Pierluigi Paganini
March 09, 2014
Security expert Dancho Danchev profiled a recently released DNS amplification DDoS service available for sale in the underground. Recently the cyber security expert Dancho Danchev profiled new DNS amplification DDoS bot available in the underground, a privileged attack tool for the criminal ecosystem. DDoS attacks observed last year were characterized by an increased magnitude because attackers adopted new techniques […]
Pierluigi Paganini
March 09, 2014
Security Experts at Bitdefender discovered a clickjacking Naked Video scam that already infected more that 2 millions Facebook users. Sex and social media is a dangerous mix abused by cyber criminals to hit a large number of users of most popular social networks. In the last couple of years the number of illicit activities on […]
Pierluigi Paganini
March 08, 2014
BAE Systems Applied Intelligence has disclosed a Russian cyber espionage campaign codenamed as SNAKE that targeted Governments and Military Networks. The British cyber specialist BAE Systems Applied Intelligence has disclosed a Russian cyber espionage campaign codenamed as SNAKE that remained undetected for a log time, at least for eight years. The malware can infiltrate Windows XP, Vista, 7 […]
Pierluigi Paganini
March 07, 2014
Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300. Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder. Thanks to the diffusion of the Google […]
Pierluigi Paganini
March 07, 2014
A Team of US researchers at UC Berkeley conducted a study on the HTTPS traffic analysis of ten widely used HTTPS-secured Web sites with surprising results. User’s privacy is considered a top priority after Snowden‘ revelations on the US surveillance program, recently a couple of cases have shocked IT security community both related to the […]
Pierluigi Paganini
March 06, 2014
FireEye issued the 2013 Advanced Threat Report, the study provides a high-level overview of the computer network attacks by APTs discovered by the company. Today I desire to analyze with you the data proposed by FireEye in the 2013 Advanced Threat Report (ATR), the study provides a high-level overview of the computer network attacks discovered […]
Pierluigi Paganini
March 06, 2014
This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]
Pierluigi Paganini
March 05, 2014
A serious flaw in the certificate verification process of GnuTLS exposes Linux distros, apps to attack. Another flaw exploitable for surveillance purposes. GnuTLS is an open source secure communications library implementing the SSL, TLS and DTLS protocols, it is used in hundreds of software packages including Red Hat desktop,  all Debian and Ubuntu Linux distributions and many […]
Pierluigi Paganini
March 05, 2014
Experts that are monitoring the escalation of tension in Crimea recognized a military strategy similar to the one adopted in Georgia (2008) The approval of Russian Parliament for military use in Crimea has triggered a series of events in the cyber space, groups of hacktivists, cyber criminals and of course state-sponsored hackers started their campaign against […]
Pierluigi Paganini
March 04, 2014
Chris Soghoian, principal technologist with the American Civil Liberties Union, explained that government surveillance could exploit service update process. Chris Soghoian, principal technologist with the American Civil Liberties Union, during the recent TrustyCon conference highlighted the possibility that the government will exploit automated update services to serve malware and spy on users. Is this the next […]
