spear phishing

Pierluigi Paganini December 04, 2015
Beware fake LinkedIn profiles, threat actors are using them to hack you

According to the Symantec firm, a growing number of threat actors in the wild are targeting professionals on LinkedIn with fake LinkedIn profiles. LinkedIn is a privileged platform for intelligence gathering, a growing number of hackers are targeting professionals to collect information about their activities and networks. I daily refuse dozens connection from fake LinkedIn […]

Pierluigi Paganini November 25, 2015
GlassRAT, the threat that remained stealth for years

A new RAT dubbed GlassRAT was discovered by RSA, it targets mainly Chinese citizens working in multinational companies in and outside China. According to the experts at RSA a remote access Trojan (RAT) dubbed GlassRAT managed to avoid detection by most antivirus software for several years. The researchers explained that GlassRAT was used by threat actors in highly targeted attacks, the threat […]

Pierluigi Paganini November 20, 2015
Hackers behind Dark Seoul are back

The hacking group that behind the Dark Seoul Operation that hit entities in South Korea in 2013 may be back with new targets. According to the experts at Palo Alto Networks, the hacking group behind the attacks that targeted banks, financial institutions, government websites and news agencies in South Korea is still active. The attacks […]

Pierluigi Paganini October 27, 2015
Duuzer, a data stealer Trojan targets South Korean organizations

Researchers at Symantec uncovered bad actors that have been using a backdoor Trojan dubbed Duuzer to target organizations in South Korea and elsewhere. According to Symantec, threat actors have been using a data stealer Trojan dubbed Duuzer to target organizations mainly located in South Korea. The bad actors conducted targeted attacks against organizations in the manufacturing […]

Pierluigi Paganini October 23, 2015
Pawn Storm APT targets MH17 crash investigation

The Pawn Storm APT group set up rogue VPN and SFTP servers to target Dutch Safety Board employees involved in the MH17 crash investigation. July 17, 2014, Flight MH17, traveling from Amsterdam to Kuala Lumpur, was shot down by a missile in mysterious circumstances. Flight MH17 was flying over a conflict zone in eastern Ukraine […]

Pierluigi Paganini October 16, 2015
Critical Adobe Flash Zero-Day Vulnerability Actively Being Exploited In-the-Wild

Despite both Microsoft and Adobe releasing patches on Tuesday (10/13/2015), a critical Flash zero-day flaw remains unpatched in Adobe’s latest update. Despite both Microsoft and Adobe releasing critical patches on Tuesday (10/13/2015), a critical zero-day vulnerability remains unpatched in Adobe’s latest update. As per Adobe APSA15-05, this vulnerability (CVE-2015-7645) remains unpatched is actively being exploited in-the-wild. Adobe plans […]

Pierluigi Paganini October 15, 2015
Pawn Storm used a new Flash Zero-Day in attacks on the NATO & the While House

Researchers at Trend Micro discovered a new Adobe Flash Zero-Day used in Pawn Storm Campaign Targeting Foreign Affairs Ministries across the world. Once again Flash in the headlines, beware next emergency Flash Player update is critical for everybody as explained by the experts at Trend Micro. The researchers at the security firm explained that the update […]

Pierluigi Paganini September 02, 2015
Rocket kitten and Cyber Espionage – Targeting individuals for geopolitical purposes

ClearSky detected new activity from the Rocket kitten APT group against 550 targets, most of which are located in the Middle East. Cyber espionage nowadays plays an important role in politics, it helps governments to decide their “friends” as well their “enemies”, and the more dependent we are of technology the more Cyber espionage will […]

Pierluigi Paganini August 30, 2015
Alleged Russian hackers behind the EFF Spear phishing Scam

The experts at EFF organization speculate that Russian State-sponsored hackers belonging the APT 28 group have managed the last EFF Spear phishing Scam. Attackers, alleged to belong to a Russian state-sponsored APT registered a bogus Electronic Frontier Foundation domain earlier this month. The hackers used the name brand of popular privacy watchdog in an attempt to trick […]

Pierluigi Paganini July 24, 2015
LinkedIn and the story how crooks can use it for spear phishing

Kaspersky’s researchers warned LinkedIn about a security flaw that could put at risk their 360 million users and exposing them to spear phishing attacks. In November 2014, Kaspersky’s researchers warned LinkedIn about a security flaw that could put at risk their 360 million users. This was a big concern at the time because LinkedIn has […]