Pierluigi Paganini
January 26, 2019
The cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on dataThe cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on data On January 19th we downloaded Collection #1 to make statistics […]
Pierluigi Paganini
January 25, 2019
Security experts from Cybaze-Yoroi ZLab investigated two malicious spam campaigns delivering Java RAT that show some similarities. Introduction During the last weeks, the Cybaze-Yoroi ZLab researchers identified infection attempts aimed to install RAT malware directed to the naval industry sector. The malicious email messages contained a particular Adwind/JRat variant delivered via several methods tailored to […]
Pierluigi Paganini
January 25, 2019
Security experts observed two distinct campaigns distributing the Ursnif malware, one of them also delivered the GandCrab ransomware. Experts pointed out that the cybercrime gangs behind the two campaigns are different, but they discovered many similarities in them. Attackers spread phishing messages using weaponized Microsoft Word document and leverages Powershell to deliver fileless malware. Ursnif is a banking […]
Pierluigi Paganini
January 25, 2019
The security expert Dirk-jan Mollema with Fox-IT discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user with a mailbox to become a Domain Admin. The experts described the attack scenario in a blog post and published a proof-of-concept code. “In most organisations using Active Directory and Exchange, Exchange servers have […]
Pierluigi Paganini
January 24, 2019
Security experts from Kaspersky Lab’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) linked the GreyEnergy malware with and the Zebrocy backdoor. Security researchers from Kaspersky Lab’s ICS CERT have discovered a link between GreyEnergy malware with and the Zebrocy tool. The activity of the GreyEnergy APT group emerged in concurrence with BlackEnergy operations, experts consider […]
Pierluigi Paganini
January 24, 2019
A still ongoing spam campaign that has been active during the last months has been distributing the Redaman banking malware. Experts at Palo Alto Networks continue to monitor an ongoing spam campaign that has been distributing the Redaman banking malware. The malware was first observed in the threat landscape in 2015, most of the victims […]
Pierluigi Paganini
January 24, 2019
Cisco released security updates for several products, including SD-WAN, Webex, Firepower, IoT Field Network Director, Identity Services Engine, and Small Business routers. Cisco released security updates to address security flaws in several products including SD-WAN, Webex, Firepower, IoT Field Network Director, Identity Services Engine, and Small Business routers. One of the flaws tracked as CVE-2019-1651 has […]
Pierluigi Paganini
January 24, 2019
DHS has issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e. .gov) to prevent DNS hijacking attacks. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.” “In coordination with government and industry partners, the […]
Pierluigi Paganini
January 24, 2019
Researcher published a PoC exploit code for critical vulnerabilities that could be chained to implement an iOS jailbreak On iPhone X The security researcher Qixun Zhao of Qihoo 360’s Vulcan Team has published a PoC exploit code for critical vulnerabilities in Apple Safari web browser and iOS that could be exploited by a remote attacker to jailbreak […]
Pierluigi Paganini
January 23, 2019
PHP PEAR official site hacked, attackers replaced legitimate version of the package manager with a tainted version in the past 6 months. Bad news for users that have downloaded the PHP PEAR package manager from the official website in the past 6 months because hackers have replaced it with a tainted version. The PHP Extension and […]
Cyber Crime / December 09, 2025
