Yearly Archives: 2014
Russian Government issued a Tender to crack Tor
The Russian government has launched a public competition, reserved to Russian entities, offering $111,000 to break Tor encryption. As anticipated in my previous post, law enforcement agencies and intelligence all over the […]
European Central Bank victim of an attempt of cyber extortion
Hackers steal user contact information and other data from a database of the European Central Bank website in an attempt of extortion. Financial institutions are under attack, the number of […]
Nigeria 419 scam targeting business world with RATs
Experts at Palo Alto Networks uncovered a new Nigeria 419 scam scheme which is targeting businesses in a malicous campaign dubbed Silver Spaniel. The Nigeria 419 schema adopted by criminal gangs world wide has […]
Gyges, the mixing of commercial malware with cyber weapon code
Sentinel Labs firm discovered a sophisticated malware dubbed Gyges that is the mixing of commercial malicious code with code of alleged cyber weapon. Experts at Sentinel Labs security firm have discovered Gyges malware in the […]
Siemens industrial products affected by OpenSSL vulnerabilities
The ICS-CERT has issued a security advisory related to the existence of OpenSSL vulnerabilities affecting different Siemens industrial products. Several Siemens industrial products are affected by four vulnerabilities in their OpenSSL implementation which […]
Cybercrime exploits the crash of Malaysia Airlines Flight MH17
Security experts at TrendMicro have detected a spam campaign via Twitter which exploits the incident occurred to Malaysia Airlines Flight MH17. Unfortunately tragedies like the one occurred to the Malaysia Airlines Flight […]
WhatsApp profile picture: a risky feature? In the mind of a hacker
In this post I’ll show you how an apparently insignificant information on Whatsapp could be used by hackers in a more dangerous targeted attack. When you add a random phone […]
Cisco Wireless Residential Gateway Remote Code Execution flaw
Multiple Cisco Wireless Residential Gateway products are affected by a critical flaw that could allow a remote attacker to hijack the devices. A security vulnerability affects multiple Cisco wireless residential […]
Feds issue advisory on keylogger in hotel business centers
US Secret Service and the NCCIC have alerted hoteliers about a potential presence of keyloggers in the machines provided to guests in hotel business centers. US Secret Service and the Department of Homeland Security’s National Cybersecurity […]
Chinese Executive charged of hacking on Boeing and other defense contractors
Chinese Executive charged of Hacking on Boeing and other defense contractors to steal military data and advanced technologic projects. According to a US criminal complaint, computers of Boeing and other military contractors have […]
NightHunter extensive data theft campaign has been active since 2009
Experts from Cyphort Labs have discovered an extensive data theft campaign named Nighthunter that has been active since 2009 stealing victim’s credentials. Security experts at Cyphort firm have recently uncovered […]
Deep Panda hacking team targeting US experts on Iraq
Researchers at CrowdStrike reveal that hacking team dubbed Deep Panda is targeting US think thank firms with a significant knowledge on the Iraqi situation. CrowdStrike security firm revealed that a group of hackers, suspected to […]
Cisco warns on combined spear phishing and exploit attacks
Cisco’s Threat Research Analysis and Communications (TRAC) uncovered an extremely targeted spear phish attack on high-profit companies in Europe. A new APT has been discovered by CISCO targeting high-profit companies […]
North Korea doubles units of its cyber army
North Korea has doubled the number of its elite cyber warriors over the past two years and established overseas bases to run hacking attacks. The majority of people ignores that […]
APWG report shows the increase of phishing activities in Q1 2014
The APWG Report on Phishing Activity Trends analyzes phishing attacks observed by its member companies and reported to the APWG group. According to the APWG Phishing Activity Trends Report for the first quarter […]
NSA XKeyscore targeted Tor Directory Authority servers
The German broadcaster ARD published a report that reveals that NSA XKeyscore has targeted two Germany-based Tor Directory Authority servers. The NSA surveillance program XKeyscore, according to a report published by German public broadcaster ARD, two Germany-based Tor Directory Authority servers have been targeted […]
Kaspersky Lab reveals an increase in RDP bruteforce attacks
Security experts at Kaspersky Lab have issued data related to the number of RDP brute force attacks on its clients which show a worrying trend. In the June Kaspersky Lab has included […]
Microsoft Seized No-IP Domains, Millions dynamic DNS users affected
Executing an order of a Nevada Court, Microsoft has seized domains belonging to the No-IP.com Dynamic DNS Service affecting the traffic of million users. Microsoft has executed a large-scale operation against a […]
Selfmite, the rare Android worm which spreads itself by sending SMS
Experts at AdaptiveMobile discovered a rare Android SMS worm dubbed Selfmite which spreads itself by sending SMS including a malicious link to the contact list. Security researchers at AdaptiveMobile have discovered a rare Android malware dubbed Selfmite that […]
EMOTET the banking malware which uses network sniffing
Security Experts at Trend Micro have detected a new banking malware, dubbed EMOTET, which uses also network sniffing capabilities to target bank customers. The number of malware families designed to […]
Critical flaw in TimThumb plugin menaces the WordPress world
A critical vulnerability in the WebShot feature implemented by TimThumb plugin expose WordPress instance to Remote Code Execution attacks. The popular image resizing library TimThumb used in many WordPress themes, 3rd party components and plugins is affected by a critical vulnerability […]
HackingTeam, new revelations on the surveillance network
Kaspersky Lab and Citizen Lab have released the results of their analysis on the global E2 infrastructure used by the Italian firm HackingTeam. Security experts from Kaspersky Lab and Citizen Lab at the […]
Largest DDoS attack hit PopVote, Hong Kong Democracy voting site
Largest DDoS attack hit PopVote, Hong Kong Democracy voting website. Experts at CloudFlare observed a three hundred gigabits per second DDoS attack. The largest ever and most severe Distributed Denial of Service (DDoS) attack in […]
AT&T suffered a data breach, users urge to change passcode
The American multinational giant AT&T confirmed to have suffered a data breach last April, personal data of an unknown number of users was exposed. The American multinational telecommunications corporation AT&T confirmed to have suffered […]
Impact of Windows XP End of life on Critical Infrastructure
Which is the impact of the Windows XP End of Life on the critical infrastructure? Which are the risks and the mitigation strategies that could be adopted? This week I […]
Once again Android Smartphone from China with pre-installed malware
Security Experts at German G Data discovered that a popular Chinese Android Smartphone, Star N9500, comes with a pre-installed spyware. It’s not a mystery that many Android Smartphone comes with pre-installed applications, unfortunately […]
AT&T suffered a data breach, users urge to change passcode
The American multinational giant AT&T confirmed to have suffered a data breach last April, personal data of an unknown number of users was exposed. The American multinational telecommunications corporation AT&T confirmed to have suffered […]
Fake Versions of World Cup 2014 Apps targeting Android users
Security Experts at Trend Micro have discovered different World Cup themed malicious application targeting Android mobile devices. The World Cup 2014 is an excellent occasion for cyber criminals to trick […]
Zeus malware is hard to eradicate, the criminal ecosystem continues to innovate it
Prolexic security and engineering response team has issued a study on the possible uses of Zeus malware, remarking that its success is the versatility. Zeus malware never dies, it seems the […]
Vodafone admits support to state surveillance
Vodafone has recently issued the Law Enforcement Disclosure Report to reveal the existence of secret wires that allow state surveillance. Vodafone, one of the largest mobile carrier of the world has issued a […]