Cyber Crime

Pierluigi Paganini January 11, 2017
Thousands of unpatched Magento shops hacked in the last two years

According to the BSI more than 6,000 online stores running eBay’s Magento platform have been hacked across the last two years. According to the Germany’s Federal Office for Information Security, more than 6,000 online stores running eBay’s Magento platform have been hacked across the last two years. Crooks targeted the e-commerce platform in order to steal credit […]

Pierluigi Paganini January 11, 2017
ShadowBrokers offers for sale the stolen NSA Windows Hacking Tools

The ShadowBrokers is the hacker crew stolen the arsenal of the NSA-Linked Equation Group is offering for sale the stolen NSA Windows Hacking Tools. The ShadowBrokers is the hacker crew that leaked a portion of the arsenal of the NSA-Linked Equation Group, a precious archive containing hacking tools and exploits. At the end of October,  the hackers leaked a fresh […]

Pierluigi Paganini January 10, 2017
A Second variant of Shamoon 2 targets virtualization products

A second variant of the Shamoon 2 malware was discovered by researchers at Palo Alto Networks, this threat also targets virtualization products. A new strain of the Shamoon 2 malware was spotted by the security experts at Palo Alto Networks, this variant targets virtualization products. Shamoon, also known as Disttrack, was first spotted in a wave of attacks that targeted […]

Pierluigi Paganini January 10, 2017
The Los Angeles Community College District paid a $28,000 ransom to decrypt its files

The Los Angeles Community College District has paid a US$28,000 ransomware after crooks compromised its network. Fortunately, the school retrieved data. A Los Angeles school has paid a US$28,000 ransomware after crooks compromised its network. Cyber criminals encrypted computer services, including email systems, at the Los Angeles Community College District. The ransomware used in the attack encrypted […]

Pierluigi Paganini January 10, 2017
CVE-2016-7200 & CVE-2016-7201 Edge flaws added to the Sundown Exploit Kit

The operators behind the Sundown exploit kit have started using two Microsoft Edge flaws just a few days after researchers published a PoC exploit. The Sundown exploit kit is becoming one of the most popular crimeware kits in the hacking underground. The last time we saw it was at the end of 2016 when malware researchers spotted a […]

Pierluigi Paganini January 10, 2017
Hello Kitty database leaked online, 3.3 million fans affected

The Hello Kitty MongoDB database leaked online one year ago recently surface on the web, it includes 3.3 million records belonging to Hello Kitty fans. The security researcher Chris Vickery discovered a Sanrio database that was misconfigured and exposed to the public in 2015. On December 2015, Vickery reported the discovery to Databreaches.net and Salted Hash. According […]

Pierluigi Paganini January 09, 2017
Number of MongoDB ransom attacks peaked 27,000 in a day

According to the Australian Communications and Media Authority Antipodes the number of hacked MongoDB databases more than double to 27,000 in just a day. MongoDB ransom attacks soar, according to the Australian Communications and Media Authority Antipodes the number of hacked systems more than double to 27,000 in just a day. According to the experts, […]

Pierluigi Paganini January 08, 2017
Crooks target UK schools with ‘Department of Education’ ransomware

Action Fraud is warning of ‘Department of Education’ ransomware, crooks are posing government officials to trick people into installing ransomware. This is a story of another string of cyber attacks that leverage ransomware to compromise victims’ machines. Cyber criminals are targeting schools in the UK, asking victims to pay up to £8,000 to unlock data […]

Pierluigi Paganini January 07, 2017
China-Linked DragonOK APT Group continues updating tools and tactics

The China-linked DragonOK continues updating tools and tactics and targeted entities in various countries, including Russia and Tibet. It was September 2014, when security researchers at FireEye spotted for the first time the cyber espionage activities of a Chinese state-sponsored group dubbed DragonOK. At the time, FireEye discovered two hacking campaigns conducted by distinct groups operating in separate regions […]

Pierluigi Paganini January 06, 2017
A fake Super Mario Run for Android is serving the Marcher Banking Trojan

Zscaler experts have found in the wild a fake version of the Super Mario Run Android App that could install the Android Marcher banking trojan. Bad news for mobile gamers, security experts at Zscaler have spotted a strain of the Android Marcher Trojan masqueraded as the recently released Super Mario Run mobile game for Apple’s iOS. Marcher is a sophisticated banking […]