FireEye

Pierluigi Paganini February 15, 2014
FireEye discovered a new watering hole attack based on 0-day exploit

Security researchers from FireEye have recently  discovered a new IE 10 Zero-Day exploit being used in a watering hole attack. Security experts at FireEye discovered a new IE 10 Zero-Day exploit (CVE-2014-0322) being used in a watering hole attack on the US Veterans of Foreign Wars (VFW) website. The zero-day allows the attacker to modify one byte […]

Pierluigi Paganini January 29, 2014
Time for a Cybersecurity Overhaul

A post on cybersecurity written by Larry Karisny, director of ProjectSafety.org,a cybersecurity expert,advisor,consultant, writer and industry speaker. Most of the recent attention on cybersecurity has been directed toward the disclosure of NSA activities and recent corporate breaches now reaching record-breaking levels. Both the public and private sectors are beginning to witness how devastating cyber breaches […]

Pierluigi Paganini January 08, 2014
Windows Zero-Day vulnerability used in targeted attacks against 28 Embassies

TrendLab malware analysts confirmed that recent Windows Zero-Day vulnerability was exploited in cyber attack against Embassies in a Middle Eastern capital. At the end of the last year Microsoft revealed that a zero-day vulnerability was in use in targeted attacks against Windows XP and Server 2003 systems. The discovery of the flaw in Microsoft OSs was made […]

Pierluigi Paganini December 01, 2013
MS Windows XP CVE-2013-5065 Eleventh zero-day flaw found by FireEye

FireEye Security Experts discovered Microsoft Windows XP and Server 2003 privilege escalation zero-day exploit Security experts at FireEye have discovered a new zero-day, a privilege escalation vulnerability in Windows XP and Windows Server 2003. It’s is the eleventh vulnerability discovered by FireEye this year, really a great job for the researchers of the young company. The last zero-day flaw is coded […]

Pierluigi Paganini November 26, 2013
Why do we need for Incident Response plan?

Due to the constant growth in the number of cyber attacks it is necessary to properly define the actions composing an incident response plan. FireEye firm published an interesting post on the need of incident response (IR) capabilities to reply numerous cyber  attacks that daily hit almost any web service. Starting from the data proposed […]

Pierluigi Paganini November 11, 2013
FireEye has identified a new IE zero-day exploit

FireEye Labs has identified a new IE zero-day exploit used for a watering hole attack in the US. As usual it is crucial to track and mitigate so dangerous threats in time to avoid serious problems. FireEye Labs has detected a new series of attacks based on the exploit of a new IE zero-day vulnerability […]

Pierluigi Paganini October 03, 2013
FireEye World War C report – Nation-state driven cyber attacks

FireEye security firm released World War C report to explain nation-state motives behind advanced Nation-state driven cyber attacks. Nation-state driven cyber attacks are routinely conducted on a global scale to defend national sovereignty and project national power. We are living in the cyber era, human conflict is involving also the fifth domain of warfare, the cyberspace. As never […]

Pierluigi Paganini September 25, 2013
Chinese hackers increasingly attracted to the drone technology

Intelligence agencies reveal that Chinese hackers increasingly attracted to the drone technology while Chinese drone industry grows like never before! The fact that Chinese hackers are most persistent collectors for sensitive information is not a mystery, more difficult to demonstrate the direct involvement of the PLA behind the operations of computer experts that systematically seek to unravel […]

Pierluigi Paganini September 24, 2013
FireEye revealed APT Operation DeputyDog against Japanes entities

Security experts at FireEye discovered the Operation DeputyDog against Japanese entities that exploits Zero-Day (CVE-2013-3893) recently announced by Microsoft. FireEye announced the discovery of the cyberespionage Operation DeputyDog leveraging the recently announced zero-day CVE-2013-3893. FireEye and Kaspersky are the companies most active in the analysis of large espionage campaign that governments and hackers are conducting against strategic targets.  According the analysis based on FireEye […]

Pierluigi Paganini August 25, 2013
Poison Ivy still alive, old malware new cyber threats – FireEye report

Security vendor FireEye has published a detailed analysis on the popular Poison Ivy RAT, releasing also a set of tools to analyze infections. Security firm FireEye published an interesting analysis on the popular malware Poison Ivy, a remote access trojan (RAT) used in RSA SecurID attack. Poison IVY was also used in the 2011 Nitro […]