of the DevilRobber Mac OS X TrojanFound in Trojaned Apps Are Stealing Data

Mac malware has been making some headlines in the last few months, as attackers have begun applying to OS X some of the tactics they’ve been using on Windows for decades. Security analysts have discovered several variants of the DevilRobber Mac OS X Trojan, the last one is also able to steal files, installs a […]

Pierluigi Paganini November 05, 2011
Malicious attacks on Facebook

Let me share with you the paper “A study of malicious attacks on Facebook” presented by Robert Sandilands during the event VB2011 that was held from October the 3rd till the 7th in Barcelona, Spain. A well made summary on the main attacks on a social network widely used around the world but also widely […]

Pierluigi Paganini November 02, 2011
Duqu Trojan, Stuxnet-derived malware

The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware spotted and identified by experts is based on the same Stuxnet code, however unlike Stuxnet, Duqu does not contain specific code related industrial control systems. […]

Pierluigi Paganini November 01, 2011
Welcome on board

Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve found it. I read news and comments from everywhere on the web and I decided to open this space toshare with you thoughts, words and advice regarding IT security. Now enough talking … let’s go. The journey is long.