Hacking

Pierluigi Paganini November 14, 2013
Happy Birthday Security Affairs

Happy Birthday Security Affairs Two years ago I started Security Affairs for joke motivated by my passion in the security, day after day it is growing thanks to your affection and your precious support. I wish you were all here to hug you and have a coffee together, the Italians love coffee 😉 … Maybe […]

Pierluigi Paganini November 14, 2013
A new modular malware platform sold on the underground

Security researcher Dancho Danchev profiled a new commercially modular malware platform recently released on the underground marketplace. A new commercially modular malware platform has been released on the underground marketplace, the news is posted by the security expert Dancho Danchev. Danchev recently observed a new modular malware platform specifically designed to provide a series of powerful features […]

Pierluigi Paganini November 13, 2013
MacRumors forum hacked more than one million of users at risks

MacRumors, the Mac news and information website and user forums, was hacked, more than 860,000 accounts were potentially compromised. MacRumors, the popular Mac news and information website and user forums have been hacked this week, according the first news circulating on the internet more than 860,000 accounts were potentially compromised on the total of 1.8 million registered […]

Pierluigi Paganini November 13, 2013
TrendLabs Q3 Security Roundup on illegal activities

TrendLabs has just published the third quarterly report, titled The Invisible Web Unmasked, on the evolution of cybercrime observed in recent months. TrendLabs have published an interesting report titled titled “The Invisible Web Unmasked” to provide a picture of cybercrime evolution observed in recent months. The takedown of the virtual currency Liberty Reserve, the seizure […]

Pierluigi Paganini November 12, 2013
GCHQ used fake LinkedIn and Slashdot to hack GRX providers and OPEC

The GCHQ (British Government Communications Headquarters) used fake LinkedIn and Slashdot to hack Belgacom, OPEC & others GRX providers. According to the German weekly news magazine Der Spiegel the British signals intelligence spy agency has again adopted a “quantum insert” technique to target employees of two companies that are GRX (Global Roaming Exchange) providers. The […]

Pierluigi Paganini November 11, 2013
Brazilian banking threatened by a malware embedded inside RTF file

The clients of the Brazilian financial institutions have been hit by a banking trojan embedded in RTF file and spread through a spam campaign. The banking is one of the most targeted sector by cybercrime that exploit always new vector to infect a customer’s machine of the clients of banks. I decided to write this […]

Pierluigi Paganini November 11, 2013
FireEye has identified a new IE zero-day exploit

FireEye Labs has identified a new IE zero-day exploit used for a watering hole attack in the US. As usual it is crucial to track and mitigate so dangerous threats in time to avoid serious problems. FireEye Labs has detected a new series of attacks based on the exploit of a new IE zero-day vulnerability […]

Pierluigi Paganini November 08, 2013
The Silk Road black market reloaded … 2.0 is out!

A new version of the popular black market Silk Road has been launched, the greatest illegal marketplace on Tor network has risen again. The Silk Road is up again, the biggest black market of the Tor network came online on Wednesday. Silk Road was seized by the FBI last October, law enforcement has also identified […]

Pierluigi Paganini November 07, 2013
GreatestArcadeHits serves ZEUS ZBOT banking trojan

Intelligence Ian Malloy has discovered an hidden variant of the popular Zeus banking trojan in the GreatestArcadeHits servers. GreatestArcadeHits.* serves up more than entertainment, in fact they don’t serve up entertainment at all.  Hidden in the application is the infamous ZEUS/ZBOT, a banking trojan that has the capacity to spoof online banking sites to steal […]

Pierluigi Paganini November 07, 2013
Google Bot activity abused doing SQL Injection Attacks

Security experts at Securi firm have recently detected a series of SQL Injection attacks conducted abusing of the Google Bot activity. The exploitation of search engines like Google and Bing to conduct an attack represents an optimal choice for hackers that intend to stay hidden during the offensive. No IT administrator would block traffic from […]