Cyber Crime

Pierluigi Paganini November 15, 2016
CrySis ransomware decryption keys published online

The decryption keys for the CrySis ransomware were posted online on the BleepingComputer.com forum by a user known as crss7777. Good news for the victims of the CrySis ransomware, on Sunday the master decryption keys were released to the public. Security experts from Kaspersky Lab have already included the decryption keys in the Rakhni decryptor allowing victims […]

Pierluigi Paganini November 14, 2016
The hacker Kapustkiy continues to target embassies and universities

The hacker Kapustkiy is back and breached another embassy and two universities. He leaked data on Pastebin. The security pentester who goes online with the moniker Kapustkiy continues to target organizations and embassies across the world. Recently he breached the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), while a few days ago the hacker and his friend Kasimierz (@Kasimierz_) hacked the Indian Embassies in […]

Pierluigi Paganini November 13, 2016
AdultFriendFinder company data breach exposes 412 million accounts

The company that owns AdultFriendFinder and other adult websites has been hacked, data breach exposes 412 million accounts making this the largest 2016 hack Almost every account password was cracked, thanks to the company’s poor security practices. Even “deleted” accounts were found in the breach. A new massive data breach is in the headlines, the […]

Pierluigi Paganini November 13, 2016
BlackNurse attack, how to knock big servers offline with a laptop

BlackNurse attack allows to power massive DDoS attacks that are able to knock large servers offline with limited resources. Researchers discovered a simple method, called BlackNurse attack, to power massive DDoS attacks that could allow lone attackers to knock large servers offline with limited resources. “This attack is not based on pure flooding of the internet connection, […]

Pierluigi Paganini November 13, 2016
Pawn Storm APT conducted spear-phishing attacks before zero-days was fixed

The Pawn Storm APT group exploited some zero-days vulnerabilities in targeted attacks across the world before they get patched. The Pawn Storm APT group, also known as APT28 and Fancy Bear, exploited some zero-days flaw in targeted attacks before they get patched. The threat actors powered spear phishing attacks between the discovery of the zero-days […]

Pierluigi Paganini November 12, 2016
Cozy Bear targets NGOs and Think Tanks in post-election attacks

Cozy Bear launched new spear-phishing attacks against US policy think-tanks aiming to infect their systems with a malware. Trump is the new US President, a few hours after he won the election, a hacking crew powered several spear-phishing attacks against US policy think-tanks aiming to infect their systems with a malware. The security experts believe […]

Pierluigi Paganini November 11, 2016
For the first time massive DDoS attacks hit Russian banks in 2016

A number of prolonged DDoS attacks hit at least five Russian banks this week and experts suspect the involvement of the Mirai Botnet once again. A wave of DDoS attacks hit at least five Russian banks with prolonged DDoS attacks this week. Among the victims of the DDoS attacks against the online banking services there […]

Pierluigi Paganini November 11, 2016
Telecrypt ransomware abuses Telegram Messenger’s communication protocol

Telecrypt ransomware is a new malware that abuses the instant messaging service Telegram for command and control (C&C) communications. Security experts from Kaspersky Lab have spotted a new Ransomware, called Telecrypt (Trojan-Ransom.Win32.Telecrypt), that abuses the Telegram instant messaging service for communications with command and control (C&C). The Delphi-written Trojan, which is currently targeting only Russian users, it exploits […]

Pierluigi Paganini November 09, 2016
Malvertising campaign delivered Android Svpeng Trojan via a zero-day in Chrome

Kaspersky discovered a new strain of the Svpeng Trojan delivered through popular news websites using Google’s AdSense via a zero-day in Chrome. Crooks exploited a Chrome Zero-Day vulnerability to deliver the Android Svpeng Trojan to Android users via Google AdSense. The Svpeng Trojan is not a new threat, it was first spotted by Kaspersky Lab in July 2013 when threat […]

Pierluigi Paganini November 09, 2016
What does a DDoS with everyday life? DDoS knocks out building control systems in Finland

The residents in two apartment buildings Finland faced more that a week of serious problem due to a DDoS attack that targeted the building control systems. What does a DDoS with everyday life? The recent attack against the Dyn DNS service powered by an IoT botnet demonstrated the weakness of modern society to cyber threats. Anyway, to better explain […]