Pierluigi Paganini
November 11, 2015
A research published by CyberArk Labs focuses on targeted attacks against organizational networks, analyzing hackers’ methods, tools and techniques. Bad news for network administrators, according to the security company CyberArk, 88 percent of networks are susceptible to privileged account hacks. The report published by CyberArk entitled “Analyzing Real-World Exposure to Windows Credential Theft Attacks” reveals that corporate […]
Pierluigi Paganini
November 10, 2015
Experts from Check Point firm published a new report on the Rocket Kitten APT that include more insight into the activities of the group. Do you remember the Rocket Kitten ATP? The Rocket Kitten group has been suspected to be active since 2011 and have been increasing their activity since 2014. The main targets are based in the Middle […]
Pierluigi Paganini
November 04, 2015
Security Experts at InfoArmor discovered GovRAT, a malware-signing-as-a-service platform that is offered to APT groups in the underground. In the past, I have explained why digital certificates are so attractive for crooks and intelligence agencies, one of the most interesting uses is the signature of malware code in order to fool antivirus. Naturally, digital certificates […]
Pierluigi Paganini
October 22, 2015
The ISACA study “2015 Advanced Persistent Threat Awareness-Third Annual” tries to uncover information security professionals’ understanding of APT threats. A new report published by the ISACA organization that surveyed more than 660 cyber security professionals reveals that more than one in four organizations (28%) have already suffered an APT attack. According to the experts, the BYOD is increasing […]
Pierluigi Paganini
October 21, 2015
Experts at Netcraft discovered that nearly a million SSL SHA-1 certificates were signed with the potentially vulnerable SHA-1 hashing algorithm. Businesses Using Millions of Flawed Certificates, the news is shocking and refers the adoption of SHA-1 certificates, despite the algorithm is considered no more secure. Many big businesses, including firms like Deloitte, are still using SHA-1 certificates, […]
Pierluigi Paganini
October 18, 2015
A new research conducted by Citizen Lab revealed that the number of governments using the FinFisher surveillance software has increased. Researchers at Citizen Lab have been monitoring the use of surveillance tools like FinFisher over the past years reporting its use by totalitarian governments. The researchers tracked the physical locations of servers belonging to the control infrastructure used […]
Pierluigi Paganini
October 16, 2015
Researchers probed 20,400 Android devices and found 87.7 per cent contained at least one exploitable vulnerability due to a slow patch management. New Android vulnerabilities are discovered every day, but it looks like that, some Android vendors are very slow in applying the necessary patch to fix the security issues. Some Android vendors are only […]
Pierluigi Paganini
October 16, 2015
McAfee Labs has analyzed a number of websites and services in the Dark Web used by the criminal communities for the commercialization of stolen data. You know my passion for the Dark Web, I spend a lot of time monitoring activities in the hidden part of the web with a particular interest in illegal activities that […]
Pierluigi Paganini
October 13, 2015
Researchers at Trend Micro have issued a new report on the Japanese Cybercrime Underground, a growing criminal community with his characteristics. Cybercrime underground is a growing and prolific industry that knows no crisis as demonstrated by the numerous reports issued by principal security companies and law enforcement. In the past we have analyzed criminal most […]
Pierluigi Paganini
October 13, 2015
The CENTRAL MEANS OF PAYMENT ANTIFRAUD OFFICE (UCAMP) of the Italian Ministry of Economy and Finance released the annual report on Payment card frauds. This year I’m among the experts who worked on the MEF – Annual Report on Payment Card Frauds No. 5/2015, it has been an honor and a pleasure to be able […]
Data Breach / November 19, 2025
