duqu

Pierluigi Paganini June 10, 2015
Duqu 2.0 the most sophisticated threat ever seen targeted also Kaspersky

Threat actors used a Duqu 2.0 worm in a series of attacks worldwide that also breached the systems at Kaspersky Lab. It is most complex malware ever seen. A new powerful strain of Duqu malware, dubbed Duqu 2.0, appeared in the wild after going dark in 2012. Duqu 2.0 is a very sophisticated agent that exploited a number […]

Pierluigi Paganini February 23, 2015
CyberCriminals and their APT and AVT Techniques

The cyber security expert Ashiq JA analyzed the principal characteristics of APT (Advanced Persistent Threat) and AVT (Advanced Volatile Threat) . Cybercriminals and their techniques in the APT and AVT attacks “APT is an attack in the persistent memory that resides in the victims machine without getting noticed and the attacker exfiltrates sensitive information from […]

Pierluigi Paganini December 01, 2014
Is it possible to attribute the backdoor Regin to the cybercrime?

The popular cyber security expert Raoul Chiesa commented the hypothesis that backdoor Regin is a product of organized cybercrime. Excerpt from a detailed analysis published on the Infosec Institute In this phase it is quite impossible to attribute precisely the development of the Regin malware to a specific category of threat actors. Until now we […]

Pierluigi Paganini November 24, 2014
Regin – Highly advanced spying tool discovered by Symantec

Symantec has uncovered the backdoor Regin, a highly advanced spying tool used in cyber espionage campaigns against governments and infrastructure operators. Backdoor Regin, is the name assigned by the experts at Symantec to an advanced spying tool that has been used in cyber espionage campaigns against governments, infrastructure operators, private companies, researchers, and private individuals. Regin appears […]

Pierluigi Paganini August 04, 2014
Analysis of the Stuxnet Cyber Weapon Family and Dragonfly

Cyber weapons like Stuxnet will only grow in prevalence, use and sophistication and it is therefore in the interest of national security to develop advanced mitigation techniques and capabilities. The progenitor of Duqu, Flame and Gauss are reported as the authors of STUXNET. As illustrated, the trend of advancements between these four cyber weapons suggests […]

Pierluigi Paganini February 11, 2014
The Mask – the most sophisticated APT operation seen to date

Speaking at Kaspersky Lab’s Industry Analyst Summit,Costin Raiu revealed details on The Mask campaign, the most sophisticated operation they’ve seen to date. The Kaspersky team recently announced to have detected a new significant APT campaign dubbed The Mask or “Careto” (Spanish for “Ugly Face” or “Mask”), a group of high-level state-sponsored hackers have been targeting government agencies, […]

Pierluigi Paganini February 09, 2014
Cost of conducting APT campaigns is dramatically dropping

Speaking at Kaspersky Lab’s Industry Analyst Summit Costin Raiu, revealed that the cost for APT campaign is dramatically dropping. The cost of developing advanced malware has fallen dramatically malicious code like Stuxnet and Flame are today economically more affordable. It has been estimated that the expense for the development of a cyber weapon like Stuxnet,or for a […]

Pierluigi Paganini February 04, 2014
Fixed a serious flaw in Adobe Flash Player exploited in “the Mask APT”

Adobe has released security updates for Adobe Flash Player to fix a critical vulnerability exploited in a sophisticated cyber espionage campaign. Adobe has released today a new patch for the Flash Player product to fix a vulnerability which is currently being exploited. The vulnerability (CVE-2014-0497), allows an attacker to remotely take control of the targeted system […]

Pierluigi Paganini December 02, 2013
Israel and Saudi Arabia are plotting a cyber weapon worse than Stuxnet

Iranian report states that Israel and Saudi Arabia are plotting new computer cyber weapon to sabotage the Iranian nuclear program like happened with Stuxnet. Saudi spy agency, Mossad are collaborating in the design of malware worse than Stuxnet. The Fars agency reported that Israel and Saudi Arabia have started a joint collaboration for the development […]

Pierluigi Paganini October 03, 2013
FireEye World War C report – Nation-state driven cyber attacks

FireEye security firm released World War C report to explain nation-state motives behind advanced Nation-state driven cyber attacks. Nation-state driven cyber attacks are routinely conducted on a global scale to defend national sovereignty and project national power. We are living in the cyber era, human conflict is involving also the fifth domain of warfare, the cyberspace. As never […]