Pierluigi Paganini March 08, 2019
Research confirms rampant sale of SSL/TLS certificates on darkweb

A study conducted by academics discovered that SSL and TLS certificates and associated services can be easily acquired from dark web marketplaces. A study sponsored by Venafi and conducted by researchers from Georgia State University in the U.S. and the University of Surrey in the U.K. discovered that SSL and TLS certificates and associated services […]

Pierluigi Paganini February 05, 2018
Leaked memo suggest NSA and US Army compromised Tor, I2P, VPNs and want to unmask Monero users

The image of a memo leaked online suggests US Army and NSA are able to unmask Tor, I2P, VPNs users and they are working to track Monero, US Army and NSA are able to unmask Tor, I2P, VPNs users and they are working to track Monero, this is the truth revealed by a photo alleged leaked […]

Pierluigi Paganini March 10, 2015
Crooks use seemingly harmless help files to serve CryptoWall ransomware

Experts at Bitdefender revealed that crooks used seemingly harmless help files to distribute a variant of the popular ransomware CryptoWall. The cybercrime never ceases to surprise, every time we discuss a new and effective technique to deceive victims and evade detection mechanisms. Security experts at Bitdefender have discovered a new spam campaign that targeted a few […]

Pierluigi Paganini February 08, 2015
New DYRE banking malware in the wild

The experts at TrendMicro detected a new variant of the DYRE /Dyreza banking malware with new propagation and evasion techniques. Researchers at Trend Micro have identified a new strain of the Dyre (Dyreza) financial malware  (Dyreza), which is targeting a larger number of banks. The new variant of Dyre implements some sophisticated propagation and evasion techniques. According to Trend Micro this […]

Pierluigi Paganini January 15, 2015
CryptoWall 3.0 hides C&C Communications with I2P Anonymity Network

Security Experts at Microsoft discovered a new variant of CryptoWall 3.0 ransomware that adopts I2P Anonymity Network for C&C Communications. A new version of CryptoWall ransomware has been detected in the wild by experts at Microsoft, just a week after I reported that Cisco’s Talos Security Intelligence and Research Group detected a new strain of the same […]

Pierluigi Paganini July 24, 2014
Tails live OS affected by critical zero-day vulnerabilities … Exodux disclosed the details

A researchers at the Exodus Intelligence firm has discovered a series of zero day vulnerabilities in the popular Tails Linux-based distribution. A researcher at Exodus Intelligence has discovered critical zero-day vulnerabilities in the popular Tails live operating system. Tails is considered by security experts an indispensable tool to preserve the privacy and security of users that intend to […]

Pierluigi Paganini March 12, 2014
162,000 WordPress instances abused for DDoS attack

Sucuri firm detected a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect amplification vectors. The security community is threatened by a new botnet composed at least 162,000 WordPress-powered websites abused to run DDoS attacks. The technique of attack allows to flood a target with requests sent by WordPress servers that received a […]

Pierluigi Paganini March 09, 2014
DNS amplification botnet available in the underground

Security expert Dancho Danchev profiled a recently released DNS amplification DDoS service available for sale in the underground. Recently the cyber security expert Dancho Danchev profiled new DNS amplification DDoS bot available in the underground, a privileged attack tool for the criminal ecosystem. DDoS attacks observed last year were characterized by an increased magnitude because attackers adopted new techniques […]

Pierluigi Paganini December 19, 2013
OPSEC novice … here the manual for perfect cyber criminals

Cyber security expert Dancho Danchev profiled a new OPSEC training services in the underground, a new trend that is converging to standardization of knowledge sharing in the cybercrime ecosystem. Speaking of cybercrime, with the term OPSEC are usually referred the basic operational security activities conducted by cyber criminals to avoid being tracked and monetize their […]

Pierluigi Paganini December 16, 2013
Cyber security, Questions and Answers with the expert

Interview with the security experts Andrey Komarov and Dan Clements of IntelCrawler to analyze significant evolutions in the cyber-threat landscape. Today I desire to propose an interview with Andrey Komarov, CEO of IntelCrawler and Dan Clements, President of IntelCrawler. IntelCrawler is a multi-tier intelligence aggregator, which gathers information and cyber prints from a starting big […]