phishing

Pierluigi Paganini September 06, 2013
Hesperbot, the new powerful banking trojan found by ESET

Hesperbot is the name of a new banking trojan detected by ESET, it is a very potent malware which includes some very advanced tricks. Hesperbot is the name of the last banking trojan detected by security firm ESET, a malware that due its effectiveness could create serious problems to banks and financial institutions. Just yesterday I wrote about the evolution of cyber threats targeting online banking services, […]

Pierluigi Paganini September 05, 2013
Man In The Browser attacks scare banking world

The majority of financial service professionals considers Man In The Browser as the greatest threat to online banking, cybercrime increases its use. Man In The Browser attack, DDoS attacks, phishing are most insidious cyber threats against banking institutions. Last statistics proposed by principal security firms confirm that online banking is considered a lucrative business for […]

Pierluigi Paganini August 23, 2013
Kaspersky – Unvalidated redirection flaw exploitable to serve malware

The cyber Security Analyst Consultant at Q-CERT Ebrahim Hegazy has found an “Unvalidated Redirection Vulnerability” in the website of the giant security solutions vendor “Kaspersky”. Ebrahim Hegazy (@Zigoo0) has found an “Unvalidated Redirection Vulnerability” in the website of the giant security solutions vendor “Kaspersky”. Ebrahim Hegazy is the cyber Security Analyst Consultant at Q-CERT who found a SQL […]

Pierluigi Paganini August 18, 2013
USB Internet Modems vulnerability exposes Millions of PCs

The Indian security expert ‘Rahul Sasi’ found a USB Internet Modems vulnerability that could allow to gain Meterpreter shell or  full access to the victim just sending an SMS. The Indian Security expert ‘Rahul Sasi‘ announced to have found a USB Internet Modems vulnerability that could allow an attacker to execute malicious code remotely simply sending an SMS […]

Pierluigi Paganini August 01, 2013
Syrian Electronic Army hacked White House employees personal emails

At least three White House employees personal Gmail accounts hacked by the popular group of hackers knows as Syrian Electronic Army (SEA). White House employees personal email hacked, it is happened to three staffers that suffered data breaches on their personal Gmail accounts. The source of intelligence revealed a link between this attack and the […]

Pierluigi Paganini July 30, 2013
Credit Card Redirection, the evolution of phishing

Researchers at Securi discover Credit Card Redirection attack technique to hijack credit card data during transactions on e-commerce sites. With the term credit card redirection is indicated the illegal practice to steal credit and debit card information compromising legitimate web services. Security experts are observing an increase of credit card redirection cases, cyber criminals are varying their […]

Pierluigi Paganini June 16, 2013
RARSTONE, TrendMicro revealed Naikon cyberespionage campaign

RARSTONE is the name of the RAT (REMOTE ACCESS TOOL) used in a cyber espionage campaign dubbed “Naikon” uncovered by security experts at TrendMicro. Security experts at TrendMicro revealed to have detected the RARSTONE RAT studying targeted attacks across Asia (e.g. India, Malaysia, Singapore, and Vietnam) conducted against various companies belonging to different sectors such […]

Pierluigi Paganini June 15, 2013
Iranian Gmail accounts targeted by state-sponsored attack

Google revealed that tens of thousands of Gmail accounts belonging to Iranian users have been targeted by state-sponsored attacks. The Google company announced that tens of thousands of Gmail accounts of Iranian users have been targeted hacked. The attacks seem to be organized by a group of state sponsored hackers few days before presidential elections. The […]

Pierluigi Paganini June 14, 2013
US Cloud hosting providers targeted by cybercriminals

US Cloud hosting providers are chosen with increasing frequency as privileged targets of cybercrime, these platforms are ideal for the launch of cyber attacks financially motivated. Cloud hosting providers are becoming privileged targets of cybercrime, two malware researchers revealed in fact the number of cyber attacks financially motivated against those platforms is increasing. Mary Landesman, […]

Pierluigi Paganini June 13, 2013
The business behind a hacked email account

Which is the commercial value of a hacked email account in the underground? How cybercriminals use a compromised email account? Why do they have to hit me? Which is the commercial value of a hacked email account in the underground? Brian Krebs has recently published a valuable post on commercial value for a hacked email account, […]