Malware

Pierluigi Paganini October 16, 2016
CryPy ransomware uses a unique Key for each encrypted file

Experts from Kaspersky have spotted a new threat in the wild written in Python, the CryPy ransomware that uses a unique key for each. Researcher newly founded “CryPy “ Ransomware written in python has surprised Israeli server for command and control (C&C) communication. In past, we have other ransomware written in python like Zimbra, HolyCrypt, […]

Pierluigi Paganini October 16, 2016
The Mirai botnet is targeting also Sierra Wireless cellular data gear products

Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications products due to Mirai attacks. Sierra Wireless is warning its customers to change factory credentials of its AireLink gateway communications product. The company is aware of a significant number of infections caused by the Mirai malware, a threat specifically designed […]

Pierluigi Paganini October 15, 2016
Android Acecard banking trojan asks users for selfie with an ID card

Experts discovered a new variant of the Android Acecard banking trojan that asks victims to take a selfie while they are holding an ID card. The inventiveness of the criminals is a never ending pit. Recently, a number of organizations announced a new authentication method based on the selfies. For example, HSBC customers can open […]

Pierluigi Paganini October 14, 2016
Exclusive – ELF Linux/NyaDrop, a new IoT threat in the wild

Exclusive: interview made by @unixfreaxjp of MalwareMustDie for Security Affairs about the Linux/NyaDrop. The latest details about this new dangerous IoT malware. After the Krebs DDoS attacks the enrollment of new IoT botnets is going to grow and new large “zombie army” made by of web-ip-cam, DVR/NVR, routers/modems are invading the cyberspace. The evidence of […]

Pierluigi Paganini October 13, 2016
Experts observed several malvertising campaigns deliver Cerber 4.0

Cerber 4.0 is the latest variant of the Cerber ransomware family that is becoming even more common in the malvertising campaign in the wild. Another variant of the notorious Cerber ransomware, the Cerber 4.0, appeared in the wild delivered by several exploit kits, including RIG, Neutrino, and Magnitude EKs. According to the experts from Trend Micro, the Cerber 4.0 first appeared in October […]

Pierluigi Paganini October 12, 2016
DXXD Ransomware, displays legal notice and encrypts files on unmapped network shares

The DXXD ransomware specifically targets servers and is able to encrypt files on network shares even if they haven’t been mapped. Malware continues to evolve, the last threat in order of time that implemented a singular feature is the DXXD ransomware.  The peculiarities of this threat is that it encrypts also file on network shares, even […]

Pierluigi Paganini October 11, 2016
StrongPity APT – Waterhole attacks against Italian and Belgian users

Kaspersky published a report on cyber espionage activities conducted by StrongPity APT that most targeted Italians and Belgians with watering holes attacks. Experts from Kaspersky Lab have published a detailed report on the cyber espionage activities conducted by the StrongPity APT. The group is very sophisticated, its operations leverage on watering holes attacks and malware to target users […]

Pierluigi Paganini October 10, 2016
The fall of the Encryptor RaaS also thanks to Shodan

Law enforcement and security experts have dismantled the Encryptor RaaS architecture by localizing one of its servers with Shodan. Shodan is a search engine for internet-connected devices, it is a precious instrument for IT experts and hackers that use it to find assess systems exposed on the Internet. The information gathered via Shodan could allow attackers […]

Pierluigi Paganini October 09, 2016
Also Spotify in the list of services victim of a malvertising campaign

The users of the free version of the popular Spotify online music service have been served malicious advertisements. Spotify users have been targeted by a malvertising campaign, the malicious advertising served to the victims could automatically open a web browser and redirect victims websites hosting malware. Spotify is a popular online music service that allows its […]

Pierluigi Paganini October 07, 2016
Magecart campaign – Hackers target eCommerce sites with web-based keylogger injection attacks

Researchers have been monitoring a campaign dubbed Magecart that compromised many ecommerce websites to steal payment card and other sensitive data. Researchers have been monitoring a campaign in which cybercriminals compromised many e-commerce websites in an effort to steal payment card and other sensitive information provided by their customers. Security experts from cloud-based security solutions provider […]