Social Engineering

Pierluigi Paganini May 01, 2018
FacexWorm targets cryptocurrency users and spreads through Facebook Messenger

Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience, FacexWorm targets cryptocurrency users by spreading through Facebook Messenger. Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience. In the last hours, a new threat is spreading through leveraging an apparently […]

Pierluigi Paganini January 20, 2018
Crackas leader (15) gained access to data of intel operations in Afghanistan and Iran by posing as the CIA chief

British teenager Kane Gamble (15), leader of the ‘Crackas With Attitude’ hacking group gained access to intel operations in Afghanistan and Iran by posing as the CIA chief. Do you remember “Crackas With Attitude”? You remember for sure the Crackas With Attitude, a hacking crew that claimed clamorous actions in support of the Palestine cause. The notorious group […]

Pierluigi Paganini July 17, 2017
SMS Phishing induces victims to photograph its own token card

Renato Marinho detailed an unusual SMS phishing campaign that hit Brazilian users. All started with an SMS message supposedly sent from his bank. Introduction Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received an SMS message supposedly sent from his bank asking him to update his registration […]

Pierluigi Paganini May 07, 2017
Business email compromise (BEC), the 5 billion dollar scam

The Federal Bureau of Investigation report reveals that Business email compromise scams caused losses to businesses for 5 billion dollars over four years. Business email compromise (BEC) continues to be a profitable attack technique for crooks and a serious threat to businesses. The FBI has published data related to this specific criminal practice, and financial […]

Pierluigi Paganini November 07, 2016
Cisco data leak – Job applications portal leaked personal information

Cisco data leak – Cisco has fixed a security vulnerability in the company Professional Careers portal that exposed personal information of the users. Cisco data leak – Cisco has fixed a security vulnerability existing in the company Professional Careers portal that may have leaked personal information. Cisco has notified the issue to the affected users […]

Pierluigi Paganini September 25, 2016
Australian Police warns of malware-laden USB drives left in letterboxes

The Police in the Australian State of Victoria issued a warning to the local population of malware-laden USB drives left in letterboxes. USB drives are a privileged vector of attack, security experts have demonstrated that it is possible to hide malicious code in memory stick that could compromise almost every computer. We are aware that […]

Pierluigi Paganini August 10, 2016
Hacker Interviews – Claudio Caracciolo

Today I have interviewed Claudio Caracciolo (@holesec) one of the most renowned Security Professional that works like Chief Security Ambassador for ElevenPaths Claudio Caracciolo (@holesec)  wrote a book and is known for his effective interpersonal skills and his ability as an international speaker. Enjoy the Interview. You are one of the world’s most talented cyber security […]

Pierluigi Paganini August 04, 2016
#BHUSA2016 – Researcher explained how to hack any PC with a found USB drive

At Black Hat USA, the security researcher Elie Bursztein demonstrated the dangers of found USB drive and how to create a realistic one. Giving a look at the titles of the presentations in the agenda of the Black Hat USA Conference 2016 I noticed an interesting topic proofed by the security expert Elie Bursztein, the […]

Pierluigi Paganini July 20, 2016
Delilah, the first Trojan to recruit Insiders

Delilah is the first extortion trojan that spies on victims and collects information to force them in doing malicious activities from inside. Delilah is a strain of malware developed to extort victims into stealing insider data, it was first discovered on crime forums by the Israeli intelligence firm Diskin Advanced Technologies. Deliah is not distributed in […]

Pierluigi Paganini July 04, 2016
Hacking a Facebook profile with a fake passport

Hacking a Facebook profile -An unidentified hacker successfully took over a Facebook account with a social engineering attack that involved a fake passport Today I desire to discuss with an interesting case, a hacker successfully took over a Facebook account with a social engineering attack. The hacker demonstrated that it is possible to bypass any […]