Cyber Crime

Pierluigi Paganini October 11, 2017
Microsoft addresses CVE-2017-11826 Office Zero-Day used to deliver malware

Microsoft October Patch Tuesday addresses the CVE-2017-11826 Office Zero-Day vulnerability that has been exploited in the wild in targeted attacks. Yesterday we discussed Microsoft’s October Patch Tuesday addressed three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Going deep in the analysis of the Patch Tuesday updates for October 2017 we can see that Microsoft addressed […]

Pierluigi Paganini October 10, 2017
FormBook malware used in high-volume distribution campaigns targeting organizations in the US and South Korea

Crooks are spreading the FormBook malware to target aerospace firms, defense contractors and some manufacturing organizations in the US and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting aim at Aerospace, Defense Contractor, and Manufacturing industries. The phishing emails that targeted US entities contain PDF, DOC or […]

Pierluigi Paganini October 09, 2017
KovCoreG group spreading Kovter Malware via fake browser and Flash updates

Security experts from Proofpoint have uncovered a malvertising actor named KovCoreG group that is spreading the Kovter malware via fake browser and Flash updates. Security researchers from Proofpoint have uncovered a malvertising group dubbed KovCoreG that is spreading the Kovter malware via fake browser and Flash updates. The Kovter malware is used in Ad fraud campaigns, victims were infected by simply clicking […]

Pierluigi Paganini October 09, 2017
Sri Lanka police arrest two men over cyber theft at the Taiwan Bank

The Sri Lanka authorities have arrested two men allegedly involved in cyber heist at an unnamed Taiwan bank that occurred last week. The Sri Lanka police have arrested two men allegedly involved in the Taiwan cyberheist, the suspects are accused to have hacked into computers at a Taiwan bank and stole millions of dollars last week. According to an official, the […]

Pierluigi Paganini October 08, 2017
Forrester, one of the most influential research and advisory firms was hacked

Forrester Research announced today that Forrester.com experienced a security breach this week, attackers were ultimately detected and shut out of the system Forrester, one of the most influential research and advisory firms in the world, revealed on Friday to have suffered a security breach the past week. The attackers broke into the infrastructure hosting the Forrester.com […]

Pierluigi Paganini October 07, 2017
Experts spotted KnockKnock attacks, a new ingenious attack technique on Office 365 System Accounts

Security experts from Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 accounts. The cloud access security broker Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 (O365) accounts. The massive campaign leverages a low-key attack, started in May and is […]

Pierluigi Paganini October 07, 2017
British teenager admits trying to hack CIA Chief and other top US officials

A British teenager admitted in a British court to have attempted to hack into the computers of top US officials, including former CIA chief John Brennan. On Friday, the British teenager Kane Gamble (18) from Coalville, Leicester, admitted in a British court to have attempted to hack into the computers of top US officials, including former CIA chief John Brennan. Kane […]

Pierluigi Paganini October 05, 2017
Experts discovered a SYSCON Backdoor using FTP Server as C&C

Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon for […]

Pierluigi Paganini October 04, 2017
Yahoo hack – All 3 Billion Yahoo accounts were hacked in 2013 attack

The Yahoo hack occurred in 2013 is bigger than originally stated, Verizon confirmed that all 3 Billion Yahoo accounts were hacked in the attack. The Yahoo hack occurred in 2013, the biggest known data breach suffered by a tech company, is bigger than originally stated. Verizon Communications, which acquired Yahoo for $4.48 billion in June, […]

Pierluigi Paganini October 04, 2017
A new Ethereum ICO was hacked, the victim is Etherparty

The Etherparty website is the last victim in order of time of a cyber attack involving an Ethereum ICO (Initial Coin Offering). Another hack involving an Ethereum ICO (Initial Coin Offering) made the headlines, the victim is the Etherparty website that sells tokens for a blockchain-based smart contract tool. The attackers replaced the legitimate address for sending funds to […]