Many years have passed since the SQL Slammer worm spread uncontrollably on January 25, 2003. It was one of the fastest-spreading malware in history , and with this article we want to retrace those moments, to understand technically how it worked and what happened that day many years ago. At that time, cybersecurity concepts were not as widespread as they are today, and many people found themselves completely unprepared and disoriented in dealing with this cyber pandemic. What is SQL Slammer? If you worked in IT in 2003, you’ll remember what you were doing when Slammer entered your life. It was a

We all know Bruce Schneier , a renowned cryptography and computer security expert, member of the board of directors of the International Association for Cryptological Research and a renowned speaker, who famously said the phrase at the RSA conference a few years ago: “the business model of the Internet is surveillance.” But on October 12, 2015, Bruce Schneier revealed this interesting story that we want to tell you today, the story of the first keylogger. The first keylogger in history The first keylogger in history appeared during the Cold War, in the 1970s, when Soviet intelligence officers spied on American diplomats by

At first we talked about “viruses” , then “worms” appeared, followed by “macro viruses”. These were soon joined by other types of hostile software such as keyloggers or lockers. At some point we all started calling them malware more generically. And just like biological viruses, malware has evolved over time; some are highly opportunistic, emerging to exploit short-term opportunities, while others have evolved to exploit more fundamental flaws and problems in IT systems that have not yet been fixed. From Creepers to Modern Ransomware The first viruses in computing history date back to the 1970s and 1980s. The first piece of malware

As we know, there are different types of cybercriminals. There are ethical hackers and criminal hackers. Within criminal hackers, there are a multitude of dimensions, including, specifically, nation-state-funded hacker groups (or advanced persistent threat (APT) groups) that carry out cyberattacks to gain an advantage, ranging from financial gain to intellectual property. Today we’ll talk about a well-known National State group, said to be affiliated with the Russian government, specifically the GRU, the Main Directorate of the General Staff of the Russian Armed Forces. This is a military intelligence agency that operates and controls its own special forces and units. Today we’ll talk

Researchers across the cyber community have been exchanging a great deal of information lately about the DarkSide ransomware cyber gang, the emerging cybercriminal group that has suddenly risen to global infamy. We had also talked about Sodinokibi/REvil in a previous article , another cyber-gang known to date for high-profile attacks on companies such as Honda, Jack Daniels, Acer, Grubman Shire Meiselas & Sacks and lastly on Quanta/Apple, also publishing an interview with one of its leaders called UNKNOW, a few weeks ago. But after the Colonial Pipeline incident by DarkSide, how could we not talk about this emerging cyber gang? Having first

Researchers have discovered a vulnerability in the new Midnight ransomware , based on the old Babuk source code. The malware is marketed as an “advanced” version of the malware, but attempts to speed up and enhance the encryption process have proven unsuccessful: Norton researchers have managed to create a free decryptor for the affected data. Experts say Midnight is based on Babuk’s source code, which was leaked into the public domain in 2021 and subsequently used as the basis for dozens of malware projects. Midnight almost entirely replicates the structure of its predecessor, but the developers decided to change the encryption scheme: