Pierluigi Paganini
September 28, 2019
Microsoft researchers observed a campaign delivering malware, dubbed Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft experts observed a malware campaign, tracked as Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft uncovered the campaign in mid-July when noticed patterns in the anomalous usage of MSHTA.exe. Nodersok abuse of legitimate tools also […]
Pierluigi Paganini
September 28, 2019
A series of cyber attacks hit the defense contractors Rheinmetall AG and Defence Construction Canada (DCC) causing the disruption of their information technology systems. This month a series of cyber attack hit defense contractors Rheinmetall AG and Defence Construction Canada (DCC) disrupting their information technology systems. German Rheinmetall AG is a market leader in the supply of military technology, in […]
Pierluigi Paganini
September 27, 2019
IBM researchers observed one of the Magecart groups using a malicious code to inject into commercial-grade layer 7 L7 routers. IBM X-Force Incident Response and Intelligence Services (IRIS) experts observed that one of the Magecart groups, tracked as MG5, is using malware to inject into commercial-grade L7 routers. The experts believe the hackers are likely […]
Pierluigi Paganini
September 27, 2019
Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days after the release of WannaCryFake decryptor. Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days ago the researchers also released a free decryptor for the WannaCryFake ransomware. The Avest ransomware […]
Pierluigi Paganini
September 26, 2019
Security expert Troy Mursch of Bad Packets reported that a botnet is exploiting the recently disclosed vBulletin exploit to block other attackers from also using it. The security expert Troy Mursch observed a botnet that it utilizing the recently disclosed vBulletin exploit to secure vulnerable servers to avoid that can be compromised by other threat actors. […]
Pierluigi Paganini
September 26, 2019
A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts […]
Pierluigi Paganini
September 26, 2019
Researchers at Emsisoft security firm have released a new free decryption tool for the WannaCryFake ransomware. Good news for the vicitms of the WannaCryFake ransomware, researchers at Emsisoft have released a FREE decryption tool that will allow decrypting their data. WannaCryFake is a piece of ransomware that uses AES-256 to encrypt a victim’s files. The […]
Pierluigi Paganini
September 25, 2019
Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. In early August, the expert reported that between […]
Pierluigi Paganini
September 24, 2019
Security experts at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group aimed at political targets. Security researchers at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group (i.e. APT28, Sednit, Sofacy, Zebrocy, and Strontium) aimed at political targets. In the recent attacks, the hackers […]
Pierluigi Paganini
September 24, 2019
Researchers at Yoroi-Cybaze ZLab discovered an interesting drop chain associated with the well-known Aggah campaign. Introduction During our threat monitoring activities, we discovered an interesting drop chain related to the well-known Aggah campaign, the ambiguous infection chain observed by Unit42 which seemed to deliver payloads potentially associated with the Gorgon Group APT. After that, we discovered other malicious activities […]
