Cyber Crime

Pierluigi Paganini January 08, 2017
Crooks target UK schools with ‘Department of Education’ ransomware

Action Fraud is warning of ‘Department of Education’ ransomware, crooks are posing government officials to trick people into installing ransomware. This is a story of another string of cyber attacks that leverage ransomware to compromise victims’ machines. Cyber criminals are targeting schools in the UK, asking victims to pay up to ÂŁ8,000 to unlock data […]

Pierluigi Paganini January 07, 2017
China-Linked DragonOK APT Group continues updating tools and tactics

The China-linked DragonOK continues updating tools and tactics and targeted entities in various countries, including Russia and Tibet. It was September 2014, when security researchers at FireEye spotted for the first time the cyber espionage activities of a Chinese state-sponsored group dubbed DragonOK. At the time, FireEye discovered two hacking campaigns conducted by distinct groups operating in separate regions […]

Pierluigi Paganini January 06, 2017
A fake Super Mario Run for Android is serving the Marcher Banking Trojan

Zscaler experts have found in the wild a fake version of the Super Mario Run Android App that could install the Android Marcher banking trojan. Bad news for mobile gamers, security experts at Zscaler have spotted a strain of the Android Marcher Trojan masqueraded as the recently released Super Mario Run mobile game for Apple’s iOS. Marcher is a sophisticated banking […]

Pierluigi Paganini January 06, 2017
The Plone community claims the FBI hack is a fake, it’s a mystery

CyberZeist claims that he hacked the FBI’s website exploiting a zero-day flaw in Plone, but the Plone security team declared the FBI hack is a hoax. Security Affairs was probably the first blog to spread the news of the alleged FBI hack. I was contacted by the notorious hacker CyberZeist, he is very popular in the […]

Pierluigi Paganini January 05, 2017
FireCrypt comes as a malware building kit and includes DDoS code

Recently experts from MalwareHunterTeam discovered FireCrypt ransomware, a threat that comes as a malware building kit and includes DDoS code. Ransomware has become one of the fastest growing threats, new malware implements sophisticated features to avoid detection and rapidly spread among the greatest number of machines. Recently experts from MalwareHunterTeam discovered a new strain of ransomware dubbed FireCrypt, […]

Pierluigi Paganini January 04, 2017
FBI website hacked by CyberZeist and data leaked online

The notorious black hat hacker CyberZeist (@cyberzeist2) has broken into the FBI website FBI.gov and leaked data on Pastebin. The notorious black hat hacker CyberZeist (@cyberzeist2) has broken into the FBI website FBI.gov  and leaked data on Pastebin. The hacker leaked the FBI.GOV accounts that he found in several backup files (acc_102016.bck, acc_112016.bck, old_acc16.bck, etc). […]

Pierluigi Paganini January 04, 2017
Hacker held open MongoDB databases for ransom

A mysterious hacker is breaking into unprotected MongoDB databases, stealing their content, and asking for a ransom to return the data. Co-founder of the GDI Foundation Victor Gevers is warning of poor security for MongoDB installations in the wild. The security expert has discovered 196 instances of MongoDB that were wiped by crooks and being held for […]

Pierluigi Paganini December 30, 2016
Sundown Exploit Kit now leverages on the steganography

A new variant of the Sundown exploit kit leverages on steganography to hide exploit code in harmless-looking image files. Security experts from Trend Micro have spotted a new version of the Sundown exploit kit that exploits steganography in order to hide malicious code in harmless-looking image files. The use of steganography was recently observed in the malvertising campaigns conducted […]

Pierluigi Paganini December 29, 2016
The OSCE organization was victim of a major cyber attack

The Organization for Security and Co-operation in Europe (OSCE) confirmed to have suffered suffer a “major” cyber attack. Hackers targeted the Organisation for Security and Cooperation in Europe (OSCE), the news was confirmed on Wednesday by a spokeswoman for the organization. The OSCE is a security and human rights watchdog, clearly the attack is part of […]

Pierluigi Paganini December 29, 2016
InterContinental Hotels investigating a possible card breach

The company InterContinental Hotels Group (IHG) confirmed an ongoing investigation of alleged card breach at some of its properties. The notorious investigators Brian Krebs was informed of a possible security breach at the hotel company InterContinental Hotels Group (IHG). Krebs received the news of the alleged card breach by his sources in the financial industry. According […]