Pierluigi Paganini
February 03, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Using steganography to obfuscate PDF exploits Aztarna – […]
Pierluigi Paganini
February 02, 2019
Researchers at the CenturyLink Threat Research Labs discovered that the operators of the TheMoon IoT botnet are offering it as a service. Experts at the CenturyLink Threat Research Labs observed a new evolution for the TheMoon IoT botnet, operators added a previously undocumented module that allows them to offer it with a malware-as-a-service model. The […]
Pierluigi Paganini
February 01, 2019
FBI and Air Force experts are sinkholing the Joanap botnet to collect information about it and dismantle the malicious infrastrcuture. The U.S. Justice Department declares war to the Joanap Botnet that is associated with North Korea. The U.S. DoJ announced this week that it is working to dismantle the infamous Joanap botnet, a malicious infrastructure […]
Pierluigi Paganini
February 01, 2019
Security experts at Cybaze– Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Today, weaponized Microsoft office documents with macros, are one of the most common and more effective methods to […]
Pierluigi Paganini
January 31, 2019
Palo Alto Networks discovered a piece of Mac malware dubbed CookieMiner that is targeting browser cookies associated with cryptocurrency exchanges and wallet service websites.. Researchers from Palo Alto Networks discovered a new piece of Mac malware dubbed CookieMiner that steals browser cookies associated with cryptocurrency exchanges and wallet service websites along with other sensitive data. […]
Pierluigi Paganini
January 31, 2019
Cyber security expert Marco Ramilli, founder of Yoroi,discovered a way to spread CSV malware via Google Sheets … but Big G says it is anIntended behavior A .CSV file could be a malware carrier and if interpreted by Microsoft Excel it could become a malware executor ! When I personally saw this technique back in […]
Pierluigi Paganini
January 30, 2019
In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign leveraging the Zepakab Downloader. In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign discovered in January 2019. The sample has been initially identified by an Italian independent security researcher, who warned the InfoSec community and shared the binary for further […]
Pierluigi Paganini
January 26, 2019
Security experts at McAfee have discovered a new malware, dubbed Anatova ransomware, that has been spotted infecting computers worldwide The name Anatova is based on a name in the ransom note that is dropped on the infected systems. The Anatova ransomware outstands for its obfuscation capabilities and ability to infect network shares, it has a […]
Pierluigi Paganini
January 25, 2019
Security experts from Cybaze-Yoroi ZLab investigated two malicious spam campaigns delivering Java RAT that show some similarities. Introduction During the last weeks, the Cybaze-Yoroi ZLab researchers identified infection attempts aimed to install RAT malware directed to the naval industry sector. The malicious email messages contained a particular Adwind/JRat variant delivered via several methods tailored to […]
Pierluigi Paganini
January 25, 2019
Security experts observed two distinct campaigns distributing the Ursnif malware, one of them also delivered the GandCrab ransomware. Experts pointed out that the cybercrime gangs behind the two campaigns are different, but they discovered many similarities in them. Attackers spread phishing messages using weaponized Microsoft Word document and leverages Powershell to deliver fileless malware. Ursnif is a banking […]
