drive-by download

Pierluigi Paganini July 20, 2014
WhatsApp profile picture: a risky feature? In the mind of a hacker

In this post I’ll show you how an apparently insignificant information on Whatsapp could be used by hackers in a more dangerous targeted attack. When you add a random phone number to your contact list, WhatsApp will show you the profile picture of that user. Given the fact that you don’t know that person, there […]

Pierluigi Paganini February 26, 2014
YouTube ads network serving Caphaw Banking Trojan

YouTube users were targeted by a classic drive-by download attack by exploiting client Java software vulnerabilities and serving Caphaw Banking Trojan. What about using YouTube to spread malware? YouTube is a video-sharing website on which users can upload, view and share videos, it has great appeal to the users and represents one of the bastions of the Internet. The website was […]

Pierluigi Paganini May 06, 2013
IE8 zero-day exploit targets U.S. nuke researchers

Security experts have discovered a new IE8 zero-day vulnerability exploited to target U.S. Government experts working  on nuclear weapons research. Security experts have discovered a new IE8 zero-day vulnerability exploited to target U.S. Government experts working  on nuclear weapons research, the concerning discovery has been confirmed by principal security firms that revealed that the flaw […]