Malware Archives - Page 331 of 490

Pierluigi Paganini June 07, 2018

VPNFilter malware now targets new devices, even behind a firewall

The VPNFilter botnet now targeting new devices from other vendors, including ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. The VPNFilter botnet is worse than initially thought, according to a new report published by Cisco Talos Intelligence group, the malicious code is now targeting ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE “First, we have determined that additional devices are […]

Pierluigi Paganini June 07, 2018

Prowli Operation – Crooks already compromised over 40,000 servers and IoT Devices

Crooks have infected over 40,000 web servers, modems, and other IoT devices with the Prowli malware as part of a cryptocurrency mining campaign and to redirect victims to malicious sites. The Prowli malware was spotted by researchers at GuardiCore, attackers composed the huge botnet by exploiting known vulnerabilities and brute-force attacks. This campaign, dubbed Operation Prowli, […]

Pierluigi Paganini June 06, 2018

It’s not a joke, Owari botnet operators used root as username and password to access a C&C

Security expert Ankit Anubhav discovered a Command and Control server for the Owari botnet protected with weak credentials. An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server. Security expert Ankit Anubhav from Newsky Security discovered an IoT botnet that was controlled by […]

Pierluigi Paganini June 05, 2018

The author of the Sigrun Ransomware decrypts Russian victims’ files for free

The author of the Sigrun Ransomware is providing the decryption key to Russian victims for free, others have to pay a ransom of $2,500 worth of Bitcoin or Dash for the victims. We have reported several cases where Russian malware authors avoid infecting computers in their country, but the case we are going to discuss is […]

Pierluigi Paganini June 05, 2018

Iron cybercrime group uses a new Backdoor based on HackingTeam’s RCS surveillance sw

Security experts at security firm Intezer have recently discovered backdoor, associated with the operation of the Iron cybercrime group, that is based on the leaked source code of Remote Control System (RCS). The Remote Control System (RCS) is the surveillance software developed by the HackingTeam, it was considered a powerful malware that is able to infect also mobile […]

Pierluigi Paganini June 03, 2018

Imperva’s research shows 75% of open Redis servers are infected

According to the security experts at Imperva firm, three open Redis servers out of four are infected with malware. The discovery is the result of analysis conducted by running Redis-based honeypot servers for some months. Since their initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, the experts from Imperva have discovered a new […]

Pierluigi Paganini June 03, 2018

Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit

Cyber criminals recently added the code for the CVE-2018-8174 Internet Explorer zero-day vulnerability to the infamous RIG exploit kit. Crooks recently added the code for an Internet Explorer zero-day vulnerability to the infamous RIG exploit kit. The Internet Explorer zero-day vulnerability, tracked as CVE-2018-8174, was first discovered a few weeks ago, it affects VBScript implemented in Internet Explorer and Microsoft […]

Pierluigi Paganini June 02, 2018

Experts believe the botmaster of the VPNFilter is attempting to resume the botnet

Experts from security firms GreyNoise Intelligence and JASK believe that the threat actor behind the VPNFilter is now attempting to resume the botnet with a new wave of infections. A week ago security experts and law enforcement bodies reported the existence of a huge Russia-linked botnet tracked as VPNFilter. The botnet infected over 500,000 routers and […]

Pierluigi Paganini June 01, 2018

Crooks expand the original Mirai botnet code base with new capabilities and improvements

Cybercriminals continue to improve the infamous Mirai botnet by adding new exploits and functionalities, experts warn new dangerous variant will appear in the wild. According to Netscout’s Arbor Security Engineering and Response Team (ASERT), cybercriminals continue to improve the dreaded Mirai IoT botnet by adding new exploits and functionalities. The time to market of new Mirai botnet […]

Pierluigi Paganini June 01, 2018

North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks

A North Korea-linked APT group, tracked as Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities. According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it already exploited ActiveX vulnerabilities in past attacks The attackers exploited at […]

Malware

VPNFilter malware now targets new devices, even behind a firewall

Prowli Operation – Crooks already compromised over 40,000 servers and IoT Devices

It’s not a joke, Owari botnet operators used root as username and password to access a C&C

The author of the Sigrun Ransomware decrypts Russian victims’ files for free

Iron cybercrime group uses a new Backdoor based on HackingTeam’s RCS surveillance sw

Imperva’s research shows 75% of open Redis servers are infected

Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit

Experts believe the botmaster of the VPNFilter is attempting to resume the botnet

Crooks expand the original Mirai botnet code base with new capabilities and improvements

North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

Hackers weaponize Shellter red teaming tool to spread infostealers

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Malware

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!