Pierluigi Paganini
December 19, 2012
On December 16th the Iranian Maher center issued an advisory warning of a new “targeted data wiping” malware discovered during an investigation. First analysis of the center revealed that the malicious code has a simple as efficient design that allow it to wipe files on different drives in various predefined times. The malware wipes disk partitions […]
Pierluigi Paganini
December 16, 2012
Cyber espionage is worldwide recognized one of the most concerning cyber threats mainly operated by governments to steal sensible information to foreign states and private companies. FireEye has revealed a cyber espionage campaign, named “Sanny“, attributable to Korea that hosts command-and-control (C&C) servers used in the attacks, the C&C channel is embedded on a legitimate page […]
Pierluigi Paganini
December 10, 2012
On September 2012 the German security firm G Data Software detected a botnet with a particular feature, it is controlled from an Internet Relay Chat (IRC) server running as a hidden service of the Tor. There are pro and cons for this design choice, of course the greatest advantage resides in the difficulty for the localization of the […]
Pierluigi Paganini
December 07, 2012
Zeus, a name that security experts know very well, it’s one of the most prolific and dangerous malware of the history. In the years several versions have been detected, it’s one of the first malware for which it has been applied an excellent business model that made possible its evolution in cybercrime, unique constant is the […]
Pierluigi Paganini
December 06, 2012
Sophos was one of the first security firms that has published a report, Sophos Security Threat Report 2013, on current status of security landscape making predictions for incoming year. The document propose an interesting overview on most common and dangerous cyber threats attempting to determine the level of penetration by different countries. The factors that […]
Pierluigi Paganini
December 03, 2012
The New Your Times has recently published the news the Japan Aerospace Exploration Agency was hit by a virus that stolen secret information on newest rockets from an internal computer. The precious information was stored from a computer in Tsukuba Space Center located in northeast area of Tokyo, where it has been detected a malware that […]
Pierluigi Paganini
November 25, 2012
Symantec has published an interesting alert on a new agent named W32.Narilam that has been designed to damage corporate databases. Recently we have always thought to malware as dangerous agents used to steal information such as banking credentials or to be used in cyber espionage operation. This is one of the different ways to monetize the […]
Pierluigi Paganini
November 23, 2012
French weekly news magazine L’Express has reported that offices of France’s former president Sarkozy were hit by a cyber espionage campaign back in May 2012. Few days before the second round of the presidential election won by Hollande the President’s office was infected by Flame malware, within the compromise PCs also the one of Sarkozy’s […]
Pierluigi Paganini
November 22, 2012
Yesterday I wrote about a new variant of malware able to use Google Docs function to hide communications to C&C servers, but daily we read about malicious agents that compromise  every OS, also the ones considered most secure from security community. Recently security experts have detected a rootkit designed to infect Linux machines implementing an infection schema […]
Pierluigi Paganini
November 21, 2012
The ways explored by malware creators are unlimited, recently Symantec has announced the discovery of a new operational mode for backdoor trojan Makadocs, the security firm has in fact reported that a variant of malware hides its command-and-control (C&C) server communications using a legitimate Google Docs function. Backdoor.Makadocs is a Trojan horse that opens a […]
