Governments, and in particular US one, are principal buyers of zero-day vulnerabilities according a report published by Reuters. Zero-days exploits are considered a primary ingredient for success of a cyber attack, the knowledge of zero-day flaw gives to the attacker guarantee of success, state-sponsored hackers and cyber criminals consider zero-day exploits a precious resources around […]
“Securing Cyberspace in a borderless world: Vision 2015 and Beyond” is the title of a High Level Dialogue that was held during The World Summit on the Information Society Forum (WSIS) 2013. The World Summit on the Information Society Forum (WSIS) represents the world’s largest annual gathering of the ICT for development community, the event is organized […]
Group-IB researchers have detected a new botnet named Kangoo that infected more than 150 000 machines mainly targeting Australian banks. Group-IB researchers have detected a new botnet named Kangoo that infected more than 150 000 machines, specialists dubbed it «Kangoo» due the presence of a kangaroo logo on the WEB-interface of the C&C administrative panel. The botnet mainly […]
The monitoring of the criminal underground is essential to understand the dynamics of cybercrime and related offer on the black market. At fixed intervals I decided to take a look at what is happening in the underground black market analyzing how evolves its offer and the related sales models. In the last months it has been […]
The biggest Bank robbery realized by a gang of hackers, a global network of cyber criminals operating in 26 countries stole $45 million hacking into a database of prepaid debit cards. The news on the biggest bank robbery with a cyber attack against ATMs in the history is conquering the Network, US law enforcement has […]
A new version of DIY Google Dorks based hacking tool has been released, it is an extremely useful tool for reconnaissance of targets. A Webroot blog post announced that a new version of DIY Google Dorks based hacking tool has been released in the wild and it could be used for mass website analysis, the […]
APWG published the interesting study APWG Mobile Financial Fraud report on the underground marketplace that revealed the explosion of prolific mobile fraud malware market. The APWG Mobile Financial Fraud report resumed The Anti-Phishing Mobile Working Group investigating on the expansion of the black market for mobile malicious code, the study is crucial to understand the evolution of criminal activities […]
When the DDoS topic is introduced it’s immediate to link it with the most popular tools usable for this type of attacks, but underground offers much more. When the DDoS topic is introduced it’s immediate to link it with the most popular tools usable for this type of attacks such as the popular LOIC, we must consider that underground offer […]
ESET security firm found a mysterious instance of Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication Early this year ESET security firm detected the Avatar rootkit (Win32/Rootkit.Avatar), a mysterious malware advertised as rootkit by Russian cybercrime on specific forums. “We present you here previously announced product. In connection with work on other projects, […]
APWG issued the new edition of its APWG Global Phishing Survey report that identifies trends and their significance by quantifying the scope of the global phishing problem. The APWG Global Phishing Survey report analyzes phishing attacks detected in the second H2 2012, the overall data for the study was collected by the Anti-Phishing Working Group, and supplemented with […]