“Collection #I” Data Breach Analysis – Part 2

On January 19th we downloaded Collectoin #1 to make statistics on its content (you might find more information here). During these days we finished the two main activities to be able to answer some more questions about it data: (i) ELK import and (ii) building of simple views to visualise desired informations. The following image shows […]

Read more "“Collection #I” Data Breach Analysis – Part 2"

MartyMcFly Malware: Targeting Naval Industry

Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here). The victim was one of the most important leader in the field of  security and defensive military grade Naval ecosystem in Italy. Everything started from a well crafted  email targeting the right office […]

Read more "MartyMcFly Malware: Targeting Naval Industry"

Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy

Today I’d like to share a full path analysis including a KickBack attack which took me to gain full access to an entire Ursniff/Gozi BotNet .   In other words:  from a simple “Malware Sample” to “Pwn the Attacker Infrastructure”. NB: Federal Police has already been alerted on such a topic as well as National […]

Read more "Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy"

Interesting hidden threat since years ?

Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many obfuscation steps and implementation languages. During the analysis time only really few Antivirus (6 out of 60) were able to […]

Read more "Interesting hidden threat since years ?"