iFrame

Pierluigi Paganini September 29, 2014
iFrame-based redirection attacks used to monitor Chinese organizations

Security Experts at FireEye discovered a new malicious campaign which is targeting Chinese organizations with iFrame traffic redirection to serve RAT. Security experts at FireEye observed a new malicious campaign that is targeting non-profit organizations and non-governmental organizations by compromising legitimate website. The threat actors use to compromise legitimate websites to host iframes used to hijack visitors […]

Pierluigi Paganini March 06, 2014
FireEye 2013 Advanced Threat Report on APTs campaigns

FireEye issued the 2013 Advanced Threat Report, the study provides a high-level overview of the computer network attacks by APTs discovered by the company.   Today I desire to analyze with you the data proposed by FireEye in the 2013 Advanced Threat Report (ATR), the study provides a high-level overview of the computer network attacks discovered […]

Pierluigi Paganini February 15, 2014
FireEye discovered a new watering hole attack based on 0-day exploit

Security researchers from FireEye have recently  discovered a new IE 10 Zero-Day exploit being used in a watering hole attack. Security experts at FireEye discovered a new IE 10 Zero-Day exploit (CVE-2014-0322) being used in a watering hole attack on the US Veterans of Foreign Wars (VFW) website. The zero-day allows the attacker to modify one byte […]

Pierluigi Paganini October 08, 2013
How to exploit iFramed based traffic E-shop for illegal activities

What is an E-shop for iFramed traffic and how does cybercrime exploit it? In this post thanks to the investigation of the incredible Dancho Danchev I’ll try to answer to these questions. On numerous occasion I remarked the need to carefully observe the evolution of the underground market to identify dangerous trends that can leave portend a new wave of […]