watering hole

Pierluigi Paganini March 10, 2014
The marketing approach of cybercrime to phishing emails

Mark Sparshott, director at Proofpoint, explained that cybercrime manages phishing emails using techniques similar to those used by the marketing industry. Phishing is still considerable on of principal cyber threats for Internet users, it is even more used to spread malware and link to compromised websites, for this reason cybercriminals are adopting new and innovative […]

Pierluigi Paganini March 04, 2014
Soghoian on government surveillance through service update process

Chris Soghoian, principal technologist with the American Civil Liberties Union, explained that government surveillance could exploit service update process. Chris Soghoian, principal technologist with the American Civil Liberties Union, during the recent TrustyCon conference highlighted the possibility that the government will exploit automated update services to serve malware and spy on users. Is this the next […]

Pierluigi Paganini December 20, 2013
New cyber attack against The Washington Post

Security experts at Mandiant have discovered that hackers break into Washington Post servers stealing employee users credentials hashes. Security experts at Mandiant intelligence firm have discovered a new intrusion into the network of The Washington Post, it is the third time in the last three years. In time I’m writing it is still not clear […]

Pierluigi Paganini November 26, 2013
Why do we need for Incident Response plan?

Due to the constant growth in the number of cyber attacks it is necessary to properly define the actions composing an incident response plan. FireEye firm published an interesting post on the need of incident response (IR) capabilities to reply numerous cyber  attacks that daily hit almost any web service. Starting from the data proposed […]

Pierluigi Paganini November 19, 2013
Energy industry warned over threat of cyberattacks, alarm raised by UAE

The energy industry continues to be a privileged target for cyber attacks of hacktivists, state-sponsored hackers and cybercriminals. The alarm from UAE Oil and gas companies are considerable privileged targets of cyber attacks, cybercriminals, state-sponsored hackers and hacktivists daily menace security of infrastructure in the energy industry. The number of attacks worldwide against Oil and […]

Pierluigi Paganini November 16, 2013
Discovered Open URL Redirection flaw in Facebook

Researcher Dan Melamed recently discovered an open url redirection flaw in Facebook that allowed to have a facebook.com link redirect to any website. A Facebook Open URL Redirection vulnerability is the last discovery of security expert Dan Melamed that reported it in a recent post. Dan is an old acquaintance of Security Affairs, he revealed […]

Pierluigi Paganini November 13, 2013
TrendLabs Q3 Security Roundup on illegal activities

TrendLabs has just published the third quarterly report, titled The Invisible Web Unmasked, on the evolution of cybercrime observed in recent months. TrendLabs have published an interesting report titled titled “The Invisible Web Unmasked” to provide a picture of cybercrime evolution observed in recent months. The takedown of the virtual currency Liberty Reserve, the seizure […]

Pierluigi Paganini November 11, 2013
FireEye has identified a new IE zero-day exploit

FireEye Labs has identified a new IE zero-day exploit used for a watering hole attack in the US. As usual it is crucial to track and mitigate so dangerous threats in time to avoid serious problems. FireEye Labs has detected a new series of attacks based on the exploit of a new IE zero-day vulnerability […]

Pierluigi Paganini November 06, 2013
A Zero-Day Vulnerability in Microsoft Graphics Component – CVE-2013-3906

Microsoft Zero-day CVE-2013-3906 – Microsoft informed to be aware of a vulnerability in a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. A new zero-day vulnerability has been found a Microsoft product that could allow attackers to install a malware via infected Word documents. The Microsoft […]

Pierluigi Paganini November 05, 2013
LinkedIn – How to exploit social media for targeted attacks

  The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]