Malware

Pierluigi Paganini June 24, 2015
Cryptowall cost victims $18 Million since 2014 warns FBI

Between April 2014 and June 2015, the IC3 received 992 CryptoWall related complaints, with victims reporting losses totaling over $18 million. Cryptowall is one of the most nefarious ransomware in the wild, in twelve months the FBI has estimated that the overall losses were more than $18 million. Ransomware implements a classic extortion scheme typically demanding that victims pay ransom […]

Pierluigi Paganini June 23, 2015
Adobe fixed the CVE-2015-3113 that is being exploited in the wild

Adobe has released a security update for the critical Adobe Flash Player vulnerability CVE-2015-3113 that is being actively exploited in the wild. Security experts at FireEye discovered a critical heap buffer overflow vulnerability, coded CVE-2015-3113, that affects Adobe systems. FireEye discovered that the Adobe flaw is being exploited in the wild by the hacking crew […]

Pierluigi Paganini June 23, 2015
NSA and GCHQ target security firm including Kaspersky

Documents leaked by Edward Snowden show the NSA and the GCHQ efforts to compromise security software companies including Kaspersky Lab.  A new collection of documents leaked by the popular whistleblower Edward Snowden reveals that both UK and US government intelligence agencies are targeting principal security firms and security companies. Kaspersky Lab calls nation-states’ targeting of security companies […]

Pierluigi Paganini June 21, 2015
Security Affairs newsletter Round 14 – Best of the week from best sources

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. OPM hack: White House orders the adoption of best practices Researcher found Wind turbines and solar systems vulnerable worldwide OPM data offered for sale on the Dark Web Wikimedia […]

Pierluigi Paganini June 19, 2015
Cybercrime is paying with 1,425% return on investment

Trustwave firm published a report related to 2014 incidents that revealed cyber criminal activities are paying with 1,425% return on investment. Hackers are seeing a whopping 1,425% return on investment for these two kinds of attacks Security experts at Trustwave published an interesting report on the return on investment related to illegal activities online. The experts revealed that […]

Pierluigi Paganini June 18, 2015
Banking trojan used in a second round attack against Bundestag

Security researchers at the GData security firm discovered a second stage of the cyber attack on the German Bundestag that exploited a banking trojan to steal data. In the last weeks, I have reported the various news related to the cyber attack against the Bundestag and a possible involvement of Russian state-sponsored hackers. The media reported that […]

Pierluigi Paganini June 17, 2015
Understanding Malware Terminology for Beginners

A brief introduction to several malware-related terms in an easy-to-understand manner. A useful glossary to better understand the “malware” terminology. Introduction The world that we live in is constantly changing; it is always evolving. The sophistication of the technology at the disposal of both those who “wear” a white hat (the good guys) and those who wear a black hat (the bad guys) […]

Pierluigi Paganini June 17, 2015
Stegoloader, a stealthy Information Stealer that exploits steganography

The authors of the Stegoloader malware are exploiting digital steganography to keep the information-stealing under the radar and avoid detection. Malware authors are prolific professionals always searching for techniques that can allow them to hide their malicious codes from detection. This week the security researchers at Dell SecureWorks discovered a new strain of malware dubbed Stegoloader, that […]

Pierluigi Paganini June 16, 2015
Authors of Duqu 2.0 used a stolen digital certificate in attacks

Malware authors behind the Duqu 2.0 used a stolen certificate from the Foxconn company to implement a persistence mechanism and stay stealthy. New details emerge from the investigation conducted by the experts at Kaspersky on the Duqu 2.0 malware that targeted the systems of the company, the threat actors used valid certificate from Hon Hai Precision Industry […]

Pierluigi Paganini June 15, 2015
$38 an hour is the cost of destructive DDos Attacks

DDOS attacks have become cheaper than one can think, just because of the era of DDOS-for-hire services. However, such attacks are easier to launch now and don’t cost much, but when it comes to the victim – it costs $40,000 per hour to them considering the loss. Incapsula revealed in its annual Report of DDoS […]