Pierluigi Paganini March 15, 2013
Android Malware Seeds for Sale

One of the leading computer security companies of Russia, Group-IB and its CERT (CERT-GIB), found that Android malware is available for sale by cybercriminals. With explosion of mobile market and increase of Android users, more devices can be infected by malware downloaded through Android Market or Google Play or from 3d party WEB-sites. “Nowadays it is […]

Pierluigi Paganini March 09, 2013
The offer of Russian underground for phishing campaigns

Russian underground is considered one of the most prolific black market, it provides various services that allow cybercriminals to arrange sophisticated scams and provide all necessary tools to arrange a cyber attack. To get an idea of the main dynamics of a market so organized I suggest you follow the investigations of principal security firms […]

Pierluigi Paganini March 06, 2013
My read of WebSense 2013 Threat Report

WebSense has just released 2013 Threat Report, an interesting analysis of cyber threats based on data collected by the Websense ThreatSeeker Network. The study confirmed the growth of cyber threats able to elude traditional defense mechanisms and that mainly targeted mobile platforms and social media. Internet is confirmed as primary vector for cyber menaces, web threats […]

Pierluigi Paganini March 01, 2013
Is phishing really going down? No, it is only migrated to mobile

Recent studies of principal security firms revealed that phishing activities in the last years have increased exponentially, cybercrime is targeting every sector from industry to government institutions and of course private citizens. RSA’s October Online Fraud Report 2012 confirmed a large increase in phishing attacks, up 19% over the second half of 2011. The total loss […]

Pierluigi Paganini February 17, 2013
Zeus hit five major banks in Japan

Zeus malware is considered the most popular and prolific malicious code for banking, it is one of the privilege agent by cybercrime the use to sell various customized version in the underground to conduct sophisticated frauds. Security community has found it in different occasion and anyway it was a surprice, the malware has evolved in […]

Pierluigi Paganini February 04, 2013
PiceBOT crimeware hit Latin American banking

In the last weeks we discussed on the efficiency of exploit kits, malicious tool kits  that allow to the attackers to exploit a huge quantity of vulnerabilities in victims systems. These products are largely diffused in the underground where is possible to find different tools usable for various purpose, most precious are those kit that […]

Pierluigi Paganini January 19, 2013
Bouncer, new phishing variant from RSA

Despite simplicity of the schema phishing attacks have increased exponentially in the last years targeting every sector,both public and private. RSA’s October Online Fraud Report 2012 revealed a worrying scenario, phishing attacks increased up 19% over the second half of 2011, the total loss for various organizations has been estimated to $2.1 billion over the last […]

Pierluigi Paganini January 17, 2013
Red October, RBN and too many questions still unresolved

The recently discovered cyber espionage campaign “Red October” has shocked world wide security community, the principal questions raised are: Who is behind the attacks? How is possible that for so long time the campaign went undetected? Which is the role of AV company in these operations? To try to understand who is behind the attacks […]

Pierluigi Paganini January 09, 2013
My reading of the “ENISA Threat Landscape” report

The European Network and Information Security Agency (ENISA) is the EU’s agency responsible for cyber security issues of the European Union, its last report “ENISA Threat Landscape – Responding to the Evolving Threat Environment”, summarizing the principal threats and providing also useful indication on the emerging trends. The report proposes the list of top threats […]

Pierluigi Paganini December 14, 2012
The Facebook engagement in the fight against botnets with FBI

Social networks are platforms that have monopolized majority of user’s internet experience, the imperative is to “social”, and everybody share an incredible amount of personal information exposing its digital identity to serious risks. An element of attraction for cyber criminals is the huge number of services, from gaming to payments, that are developing on these […]