Malware

Pierluigi Paganini December 01, 2011
“Mobile” intrigue … A prying eyes to carry around …

Let we use these ingredients to start some serious reflection on safety issues related to mobile devices: Robust growth in the mobile market, accompanied by technological advances that have made ​​these devices real PC. No awareness of those who use mobile terminals in relation to threats that they face. 2011 years of overtaking sales of […]

Pierluigi Paganini November 29, 2011
From printers to ovens … next step hack our brains.

Are we able to ensure that every peripherals connected to our computers and present in our offices is proof of attack? The first answer will be … “sure”.  We observe same problem with our household appliance that are being more intelligent. The evolution of automation and technology push in the direction of making each device available on the network. This is open up new and interesting  hacking scenarios.  In this days I have read a news on a web […]

Pierluigi Paganini November 24, 2011
Water utilities hacked … another SCADA system attack

The SCADA systems at the Water utilities in Illinois were hacked by a malicious attacker. “the SCADA system was powered on and off, burning out a water pump.” This is what the hacker has posted  giving proof of a direct compromise of the SCADA systems at this water utility confirming that there was actual damage. […]

Pierluigi Paganini November 23, 2011
Cyber Threats, high social impact but … which is the level of awareness?

Last week I had the opportunity to discuss with my father of adverse economic situation and in particular of the Italian public spending. I have introduced some reference to the arms and in particular cyber weapons. What are they? What are the threats we face? What is the social cost to fight and mitigate the […]

Pierluigi Paganini November 22, 2011
Massive DNS poisoning: What happened to brazilian ISPs?

What is purpose for DNS cache poisoning attacks? DNS cache poisoning is an  attack methodology used to compromise in the Domain Name System and is made introduceding data artifacts into a DNS name server’s cache database that did not originate from authoritative sources. Consider that the domain name server translates a domain name into an specific […]

Pierluigi Paganini November 20, 2011
Elude control … let’s digitally sign malware code

F-Secure Researchers have discovered a digitally signed malware that has code signed with a stolen government certificate belonging to the Malaysian Agricultural Research and Development Institute. The issue has long been known and this attack methodic has triggered a widespread lack of confidence in the process of trusting based on the use of certificates. The impairment […]

Pierluigi Paganini November 18, 2011
Duqu … Do we really know the enemy?

In recent months we have read many reports related the analysis of the famous malware  and different assumptions about its genesis. Who designed the malicious agent? For what purpose? What features of Duqu we know? How can protect our structure from this threat? Let’s approach the questions step by step talking about its origin, on which much has been discussed. Comparing Stuxnet to Duqu Many researcher indicate that Stuxnet is the progenitor of the Duqu, both […]

Pierluigi Paganini November 17, 2011
Social Network “in-security”

In recent years social networks have succeeded  in the historic feat of bringing to the web a growing number of users. Jupiter users, the elderly, individuals and businesses all within the large network, many, too much, share the total awareness of what happens when they put their credentials or when attracted by a novice or by a video click on a link. Or this behavior often blind managers of the major social platforms do not provide useful information because it can spread real awareness of the threat they face. Social networks have […]

Pierluigi Paganini November 13, 2011
Trojan & Co, the new frontiers of espionage

Once upon a time the espionage made by agents who essentially lived in complete anonymity and free of the past were able to recover the greatest amount of information about their objectives by building dangerous relationships with the reality of interest. Over the years, and the overwhelming technological evolution,  scenarios are profoundly changed. Access to information most often passes through the circuits of a mobile device or a personal computer and this led to an increasing focus of many companies and government agencies in […]

Pierluigi Paganini November 06, 2011
Hacked MIT Server Used to Stage Attacks, Scan for Vulnerabilities

Bitdefender reseachers have discovered a number of brute force attacks against several web site. The attacks have been done using a server at the Massachusetts Institute of Technology (MIT). The hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server.  One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used […]