Pierluigi Paganini
October 22, 2017
The US DHS and the FBI have issued a warning that APT groups are actively targeting energy firms and critical infrastructure. The US Department of Homeland Security (DHS) and the FBI have issued a warning that APT groups are actively targeting government departments, and firms working in the energy, nuclear, water, aviation, and critical manufacturing […]
Pierluigi Paganini
October 22, 2017
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! · ENISA – CTI – EU | Bonding EU Cyber Threat Intelligence · Flaws in Siemens Building Automation Controllers open to hack. Fix them asap · Hacker interview – Speaking with ICEMAN: Banks […]
Pierluigi Paganini
October 22, 2017
The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed attacks on organizations […]
Pierluigi Paganini
October 22, 2017
An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010. Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic. Security experts believe that the National Security Agency was aware of the […]
Pierluigi Paganini
October 21, 2017
The dreaded Proton malware was spreading through a new supply-chain attack that involved the Elmedia apps, victims should wipe their Macs Bad news for Mac users, a new malware is threatening them of a complete system wipe and reinstall. Crooks are distributing the malware in legitimate applications, the popular Elmedia Player and download manager Folx developed by […]
Pierluigi Paganini
October 21, 2017
Canada’s Communications Security Establishment (CSE) intel agency has released the source code for one of its malware analysis tools dubbed Assemblyline. The Canada’s Communications Security Establishment (CSE) intelligence agency has released the source code for one of its malware detection and analysis tools dubbed Assemblyline. The Assemblyline tool is written in Python and was developed under the […]
Pierluigi Paganini
October 21, 2017
Operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection leveraging the DDE protocol. Security experts are continuing to observe the Locky ransomware spreading via spam campaigns that rely on the Necurs botnet. Now operators behind Locky ransomware campaigns have switched to new attack techniques to evade detection. One of the new techniques adopted by the crooks is the use of […]
Pierluigi Paganini
October 20, 2017
Malware researchers at Check Point have uncovered a new massive IoT botnet that presented many similarities with the dreaded Mirai. The new thing bot emerged at the end of September and appears much more sophisticated, according to the experts the malware already infected more than one million organizations worldwide. The malicious code tries to exploit many known-vulnerabilities […]
Pierluigi Paganini
October 20, 2017
Some kid smartwatches available for sale in Europe pose security and privacy risks, including potentially allowing hackers to take control over them. The European Consumer Organisation (BEUC) warns that most children’s GPS-tracking smartwatches represent a threat for them. Many devices are affected by security vulnerabilities that could be exploited by an attacker to take control over […]
Pierluigi Paganini
October 20, 2017
Trend Micro recently observed a new campaign leveraging the Ursnif banking Trojan using new malicious macro tactics payload delivery and evade detection. Researchers at Trend Micro have recently spotted a new campaign leveraging the Ursnif banking Trojan featuring new malicious macro tactics for payload delivery. Malicious macros are widely adopted by crooks for malware distribution, usually, they […]
