Pierluigi Paganini September 25, 2018
Akamai Report: Credential stuffing attacks are a growing threat

According to Akamai’s latest State of the Internet report on credential stuffing, credential stuffing continues to be growing threat. According to Akamai report titled “[state of the internet] / security CREDENTIAL STUFFING ATTACKS“  the credential stuffing attacks are a growing threat and often underestimated. Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing […]

Pierluigi Paganini September 19, 2018
Dissecting the first Gafgyt bot implementing the “VanillaUPX technique”

Experts at the CSE Cybsec Z-Lab have found a Gafgyt variant implementing the VanillaUPX technique recently presented in a cybersecurity conference A new variant of the Gafgyt botnet is spreading in the last hours and experts of the CSE Cybsec Z-Lab have found it with the support of the Italian cyber security experts @Odisseus and GranetMan. The new […]

Pierluigi Paganini September 19, 2018
Evolution of threat landscape for IoT devices – H1 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved. The first data that emerged […]

Pierluigi Paganini September 10, 2018
GAO Report shed the lights on the failures behind the Equifax hack

A new report from the U.S. Government Accountability Office (GAO) provides detailed information of the Equifax hack. The Equifax hack occurred in May 2017 when attackers exploited the CVE-2017-5638 Apache Struts vulnerability in the Jakarta Multipart parser upload function. The flaw allowed the attacker to make a maliciously crafted request to an Apache web server and gain access […]

Pierluigi Paganini September 09, 2018
The main source of infection on ICS systems was the internet in H1 2018

Researchers from Kaspersky have published a new report on the attacks on ICS systems observed by its products in the first half of 2018. Kaspersky Lab experts have published a new report titled “Threat Landscape for Industrial Automation Systems” report for H1 2018, that includes interesting data related to attacks against the ICS systems. The security […]

Pierluigi Paganini August 27, 2018
Android mobile devices from 11 vendors are exposed to AT Commands attacks

A group of researchers has conducted an interesting study on AT commands attacks on modern Android devices discovering that models of 11 vendors are at risk A group of researchers from the University of Florida, Stony Brook University, and Samsung Research America, has conducted an interesting research on the set of AT commands that are […]

Pierluigi Paganini August 18, 2018
2.6 billion records exposed in 2,308 disclosed data breaches in H1

According to a report from cyber threat intelligence firm Risk Based Security some 2.6. billion data records have been exposed in data breached in the first half of 2018. According to a new report titled “Mid-Year 2018 Data Breach QuickView” published by the cyber threat intelligence company Risk Based Security some 2.6. billion data records have been exposed […]

Pierluigi Paganini August 16, 2018
Cyber Defense Magazine – August 2018 has arrived. Enjoy it!

Cyber Defense Magazine August 2018 Edition has arrived. Sponsored by: Bosch We hope you enjoy this month’s edition…packed with 130+ pages of excellent content.  InfoSec Knowledge is Power.  We have 6 years of eMagazines online with timeless content.  Visit our online library by clicking here.   Please tell your friends to FLIPBOOK PDF MOBILE  Our Global […]

Pierluigi Paganini August 07, 2018
Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. Security experts from Group-IB, an international company specializing in preventing cyberattacks and developing information security solutions, has investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. Within a year, the number […]

Pierluigi Paganini August 02, 2018
Analyzing the Telegram-based Android remote access trojan HeroRAT

Researchers at CSE Cybsec ZLab analyzed shared published their analysis of the Telegram-based Android RAT tracked as HeroRAT. In June, researchers from security firm ESET discovered a new family of Android Remote Administration Tool (RAT), dubbed HeroRAT, that leverages the Telegram BOT API to communicate with the attacker. The use of Telegram API can be considered […]