Pierluigi Paganini
September 11, 2019
Malware researchers at Yoroi-Cybaze analyzed the TrickBot dropper, a threat that has infected victims since 2016. Introduction TrickBot it is one of the best known Banking Trojan which has been infecting victims since 2016, it is considered a cyber-crime tool. But nowadays defining it a “Banking Trojan” is quite reductive: during the last years its modularity brought […]
Pierluigi Paganini
September 09, 2019
ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy data. Stealth Falcon is a nation-state actor active since at […]
Pierluigi Paganini
September 09, 2019
The China-linked APT group Thrip is continuing to target entities in Southeast Asia even after its activity was uncovered by Symantec. Experts at Symantec first exposed the activity of the Chinese-linked APT Thrip in 2018, now the security firm confirms that cyber espionage group has continued to carry out attacks in South East Asia. In June […]
Pierluigi Paganini
September 09, 2019
China-linked APT3 stole cyberweapons from the NSA and reverse engineered them to create its arsenal. In 2010, security firm FireEye identified the Pirpi Remote Access Trojan (RAT) which exploited a then 0-day vulnerability in Internet Explorer versions 6, 7 and 8. FireEye named the threat group APT3 which has also been described as TG-0100, Buckeye, […]
Pierluigi Paganini
September 09, 2019
Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. Belarusian police have seized the servers of XakFor (xakfor[.]net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals. The news was first reported by the Belarusian news outlet […]
Pierluigi Paganini
September 08, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Cisco addresses CVE-2019-12643 critical flaw in […]
Pierluigi Paganini
September 08, 2019
Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The spyware is able to steal SMS messages, contact lists and device […]
Pierluigi Paganini
September 07, 2019
A new ransomware tracked as Lilocked (or Lilu) by researchers is actively targeting servers and encrypting the data stored on them. The Lilocked ransomware has already infected thousands of Linux-based web servers since mid-July. The Lilocked ransomware was first reported at the end of July by the popular malware researcher Michael Gillespie after a sample has been uploaded […]
Pierluigi Paganini
September 05, 2019
Another US city was the victim of a ransomware attack, this time crooks hit the city of New Bedford, Massachusetts, asking for $5.3 Million Ransom, but… The systems of New Bedford, Massachusetts, were infected with ransomware and crooks asked for a $5.3 million ransom to decrypt data. The ransom was too high for the city […]
Pierluigi Paganini
September 05, 2019
Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet, including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Court documents revealed that the man suffers from Asperger Syndrome and autism disorder. Schuchman compromised hundreds […]
