What is purpose for DNS cache poisoning attacks? DNS cache poisoning is an attack methodology used to compromise in the Domain Name System and is made introduceding data artifacts into a DNS name server’s cache database that did not originate from authoritative sources. Consider that the domain name server translates a domain name into an specific […]
F-Secure Researchers have discovered a digitally signed malware that has code signed with a stolen government certificate belonging to the Malaysian Agricultural Research and Development Institute. The issue has long been known and this attack methodic has triggered a widespread lack of confidence in the process of trusting based on the use of certificates. The impairment […]
In recent months we have read many reports related the analysis of the famous malware and different assumptions about its genesis. Who designed the malicious agent? For what purpose? What features of Duqu we know? How can protect our structure from this threat? Let’s approach the questions step by step talking about its origin, on which much has been discussed. Comparing Stuxnet to Duqu Many researcher indicate that Stuxnet is the progenitor of the Duqu, both […]
In recent years social networks have succeeded in the historic feat of bringing to the web a growing number of users. Jupiter users, the elderly, individuals and businesses all within the large network, many, too much, share the total awareness of what happens when they put their credentials or when attracted by a novice or by a video click on a link. Or this behavior often blind managers of the major social platforms do not provide useful information because it can spread real awareness of the threat they face. Social networks have […]
Once upon a time the espionage made by agents who essentially lived in complete anonymity and free of the past were able to recover the greatest amount of information about their objectives by building dangerous relationships with the reality of interest. Over the years, and the overwhelming technological evolution, scenarios are profoundly changed. Access to information most often passes through the circuits of a mobile device or a personal computer and this led to an increasing focus of many companies and government agencies in […]
Bitdefender reseachers have discovered a number of brute force attacks against several web site. The attacks have been done using a server at the Massachusetts Institute of Technology (MIT). The hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server. One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used […]
Mac malware has been making some headlines in the last few months, as attackers have begun applying to OS X some of the tactics they’ve been using on Windows for decades. Security analysts have discovered several variants of the DevilRobber Mac OS X Trojan, the last one is also able to steal files, installs a […]
Let me share with you the paper “A study of malicious attacks on Facebook” presented by Robert Sandilands during the event VB2011 that was held from October the 3rd till the 7th in Barcelona, Spain. A well made summary on the main attacks on a social network widely used around the world but also widely […]
The Duqu trojan main purpose is to obtain a remote access allowing an adversary to gather information from a compromised computer and of course to download and run arbitrary programs. Duqu malware spotted and identified by experts is based on the same Stuxnet code, however unlike Stuxnet, Duqu does not contain specific code related industrial control systems. […]
Welcome on board Welcome! If you are curious, interested in the subject and looking for a place with a few clicks you canbe updated on what happens in the world … well you you’ve found it. I read news and comments from everywhere on the web and I decided to open this space toshare with you thoughts, words and advice regarding IT security. Now enough talking … let’s go. The journey is long.