spear phishing

Pierluigi Paganini November 16, 2013
Discovered Open URL Redirection flaw in Facebook

Researcher Dan Melamed recently discovered an open url redirection flaw in Facebook that allowed to have a facebook.com link redirect to any website. A Facebook Open URL Redirection vulnerability is the last discovery of security expert Dan Melamed that reported it in a recent post. Dan is an old acquaintance of Security Affairs, he revealed […]

Pierluigi Paganini November 05, 2013
LinkedIn – How to exploit social media for targeted attacks

  The professional social network LinkedIn is a mine of information for any king of attackers, a Websense post described a typical attack scenario. Recently I read an interesting post published on the Websense security labs blog on the use of social network LinkedIn for the reconnaissance phase of an attack. The concept is not […]

Pierluigi Paganini September 27, 2013
Icefog – Kaspersky discovered the group of cyber mercenaries

Kaspersky Lab discovered the emerging group of cyber-mercenaries Icefog available for hire to perform surgical hit and run operations against strategic targets. Researchers at Kaspersky Lab sustain to have identifies a group of cyber mercenaries called Icefog that is responsible for a huge cyber espionage campaign, occurred in 2011, against Japanese parliament and dozens of government agencies and […]

Pierluigi Paganini September 04, 2013
NetTraveler APT hackers still active improved their attacks

Experts at Kaspersky firm provided evidences that the hackers behind cyber espionage campaign NetTraveler are still active and improved their attack methods. Last June Kaspersky firm uncovered a new global cyber espionage campaign dubbed NetTraveler. Kaspersky’s team discovered that NetTraveler targeted over 350 high profile victims from 40 countries. The name of the operation derives from […]

Pierluigi Paganini August 25, 2013
Poison Ivy still alive, old malware new cyber threats – FireEye report

Security vendor FireEye has published a detailed analysis on the popular Poison Ivy RAT, releasing also a set of tools to analyze infections. Security firm FireEye published an interesting analysis on the popular malware Poison Ivy, a remote access trojan (RAT) used in RSA SecurID attack. Poison IVY was also used in the 2011 Nitro […]

Pierluigi Paganini August 24, 2013
Critical Pinterest Exploit threatens the privacy of millions of users

Security researcher Dan Melamed has found a serious Pinterest Exploit that exposed user’s information of over 70 Million accounts. The security researcher Dan Melamed has found a Critical Pinterest Exploit that compromised the privacy of over 70 Million Users, the flaw allows hackers to view the email address of any user on Pinterest. Pinterest is a very popular […]

Pierluigi Paganini July 21, 2013
Uncovered an unusual attacks based on anomalous file infector

Security experts uncovered an unusual cyber espionage campaign based on file infector belonging to the PE_EXPIRO family that includes information theft module Security experts at TrendMicro uncovered an unusual espionage campaign that hit United States users based  on malware having file infector with stealing capabilities. The attackers acted with specific intent to steal information from organizations or […]

Pierluigi Paganini July 17, 2013
Trend Micro – targeted attack against Europe-Asia government agencies

Trend Micro uncovered targeted attack against European and Asian government agencies to steal login credentials from IE and Microsoft Outlook products. A new targeted attack has been uncovered by Trend Micro security experts, the hackers hit European government agencies trying to steal login credentials from Internet Explorer (IE) and Microsoft Outlook. The attackers trying to […]

Pierluigi Paganini July 09, 2013
Hackers hit South Korea also spread spyware to steal military secrets

Mc Afee Lab experts revealed that hackers behind large scale cyberattacks against South Korea also designed malware to steal military secrets. The hackers behind the recent attacks against South Korean infrastructure are professionals that designed also malicious code to steal military secrets to the South Korea and US military. Security experts at McAfee Labs revealed […]

Pierluigi Paganini July 02, 2013
ICS-CERT Surge In attacks against Energy Industry

The ICS-CERT issued a new Monitor report that revealed a surge of brute force attacks against control systems mainly belonging to the energy sector. The ICS-CERT issued a new Monitor report that revealed an intensification for brute force attacks against control systems mainly belonging to the energy sector. The ICS-CERT received notification for more than 200 […]