Pierluigi Paganini
June 03, 2018
According to the security experts at Imperva firm, three open Redis servers out of four are infected with malware. The discovery is the result of analysis conducted by running Redis-based honeypot servers for some months. Since their initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, the experts from Imperva have discovered a new […]
Pierluigi Paganini
June 03, 2018
Cyber criminals recently added the code for the CVE-2018-8174 Internet Explorer zero-day vulnerability to the infamous RIG exploit kit. Crooks recently added the code for an Internet Explorer zero-day vulnerability to the infamous RIG exploit kit. The Internet Explorer zero-day vulnerability, tracked as CVE-2018-8174, was first discovered a few weeks ago, it affects VBScript implemented in Internet Explorer and Microsoft […]
Pierluigi Paganini
June 01, 2018
Cybercriminals continue to improve the infamous Mirai botnet by adding new exploits and functionalities, experts warn new dangerous variant will appear in the wild. According to Netscout’s Arbor Security Engineering and Response Team (ASERT), cybercriminals continue to improve the dreaded Mirai IoT botnet by adding new exploits and functionalities. The time to market of new Mirai botnet […]
Pierluigi Paganini
May 30, 2018
On Monday, Two Canada’s five largest banks, the Bank of Montreal (BMO) and Simplii Financial, informed their customers they are investigating a data breach. The security breach suffered by the Bank of Montreal (BMO) may have impacted less than 50,000 of the overall 8 million customers, the incident suffered by Simplii Financial may have exposed information of 40,000 clients. […]
Pierluigi Paganini
May 30, 2018
Researchers at IBM X-Force Research team discovered a new Delphi-based banking Trojan dubbed MnuBot that leverages Microsoft SQL Server for communication with the command and control (C&C). The MnuBot Trojan implements a two-stage attack flow, it is composed of two main components that are tasked for the two stages. In the first stage, the malware searches for a file […]
Pierluigi Paganini
May 29, 2018
Hacker stole $1.3 million from cryptocurrency startup Taylor, the development team will stop the launch of its trading app that was initially planned for this month. The author of the Taylor cryptocurrency trading app announced a security breach, an unknown hacker has stolen around $1.35 million worth of Ether from the wallets of the company. The […]
Pierluigi Paganini
May 29, 2018
Group-IB has released a new report on Cobalt group’s attacks against banks and financial sector organizations worldwide after the arrest of its leader. Threat intelligence firm Group-IB published an interesting report titiled “Cobalt: Evolution and Joint Operations” on the joint operations of Cobalt and Anunak (Carbanak) groups after the arrest of the leader in March 2018. Researchers reported that […]
Pierluigi Paganini
May 28, 2018
Security experts at ESET have spotted a new strain of banking trojan named BackSwap Trojan that implements new techniques to steal money from bank customers. The new techniques allow the malware to bypass anti-malware solutions and security features implemented by browsers to prevent Man-In-The-Browser attacks. Banking malware use to inject malicious code into the web page, […]
Pierluigi Paganini
May 28, 2018
The cybersecurity experts Marco Ramilli analyzed a new sample of malware dubbed MalHide that implements a quite new attack path to use the compromised system as eMail relay in order to hide the attacker networks. Today I’d like to share an interesting (at least to me) analysis on a given sample. I have called this sample MalHide but […]
Pierluigi Paganini
May 28, 2018
Malware researchers from FireEye recently noticed an interesting ongoing activity involving the infamous RIG Exploit Kit (EK) to deliver the Grobios Trojan. Security experts highlighted several times the decline of the exploit kit activity after the disappearance of the Angler and Nuclear exploit kits in 2016. Anyway, researchers at FireEye periodically observe significant developments in this […]
