Malware

Pierluigi Paganini September 04, 2013
NetTraveler APT hackers still active improved their attacks

Experts at Kaspersky firm provided evidences that the hackers behind cyber espionage campaign NetTraveler are still active and improved their attack methods. Last June Kaspersky firm uncovered a new global cyber espionage campaign dubbed NetTraveler. Kaspersky’s team discovered that NetTraveler targeted over 350 high profile victims from 40 countries. The name of the operation derives from […]

Pierluigi Paganini August 25, 2013
Poison Ivy still alive, old malware new cyber threats – FireEye report

Security vendor FireEye has published a detailed analysis on the popular Poison Ivy RAT, releasing also a set of tools to analyze infections. Security firm FireEye published an interesting analysis on the popular malware Poison Ivy, a remote access trojan (RAT) used in RSA SecurID attack. Poison IVY was also used in the 2011 Nitro […]

Pierluigi Paganini August 23, 2013
Kaspersky – Unvalidated redirection flaw exploitable to serve malware

The cyber Security Analyst Consultant at Q-CERT Ebrahim Hegazy has found an “Unvalidated Redirection Vulnerability” in the website of the giant security solutions vendor “Kaspersky”. Ebrahim Hegazy (@Zigoo0) has found an “Unvalidated Redirection Vulnerability” in the website of the giant security solutions vendor “Kaspersky”. Ebrahim Hegazy is the cyber Security Analyst Consultant at Q-CERT who found a SQL […]

Pierluigi Paganini August 22, 2013
DDoS to hide attacks against wire payment switch systems

Fraudsters target wire payment switch at US banks to steal millions using DDoS to divert the attention on fraudulent transactions. Cybercriminals are targeting the wire payment switch instead to hit directly into the banking accounts of individuals and businesses, this appears to be the last trend observed for recent attacks against numerous US banks. The wire payment switch […]

Pierluigi Paganini August 16, 2013
Android malware uses Google Cloud Messaging Service as C&C Server

Security experts at Kaspersky have detected numerous Android malicious applications that uses Google Cloud Messaging Service as C&C. Android malware exploits the Google Cloud Messaging Service (GCM) as Command and Control server. The Google service allows Android app developers to send messages using JSON format to installed apps, but hackers exploited it for malicious purposes. The discovery has been made […]

Pierluigi Paganini August 15, 2013
Chinese hackers that hit NYT are evolving their techniques

FireEye security experts discovered a new series of cyber attacks conducted by Chinese hackers targeted the US media in 2012, the attackers have improved the malware used in previous campaign against the New York Times. A new series of cyber attacks conducted by Chinese hackers targeted the US media, it seems that the responsible is […]

Pierluigi Paganini August 12, 2013
AndroRAT drives the rise for DIY Android hacking tools

AndroRAT is just one of the numerous open-source tools that was created and published on the undergroud forums to allow the hack of Android mobile devices. AndroRAT is an open-source tool that was created and published on the Internet in November 2012, it is a RAT (Remote Access Tool)  for Android OS and exactly as any other […]

Pierluigi Paganini August 11, 2013
DNS impairment redirects thousands of websites to malware

Cybercriminals are exploiting the possibility of DNS impairment to redirects visitors of thousands legitimate websites to compromised domains used to serve malware. DNS impairment or rather compromising DNS to distribute malicious code, cyber criminals are very attracted by the possibility to use DNS servers to redirect users that trying to visit a legitimate domain are hijacked […]

Pierluigi Paganini August 06, 2013
Firefox Zero-day exploited against Tor anonymity

Security researchers found a malicious script that takes advantage of a Firefox Zero-day to identify some users of the Tor anonymity network. My readers know very well Tor network and the capability of the system to remain anonymous under specific conditions. We have used terms such as Deep Web, Dark web and hidden web to remark […]

Pierluigi Paganini August 05, 2013
FBI Android malware used for investigations

Former FBI officers revealed to the Wall Street Journal the existence of FBI Android malware that is used to spy on suspects for investigations. The FBI is using mobile Android malware to spy on suspects for its investigations, the news is not surprising but is the confirmation that law enforcement are exploiting new technologies for […]