targeted attack

Pierluigi Paganini June 17, 2019
From Targeted Attack to Untargeted Attack

Today I’d like to share an interesting and heavily obfuscated Malware which made me thinking about the meaning of ‘Targeted Attack’. Nowadays a Targeted Attack is mostly used to address state assets or business areas. For example a targeted attack might address Naval industry (MartyMcFly example is definitely a great example) or USA companies (Botnet Against […]

Pierluigi Paganini October 22, 2014
New Zero-day in Microsoft OLE being exploited in targeted attacks

Security experts at Google and McAfee have discovered a new Zero-day vulnerability in Microsoft OLE being exploited in targeted attacks. Early this week,  Microsoft issued the security advisory 3010060 to warn its customer of a new Zero-Day vulnerability that affects all supported versions of Windows OS except, Windows Server 2003. The OLE Packager is the component that is affected by the zero-day, […]

Pierluigi Paganini August 11, 2014
Sophisticated evasion techniques adopted in the Op Poisoned Hurricane

Researchers at FireEye have uncovered a new campaign dubbed Poisoned Hurricane characterized by the use of some clever techniques to avoid being detected. Security experts at FireEye revealed that several Internet infrastructure service providers in the United States and Asia, a financial institution, a government organization located in Asia and a US-based media company suffered […]

Pierluigi Paganini July 20, 2014
WhatsApp profile picture: a risky feature? In the mind of a hacker

In this post I’ll show you how an apparently insignificant information on Whatsapp could be used by hackers in a more dangerous targeted attack. When you add a random phone number to your contact list, WhatsApp will show you the profile picture of that user. Given the fact that you don’t know that person, there […]

Pierluigi Paganini June 27, 2014
PlugX RAT with Time Bomb abuses Dropbox in targeted attacks

Trend Micro analyzed a targeted attack against a Taiwanese government entity which used a variant of the PlugX RAT that abuses the Dropbox service. Researchers from Trend Micro discovered that a targeted attack against a government agency in Taiwan was conducted using a variant of the PlugX remote access tool (RAT) which abuses the popular file hosting service […]

Pierluigi Paganini November 06, 2013
A Zero-Day Vulnerability in Microsoft Graphics Component – CVE-2013-3906

Microsoft Zero-day CVE-2013-3906 – Microsoft informed to be aware of a vulnerability in a Microsoft graphics component that is actively exploited in targeted attacks using crafted Word documents sent by email. A new zero-day vulnerability has been found a Microsoft product that could allow attackers to install a malware via infected Word documents. The Microsoft […]

Pierluigi Paganini July 17, 2013
Trend Micro – targeted attack against Europe-Asia government agencies

Trend Micro uncovered targeted attack against European and Asian government agencies to steal login credentials from IE and Microsoft Outlook products. A new targeted attack has been uncovered by Trend Micro security experts, the hackers hit European government agencies trying to steal login credentials from Internet Explorer (IE) and Microsoft Outlook. The attackers trying to […]