Malware

Pierluigi Paganini April 12, 2016
Atmos, the Citadel Trojan successor is in the wild

Security experts from the Heimdal Security firm are issuing an alert on the Atmos malware which is the successor of the dreaded Citadel Trojan. Months ago, the author of the dreaded Citadel malware was sentenced to prison, but in the same period, a new improved variant resurged in the wild. The new strain of Citadel malware, called […]

Pierluigi Paganini April 12, 2016
How to restore files encrypted by the Petya ransomware in less than 7 seconds

Security Researchers have developed a decryption tool to restore the files encrypted by the Petya ransomware with a key generated in less than 10 seconds. Security researchers have analyzed the code of Petya ransomware in order to devise a method to allow victims to restore encrypted files. The experts have been able to develop a decryption tool […]

Pierluigi Paganini April 10, 2016
Be careful products sold on Amazon are infected with malware

Beware, even things on Amazon come with embedded malware… this is the disconcerting discovery made by the expert Mark Olsen. The security expert Mike Olsen warned about the presence of malware in products sold through the Amazon service. Olsen was searching for outdoor surveillance cameras on Amazon for a friend’s home. He has found an interesting offer […]

Pierluigi Paganini April 10, 2016
Security experts shut down the dreaded Linux Mumblehard botnet

Researchers and law enforcement in a joint effort shut down the Mumblehard botnet composed of more than 4000 Linux machines. Security experts have shut down a spam botnet, known as Mumblehard, composed of more than 4,00o Linux machines. In May 2015, researchers from ESET revealed the sophisticated Mumblehard spamming malware infected thousands of Linux and FreeBSD servers going […]

Pierluigi Paganini April 08, 2016
Adobe fixes CVE-2016-1019 Zero-Day exploited to serve ransomware

Cyber criminals are exploiting the Flash player zero-day vulnerability (CVE-2016-1019) affecting Flash Player 21.0.0.197 and earlier disclosed by Adobe. Cyber criminals are already exploiting the Flash player zero-day vulnerability (CVE-2016-1019) affecting Flash Player 21.0.0.197 and earlier (CVE-2016-1019) disclosed by Adobe this week. Researchers at security firm Proofpoint confirmed that cyber gangs are exploiting it to distribute a ransomware dubbed Cerber. […]

Pierluigi Paganini April 07, 2016
TA530 group, spear phishing meets ransomware

A threat actor named TA530 group, has been targeting executives in an attempt to infect their machine with various malware, including ransomware. Ransomware continues to represent one of the greatest threat for the Internet users, the FBI recently issued a confidential urgent “Flash” message to the businesses and organizations about the Samsam Ransomware. Security firms […]

Pierluigi Paganini April 04, 2016
Why malware like the Samsam ransomware are so dangerous for hospitals?

The FBI issued a confidential urgent “Flash” message to the businesses and organizations about the Samsam Ransomware, why it is so dangerous? It is emergency, every week security experts launch an alert on a new ransomware, the extortion practice is becoming a profitable business for criminal gangs worldwide. Recently the US and Canada issued a joint warning about the recent […]

Pierluigi Paganini April 02, 2016
F-Secure provides more details on the Petya ransomware

The best way to address a threat is to know it so security experts at F-Secure shared a detailed analysis on the new Petya ransomware. Several days ago, I wrote about a new singular Ransomware dubbed Petya that captured the attention of security experts because it causes a blue screen of death (BSoD) by overwriting the MBR. Now […]

Pierluigi Paganini April 01, 2016
The dangerous interaction between Russian and Brazilian cyber criminal underground

Kaspersky has analyzed the interaction between the Russian and Brazilian criminal underground communities revealing a dangerous interaction. In the past weeks, we have analyzed the evolution of cyber criminal communities worldwide, focusing on illicit activities in the Deep Web. To simplify the approach we have considered the principal cyber criminal communities (Russia, Brazil, North America, Japan, China, Germany) as separated entities, instead, these ecosystems interact […]

Pierluigi Paganini March 31, 2016
The Linux Remaiten malware is building a Botnet of IoT devices

Experts from the ESET firm have spotted a new threat in the wild dubbed Remaiten that targets embedded systems to recruit them in a botnet. ESET is actively monitoring malicious codes that target IoT systems such as routers, gateways and wireless access points, rather than computers or smartphones. Security researchers from ESET have discovered a new threat dubbed KTN-RM or Remaiten that targets Internet […]