Pierluigi Paganini January 07, 2019
NSA will reveal its GHIDRA Reverse Engineering tool at RSA Conference

The National Security Agency (NSA) will release at the next RSA Conference a free reverse engineering framework called GHIDRA. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux). The framework was first mentioned in the CIA Vault 7 dump that was leaked in 2017. WikiLeaks obtained thousands of files allegedly […]

Pierluigi Paganini September 29, 2016
Generalized RSA (GRSA) Using 2k Prime Numbers with Secure Key Generation

In this blog, we introduce a generalized algorithm over RSA which is advanced, adaptable and scalable in using the number of primes. Cryptography is used for secure communication since ancient days for providing confidentiality, integrity, and availability of the information. Public key cryptography is a classification of cryptography having a pair of keys for encryption and decryption. […]

Pierluigi Paganini May 13, 2016
Talking with Azeem Aleem about the evolution of cyber threats

Azeem Aleem,  Director for the Advanced Cyber Defense Services Practice – EMEA at RSA, shares its vision on the evolution of threats in the next future. The last 14 months have highlighted that attacks domains are expanding. We have seen the trends with OPM data breach, to sensitive PII information leak at Anthem breach and […]

Pierluigi Paganini November 25, 2015
GlassRAT, the threat that remained stealth for years

A new RAT dubbed GlassRAT was discovered by RSA, it targets mainly Chinese citizens working in multinational companies in and outside China. According to the experts at RSA a remote access Trojan (RAT) dubbed GlassRAT managed to avoid detection by most antivirus software for several years. The researchers explained that GlassRAT was used by threat actors in highly targeted attacks, the threat […]

Pierluigi Paganini August 05, 2015
Terracotta VPN, the Chinese VPN Service as Hacking Platform

A Chinese-language Virtual Private Network service provider dubbed Terracotta VPN offers a network of compromised servers as a stealth hacking platform. According RSA Security, a China-based virtual private network (VPN) service provider offers hacking crews a network of compromised servers which can be used to carry out stealth cyber attacks. The attacks appear to be […]

Pierluigi Paganini February 12, 2015
Exploiting DNS Poisoning in Brazilian Boleto Fraud Scheme

In recent months Brazilian criminal crews have started using DNS poisoning technique to target Brazilian Boletos. Security experts at RSA reported that DNS poisoning attacks are being used by cybercriminals to target Brazilian Boletos. What is Boleto? People in Brazil use popular payment method known as “Boleto” to purchase services and products by using vouchers instead […]

Pierluigi Paganini July 05, 2014
Massive Boleto fraud in Brazil caused 3,75 USD billion losses

RSA Security has discovered a large-scale malware campaign, which hijacked Boleto payments causing an amount of financial losses for 3,75 USD billion losses. Security experts at RSA Security have recently discovered a large-scale malware campaign that’s been operating at least for two years, the malicious code implements the man-in-the-browser technique to exploit vulnerabilities in popular browsers, including Chrome, Firefox […]

Pierluigi Paganini June 22, 2014
RSA – Malware proposal on the open web increasingly fearless

The RSA Research Team has discovered the offer of a complete collection of malware through open channels like social media and emails. RSA Research has recently published an interesting update on the underground sale of malware tool, the experts have discovered a server who is offering a set of spyware tools for sale under the […]

Pierluigi Paganini April 24, 2014
NIST removes Dual_EC_DRBG algorithm from Draft Guidance suggesting to abandon it

The NIST announced it will request final public comments before Dual_EC_DRBG generator is officially removed from NIST Special Publication 800-90A, Rev.1 The National Institute of Standards has decided to abandon Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG ) in response to the controversy raised after the revelation made by Edward Snowden. In December the whistleblower leaked […]

Pierluigi Paganini April 17, 2014
New iBanking mobile Trojan exploits Facebook platform

Security experts at ESET detected a new variant of iBanking Trojan offered in the underground that exploits Facebook platform as vector of infection. iBanking is the name of a mobile banking Trojan app distributed through HTML injection attacks on banking sites. iBanking deceives victims impersonating itself as a  ‘Security App‘ for Android, we have spoken about it  early 2014 […]