watering hole

Pierluigi Paganini April 15, 2015
Dell report revealed attacks on SCADA system are doubled

A recent report published by Dell revealed a 100 percent increase in the number of attacks on industrial control (SCADA) systems. The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year. Unfortunately, the majority of incidents occurred in SCADA systems is […]

Pierluigi Paganini March 16, 2015
ICS-CERT MONITOR report states most critical infrastructure attacks involve APTs

DHS ICS-CERT MONITOR report reveals that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities. The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report According to the report, the Industrial Control Systems […]

Pierluigi Paganini February 12, 2015
Chinese hackers hit Forbes visitors with zero-day exploits

Security experts at Invincea and iSIGHT Partners uncovered a hacking campaign that used two distinct zero-day flaws to compromise Forbes.com website. Security experts at Invincea and iSIGHT Partners in a joint investigation tried to profile a Chinese APT group that used two distinct zero-day flaws to compromise Forbes.com website. The intent of the group was to […]

Pierluigi Paganini December 26, 2014
Afghanistan CDN network compromised by Chinese hackers

Chinese hackers brought down all major Afghanistan Government websites by hacking an official CDN network used in the country. The experts of the ThreatConnect Intelligence Research Team (TCIRT) recently reported the operation, dubbed Operation Helmand, run by a group of Chinese hackers that attacked the entire Afghan government web network. The hackers allegedly used a targeted cross-site scripting […]

Pierluigi Paganini October 23, 2014
Operation Pawn Storm is targeting military, government and media agencies

Trend Micro discovered a cyber-espionage operation dubbed  Operation Pawn Storm, which is targeting military, government and media entities worldwide. A new cyber espionage operation targeting military, government and media agencies on a global scale has been discovered by security experts at Trend Micro. Also in this case it seems that the threat actors behind the operation, dubbed […]

Pierluigi Paganini September 29, 2014
iFrame-based redirection attacks used to monitor Chinese organizations

Security Experts at FireEye discovered a new malicious campaign which is targeting Chinese organizations with iFrame traffic redirection to serve RAT. Security experts at FireEye observed a new malicious campaign that is targeting non-profit organizations and non-governmental organizations by compromising legitimate website. The threat actors use to compromise legitimate websites to host iframes used to hijack visitors […]

Pierluigi Paganini September 04, 2014
AlienVault discovered Watering Hole attacks using Scanbox for reconnaissance

Security experts at AlienVault discovered a series of watering hole attacks using the Scanbox reconnaissance Framework that is targeting several industries. Security experts at AlienVault Labs have uncovered a watering hole attack with a singular characteristic, the attackers are using a framework developed for reconnaissance as the primary infection vector. The attackers deployed a malicious JavaScript on the targeted […]

Pierluigi Paganini June 25, 2014
Cyber espionage campaign based on Havex RAT hit ICS/SCADA systems

Security Experts at F-Secure discovered a cyber espionage campaign based in the Havex malware targeting ICS/SCADA systems and vendors. Security Experts at F-Secure have conducted an investigation on the Havex Malware family in the past months, let’s remember that the malicious agent has been used in several targeted attacks against different industry sectors, and according […]

Pierluigi Paganini April 28, 2014
FakeInst – Kaspersky discovered the first active Android SMS trojan

Kaspersky Lab has recently detected FakeInst, the first active SMS trojan for Android which targeted users in 66 countries, including the US. Security experts at Kaspersky Lab have recently detected the first active SMS trojan for Android, which send short messages to premium-rate numbers in 14 countries around the world. The malware, dubbed ‘Trojan-SMS.AndroidOS.FakeInst.ef‘ (aka FakeInst) mainly infected mobile […]

Pierluigi Paganini March 15, 2014
A sophisticated phishing scheme is targeting Google Docs Users

Security Researchers at Symantec detected a new Sophisticated Phishing Scam that is targeting the Google Docs Users with complex social engineering tricks. Phishing is still considerable as one of the major cyber threats, its impact on the IT industry is devastating considering that attackers are adopting new techniques even more sophisticated.  Principal security firms and CERTs […]