Cyber Crime

Pierluigi Paganini February 12, 2015
Chinese hackers hit Forbes visitors with zero-day exploits

Security experts at Invincea and iSIGHT Partners uncovered a hacking campaign that used two distinct zero-day flaws to compromise Forbes.com website. Security experts at Invincea and iSIGHT Partners in a joint investigation tried to profile a Chinese APT group that used two distinct zero-day flaws to compromise Forbes.com website. The intent of the group was to […]

Pierluigi Paganini February 12, 2015
Exploiting DNS Poisoning in Brazilian Boleto Fraud Scheme

In recent months Brazilian criminal crews have started using DNS poisoning technique to target Brazilian Boletos. Security experts at RSA reported that DNS poisoning attacks are being used by cybercriminals to target Brazilian Boletos. What is Boleto? People in Brazil use popular payment method known as “Boleto” to purchase services and products by using vouchers instead […]

Pierluigi Paganini February 11, 2015
Dutch Government websites suffered a major cyber attack

The Netherlands’ ANP news agency revealed that the outage of Dutch Government websites, lasted for most of Tuesday, was caused by a major cyber attack. According to the Netherlands’ ANP news agency, the outage that brought down several Dutch Government websites for most of Tuesday was caused by a major cyber attack. The outage began […]

Pierluigi Paganini February 11, 2015
Unknown hackers hit Gas Pump Monitoring Systems in the US

Researchers from Trend Micro discovered that unknown hackers have compromised  Gas Pump Monitoring Systems in the US … it’s security emergency. Researchers at Trend Micro and many other security firms have observed a significant increase in the number of cyber attacks against systems in oil and energy industries. Another worrying trend observed by the experts is […]

Pierluigi Paganini February 10, 2015
Memex – The new search tool to dig also in the Deep Web

DARPA has publicly presented for the first time a new set of search tools called Memex which will improve also researches into the “Deep Web”. In 2014, the U.S. Defense Advance Research Projects Agency (DARPA) launched a the MEMEX project to design advanced search tools that could be also used to scan the deep web, which isn’t indexed by […]

Pierluigi Paganini February 10, 2015
Volume License Trojan Chanitor targets enterprises

Cisco experts discovered a phishing campaign that is spreading fake Volume License Trojan Chanitor to corporate users and is able to evade sandboxes. A few weeks ago, multiple Cisco Managed Threat Defense (MTD) customers received an email that appeared as sent by the Microsoft Volume Licensing Service Center (VLSC), which contains a link to login to the […]

Pierluigi Paganini February 10, 2015
Phishing campaign is targeting Apple iCloud users to steal financial data

Security experts at Sophos spotted a new phishing campaign targeting iCloud users. The attackers are interested in the victims’ financial data. Sophos security firm reported that threat actors are running phishing campaign against Apple iCloud users to steal financial data. The messages sent by bad actors are tailored to appear as legitimate security alerts issued by Apple. […]

Pierluigi Paganini February 09, 2015
Cybercrime exploits Anthem data breach in Phishing campaigns

Following the Anthem data breach, cyber criminals launched phishing campaigns to harvest customers’ personal information and credentials. A few hours after disclosure of the news of the data breach suffered by the nation’s second largest health insurer Anthem cyber criminals started sending phishing emails related to the cyber attacks. The Anthem incident could potentially impact millions […]

Pierluigi Paganini February 07, 2015
Fake WhatsApp for Web offered in the wild

Cybercriminals are offering worldwide a fake WhatsApp for Web in spam campaign with the intent to serve banking malware and run other kinds of scams. Recently WhatsApp launched its web service that could be used by using Google Chrome and allows users to access all the conversations and messages from the mobile device. “Our web client is […]

Pierluigi Paganini February 06, 2015
Fessleak malvertising campaign used to serve ransomware

Invincea has been monitoring the Fessleak campaign in which hackers leveraged Adobe Flash Player exploits and file-less infections to serve ransomware. Security experts from Invincea are investigating on a new Ransomware campaign originated in Russia that presented many interesting characteristics. The researchers discovered that the attacks started by using file-less infections then moved to the […]