Pierluigi Paganini
February 24, 2014
Apple released a security update to iOS that restores some certificate-validation checks that had apparently been missing for an unspecified amount of time. Last week Apple released a security update to iOS (iOS 7.06) to fix a flaw for certificate-validation checks that could be abused by attackers to conduct a man-in-the-middle attack within the victim’s network  to capture or modify […]
Pierluigi Paganini
February 24, 2014
iBanking is a new mobile banking Trojan available for sale in the underground for $5,000 according the RSA’s FraudAction Group. The source code for iBanking banking trojan has been leaked online through an underground forum, this kind of news reports a serious threat from the cybercrime ecosystem. Like happened for other trojan, including Zeus and Carberp, the […]
Pierluigi Paganini
February 23, 2014
Security researchers at InterCrawler discovered a Banking trojan which infected a large number of devices the Middle East belonging to Islamic Banks. IntelCrawler cyber intelligence firm discovered a large fraud campaign against major Islamic banking institutions. The attackers have used a sizable mobile botnet, more than 27 000 intercepted SMS-messages were detected between April 2013 and […]
Pierluigi Paganini
February 22, 2014
Mobile devices security – Lookout proposed an interesting analysis for the mobile threats observed during 2013, specifically for adware and chargeware. Mobile is probably one of most pervasive technology, during 2013 for the first time we saw the overcoming in the number of mobile devices over those desktops in some countries, the downside is that the […]
Pierluigi Paganini
February 21, 2014
Discovered a Zeus variant that implements a web-crawling feature to hit Software-as-a-service applications to obtain access to proprietary data or code This is the second news on Zeus malware in less than a week, previous one was related to a new variant using steganography to hide configuration file, this last discovery is related to a version even more […]
Pierluigi Paganini
February 20, 2014
Risk Based Security-the Open Security Foundation issued a report to provide a summary of the key findings from analysis of 2013 data breaches Risk Based Security and the Open Security Foundation have conducted a study on 2,164 data loss incidents reported in 2013 producing an interesting report that could help us to better understand the […]
Pierluigi Paganini
February 20, 2014
Rapid 7 has released the “exploit/android/browser/webview_addjavascriptinterface” module which allows attackers to remotely access on most Android devices. A bug in the Android WebView programming interface allows attackers to remotely access on most devices running the popular OS. But it does not end here, hackers could easily access handset camera and file system simply creating a specifically crafted web […]
Pierluigi Paganini
February 19, 2014
Asus routers are still vulnerable to remote hacking after months of the disclosure of the flaw that allows hackers to access to the device-connected drive. Ars security portal reported that hackers expose eight-month-old weakness in Asus routers by leaving a message on victims’ drives. An Ars reader claimed to have found a strange message browsing the content of his external […]
Pierluigi Paganini
February 19, 2014
After SANS researchers detected self replicating work The Moon is spreading among a number of different Linksys routers, its exploit appeared in the wild. Last week I reported the news related to a vulnerability in Linksys routers that’s being exploited by a new The Moon worm analyzed by the SANS Institute’s Internet Storm Center. The Moon […]
Pierluigi Paganini
February 18, 2014
Security experts at Malwarebytes detected a new of the popular Zeus banking trojan variant which makes use of steganography to hide the configuration file. The immortal Zeus malware strikes again, researchers at Malwarebytes have found a new variant of the banking trojan. The new variant of Zeus is using the steganography to disguise the configuration code […]
