Pierluigi Paganini
November 13, 2013
TrendLabs has just published the third quarterly report, titled The Invisible Web Unmasked, on the evolution of cybercrime observed in recent months. TrendLabs have published an interesting report titled titled “The Invisible Web Unmasked” to provide a picture of cybercrime evolution observed in recent months. The takedown of the virtual currency Liberty Reserve, the seizure […]
Pierluigi Paganini
November 12, 2013
The GCHQ (British Government Communications Headquarters) used fake LinkedIn and Slashdot to hack Belgacom, OPEC & others GRX providers. According to the German weekly news magazine Der Spiegel the British signals intelligence spy agency has again adopted a “quantum insert” technique to target employees of two companies that are GRX (Global Roaming Exchange) providers. The […]
Pierluigi Paganini
November 11, 2013
The clients of the Brazilian financial institutions have been hit by a banking trojan embedded in RTF file and spread through a spam campaign. The banking is one of the most targeted sector by cybercrime that exploit always new vector to infect a customer’s machine of the clients of banks. I decided to write this […]
Pierluigi Paganini
November 11, 2013
FireEye Labs has identified a new IE zero-day exploit used for a watering hole attack in the US. As usual it is crucial to track and mitigate so dangerous threats in time to avoid serious problems. FireEye Labs has detected a new series of attacks based on the exploit of a new IE zero-day vulnerability […]
Pierluigi Paganini
November 08, 2013
A new version of the popular black market Silk Road has been launched, the greatest illegal marketplace on Tor network has risen again. The Silk Road is up again, the biggest black market of the Tor network came online on Wednesday. Silk Road was seized by the FBI last October, law enforcement has also identified […]
Pierluigi Paganini
November 07, 2013
Intelligence Ian Malloy has discovered an hidden variant of the popular Zeus banking trojan in the GreatestArcadeHits servers. GreatestArcadeHits.* serves up more than entertainment, in fact they don’t serve up entertainment at all. Hidden in the application is the infamous ZEUS/ZBOT, a banking trojan that has the capacity to spoof online banking sites to steal […]
Pierluigi Paganini
November 07, 2013
Security experts at Securi firm have recently detected a series of SQL Injection attacks conducted abusing of the Google Bot activity. The exploitation of search engines like Google and Bing to conduct an attack represents an optimal choice for hackers that intend to stay hidden during the offensive. No IT administrator would block traffic from […]
Pierluigi Paganini
November 06, 2013
The use of mobile devices in government environments concerns the secret service of any states, cyber espionage more often exploits the mobile platforms. Mobile devices are reason of great concern for governments, they have a great computational capability, huge memories to store our personal data, GPS to follow our movements and are equipped with a […]
Pierluigi Paganini
November 06, 2013
Microsoft Zero-day CVE-2013-3906 – Microsoft informed to be aware of a vulnerability in a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. A new zero-day vulnerability has been found a Microsoft product that could allow attackers to install a malware via infected Word documents. The Microsoft […]
Pierluigi Paganini
November 05, 2013
The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]
