Reports

Pierluigi Paganini March 16, 2015
ICS-CERT MONITOR report states most critical infrastructure attacks involve APTs

DHS ICS-CERT MONITOR report reveals that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities. The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report According to the report, the Industrial Control Systems […]

Pierluigi Paganini March 14, 2015
2,400 unsafe applications found in average large enterprise

A recent study published by Veracode on mobile security revealed that 2,400 unsafe applications are in average installed in large enterprise. Mobile devices are becoming an integral part of the enterprise architecture, security depends heavily on the use that is made with mobile devices and from the policies adopted to protect the company from cyber […]

Pierluigi Paganini March 13, 2015
80 percent of merchants fail PCI DSS compliance assessment

The Verizon’s 2015 PCI Compliance Report reveals that eighty percent of merchants fails interim PCI DSS compliance assessment. According to a new report by Verizon Communications Inc., nearly 80 percent of global merchants, including retailers, financial institutions, and hospitality firms are not in compliance with card data security standards. The Reuters agency reported that 5,000 merchants in 30 countries […]

Pierluigi Paganini March 12, 2015
EquationDrug, the hacking platform of the Equation Group APT

Experts at Kaspersky Lab published a detailed analysis of the EquationDrug platform and its modules developed by the Equation Group APT. Recently experts at Kaspersky Lab have uncovered the Equation Group hacking crew, the most sophisticated ever APT. Security researchers at Kaspersky Lab revealed that the capabilities of the Equation Group surpass anything known in […]

Pierluigi Paganini March 05, 2015
Identity Fraud Cost US Consumers $16 billion in 2014, less than in 2013

The annual study published by Javelin Strategy & Research on identity fraud estimates that U.S. consumers actually suffered fewer losses than in the past. Last year we observed a significant number of data breaches that cause the exposure of a huge quantity of information in the criminal ecosystem. According to the 2015 Identity Fraud Study (“2015 IDENTITY FRAUD: […]

Pierluigi Paganini March 05, 2015
Financial Trojans in 2014 – Symantec reports a significant drop in infections

Symantec revealed observed a significant drop in the number of  Financial Trojans in 2014, a report includes a detailed analysis of the phenomena. Symantec has analyzed the evolution of Financial Trojans in 2014 highlighting a significant drop in the number of detection of malicious agents. Symantec analyzed nine common financial Trojans during 2014, the sample analyzed targeted […]

Pierluigi Paganini February 21, 2015
Verisign report – The rise of DDoS attacks as a service

A new report published by Verisign provides useful data related to the recent evolution of DDoS attacks and the services that offer them. DDoS attacks are even more dangerous for every organization that exposes its resources and services on the Internet, recent attacks against Sony PSN network and XBox live service demonstrate it. DDoS attacks despite […]

Pierluigi Paganini May 08, 2014
Reading 2014 Ponemon Cost of Data Breach Study

The Ponemon Institute has issued its ninth annual report ” Cost of Data Breach Study “, an analysis on the economic impact of data breaches. The Ponemon Institute has issued its annual report “Cost of Data Breach Study,”, a study on the economic impact of data breaches. The Cost of Data Breach Study is sponsored by IBM, […]

Pierluigi Paganini April 29, 2014
Evolution of the Russian underground offer

TrendMicro has published an excellent study on the evolution of the Russian underground, detailing products, services and related prices. Max Goncharov has published a new interesting study on the Russian Underground, titled Russian Underground Revisited, one year after the previous report “Russian Underground 101”. Trend Micro report continues its analysis of the services and products offered by cyber criminals in […]