Pierluigi Paganini
February 28, 2018
Security researchers at the firm SiteLock have discovered that hundreds of websites have been infected with the ionCube malware. Security researchers at SiteLock have discovered that hundreds of websites have been infected with malware that masquerades as legitimate ionCube-encoded files. ionCube is an encoding technology used to protect PHP software from being viewed, changed, and run on […]
Pierluigi Paganini
February 28, 2018
Malware researchers at CSE Cybsec – ZLab have analyzed a new variant of Mobef ransomware, a malware that in the past mainly targeted Italian users. Malware researchers at CSE Cybsec – ZLab have analyzed a new variant of Mobef ransomware, that was involved in past attacks against Italian users. I personally obtained the sample by […]
Pierluigi Paganini
February 27, 2018
Security researchers at Morphisec have uncovered a massive hacking campaign that is exploiting the recently patched CVE-2018-4878 Adobe Flash Player vulnerability. Threat actors are exploiting the use-after-free flaw to deliver malware. The CVE-2018-4878 vulnerability was fixed by Adobe on February 6, after security experts discovered it was used by North Korea-linked APT37 group in targeted […]
Pierluigi Paganini
February 27, 2018
Evrial is a cryptocoin malware stealer discovered by the researchers at ElevenPaths which takes control of the clipboard to get “easy money”. Evrial is a cryptocoin malware stealer which takes control of the clipboard to get “easy money”. ElevenPaths has taken a deep technical dive into the malware itself, to show how it technically works, […]
Pierluigi Paganini
February 26, 2018
The Data Keeper Ransomware that infected systems in the wild was generated by a new Ransomware-as-a-Service (RaaS) service that appeared in the underground recently. A few days ago a new Ransomware-as-a-Service (RaaS) service appeared in the underground, now samples of the malware, dubbed Data Keeper Ransomware, generated with the platforms are have already been spotted in […]
Pierluigi Paganini
February 25, 2018
Code-signing certificates are precious commodities in the criminal underground, they are used by vxers to sign malware code to evade detection. Other precious commodities in the criminal underground are code-signing certificates, they allow vxers to sign the code for malware to evade detection. Operators of the major black markets in the darknets buy and sell code-signing certificates, but according to […]
Pierluigi Paganini
February 24, 2018
SamSam Ransomware hit the Colorado DOT, The Department of Transportation Agency Shuts Down 2,000 Computers after the infection. SamSam ransomware made the headlines again, this time it infected over 2,000 computers at the Colorado Department of Transportation (DOT). The DOT has shut down the infected workstations and is currently working with security firm McAfee to restore the ordinary […]
Pierluigi Paganini
February 24, 2018
According to malware researchers at Palo alto Networks, the Iran-linked OilRig APT group is now using a new Trojan called OopsIE. The Iran-linked OilRig APT group is now using a new Trojan called OopsIE, experts at Palo Alto Networks observed the new malware being used in recent attacks against an insurance agency and a financial institution in the Middle East. […]
Pierluigi Paganini
February 23, 2018
Security experts from GoSecure, hackers are launching SSH brute-force attacks on poorly secured Linux servers to deploy a backdoor dubbed Chaos backdoor. “This post describes a backdoor that spawns a fully encrypted and integrity checked reverse shell that was found in our SSH honeypot,” states the report published by GoSecure. “We named the backdoor ‘Chaos’, following the name […]
Pierluigi Paganini
February 23, 2018
Researchers at Fortinet have discovered the OMG botnet, the first Mirai variant that sets up proxy servers on the compromised IoT devices. A new variant of the infamous Mirai botnet appeared in the threat landscape, it was discovered by researchers at Fortinet that referred it as OMG because of strings containing “OOMGA” in the configuration table. […]
Cyber Crime / December 08, 2025
