Pierluigi Paganini
February 27, 2018
Security researchers at Morphisec have uncovered a massive hacking campaign that is exploiting the recently patched CVE-2018-4878 Adobe Flash Player vulnerability. Threat actors are exploiting the use-after-free flaw to deliver malware. The CVE-2018-4878 vulnerability was fixed by Adobe on February 6, after security experts discovered it was used by North Korea-linked APT37 group in targeted […]
Pierluigi Paganini
February 27, 2018
Evrial is a cryptocoin malware stealer discovered by the researchers at ElevenPaths which takes control of the clipboard to get “easy money”. Evrial is a cryptocoin malware stealer which takes control of the clipboard to get “easy money”. ElevenPaths has taken a deep technical dive into the malware itself, to show how it technically works, […]
Pierluigi Paganini
February 26, 2018
The Data Keeper Ransomware that infected systems in the wild was generated by a new Ransomware-as-a-Service (RaaS) service that appeared in the underground recently. A few days ago a new Ransomware-as-a-Service (RaaS) service appeared in the underground, now samples of the malware, dubbed Data Keeper Ransomware, generated with the platforms are have already been spotted in […]
Pierluigi Paganini
February 25, 2018
Code-signing certificates are precious commodities in the criminal underground, they are used by vxers to sign malware code to evade detection. Other precious commodities in the criminal underground are code-signing certificates, they allow vxers to sign the code for malware to evade detection. Operators of the major black markets in the darknets buy and sell code-signing certificates, but according to […]
Pierluigi Paganini
February 25, 2018
Czech President Milos Zeman wants the Russian hacker Yevgeni Nikulin to be extradited to Russia instead of the US, he is charged with hacking against social networks and frauds. Yevgeni Nikulin (29) was requested by the US for alleged cyber attacks on social networks and by the Russian authorities that charged him with frauds. According […]
Pierluigi Paganini
February 24, 2018
SamSam Ransomware hit the Colorado DOT, The Department of Transportation Agency Shuts Down 2,000 Computers after the infection. SamSam ransomware made the headlines again, this time it infected over 2,000 computers at the Colorado Department of Transportation (DOT). The DOT has shut down the infected workstations and is currently working with security firm McAfee to restore the ordinary […]
Pierluigi Paganini
February 24, 2018
The FBI is warning of a spike in phishing campaigns aimed to steal W-2 information from payroll personnel during the IRS’s tax filing season. The FBI has observed a significant increase since January of complaints of compromised or spoofed emails involving W-2 information. “Beginning in January 2017, IRS’s Online Fraud Detection & Prevention (OFDP), which monitors for […]
Pierluigi Paganini
February 23, 2018
Security experts from GoSecure, hackers are launching SSH brute-force attacks on poorly secured Linux servers to deploy a backdoor dubbed Chaos backdoor. “This post describes a backdoor that spawns a fully encrypted and integrity checked reverse shell that was found in our SSH honeypot,” states the report published by GoSecure. “We named the backdoor ‘Chaos’, following the name […]
Pierluigi Paganini
February 23, 2018
Researchers at Fortinet have discovered the OMG botnet, the first Mirai variant that sets up proxy servers on the compromised IoT devices. A new variant of the infamous Mirai botnet appeared in the threat landscape, it was discovered by researchers at Fortinet that referred it as OMG because of strings containing “OOMGA” in the configuration table. […]
Pierluigi Paganini
February 22, 2018
Cloud security firm RedLock discovered that hackers have compromised the Tesla cloud computing platform to mine cryptocurrency. Tesla has confirmed that hackers have compromised its cloud computing platform to mine cryptocurrency, after the incident was discovered by cloud security firm RedLock. The hackers have breached the Tesla cloud servers and have installed a crypto currency […]
