Cybercrime

Pierluigi Paganini April 23, 2014
An overview on the Bad Bot Landscape by Distil Networks

Distil Networks security firm has published an interesting report on the Bad Bot Landscape, it is full of data on the evolution of malicious architecture. Surfing on the Internet I have found The Bad Bot Landscape Report Q1 2014 and interesting study issued by the Distil Networks security firm which provides an interesting analysis of botnet evolution detected by the […]

Pierluigi Paganini April 18, 2014
US retailer Michaels Stores confirms card data breach

After Target and Neiman Marcus, also US retailer Michaels Stores confirms card data breach occurred early this year, the second one in the company hystory. Early this year was spread the news that Michaels Stores Inc, the biggest U.S. arts and crafts retailer, was the victim of a severe data breach. Michaels Stores Inc. retailer was […]

Pierluigi Paganini April 18, 2014
Ponemon study – SQL Injection attacks too dangerous for organizations

A new study conducted by the Ponemon Institute reveals the impact of successfully SQL injection attacks on organizations during the last year. The Ponemon Institute published a new study titled “The SQL Injection Threat Study“ to understand the reply of organizations to the SQL injection threat. The study is sponsored by DB Networks, its Chairman and CEO Brett Helm used the following […]

Pierluigi Paganini April 17, 2014
Cyber warriors fought between the government and the security industry

The demand for cyber security experts continues to raise, the US Government announced further investment to recruit new cyber talents with many difficulties. Cyber security is officially one of the first targets of every government, many countries announced huge investments to improve their cyber capabilities, a great effort that is having a significant impact on budgets and politics. […]

Pierluigi Paganini April 15, 2014
APWG report 2H2013- Analysis of phishing phenomena on global scale

The APWG report 2H2013 seeks to understand trends and their significance by quantifying the scope of the global phishing problem. Last Anti-Phishing Working Group APWG report titled “Global Phishing Survey: Trends and Domain Name Use in 2H2013” confirms that threat of phishing has never been so high, the number of domains registered to conduct this kind of […]

Pierluigi Paganini April 14, 2014
Raoul Chiesa – from cybercrime to state-sponsored hacking

Raoul Chiesa gives us his view on the current cyber threat landscape, from Snowden’s case to the links between cyber crime and state-sponsored hacking. Next week the forth Cybercrime Conference will be held in Rome (http://www.tecnaeditrice.com/eventi/cyber_crime_conference_2014/presentazione), two days in which top experts in the field will analyze high-profile cyber attacks discussing also about legal issues, privacy, and cyber strategies […]

Pierluigi Paganini April 10, 2014
The Extortion is a common practice in the cyber criminal ecosystem

According principal security firms, extortion, ransom and blackmail are pillars of illicit activities, cyber criminals are adapting them to the cyber context. Extrotion is becoming a worrying inclination in the cyber criminal ecosystem, the number of targeted attacks that request money in change of a suspension of the hostilities and to give back to the victims […]

Pierluigi Paganini April 08, 2014
Symantec on a fake voting campaign used to steal Facebook credentials

Security experts at Symantec observed a new phishing campaign based on a fake voting application used to steal victim’s credentials. Phishing is a very dangerous threat for Internet users, nearby classic techniques new forms of phishing are exploiting new platforms like mobile and social networks. Phishers continuously improve their techniques to be able to harvest […]

Pierluigi Paganini April 07, 2014
New Zeus trojan variant digitally signed in the wild

Security researchers at Comodo have detected a new Zeus trojan variant enhanced with digital signature of its source code to avoid detection. The security community is once again menaced by Zeus banking trojan, a new variant of the malicious  ZeuS Trojan has been identified by researchers at Comodo AV labs. This instance presents an interesting feature, it is […]

Pierluigi Paganini April 05, 2014
Persistent XSS in Top Website enables large-Scale DDoS attack

Incapsula firm discovered the exploitation of a persistent XSS vulnerability in one of the world most popular website to run a large scale DDoS attack. Recently Cloud-based security service provider Incapsula detected an application layer DDoS attack conducted hijacking a huge volume of traffic to victims website. The website of Incapsula customer was flooded by a DDoS attack, over […]