Malware

Pierluigi Paganini May 31, 2016
Self-propagating ransomware spreading in the wild

Be careful, Microsoft is alerting all Windows users of a new type of a Self-propagating ransomware that exhibits worm-like behavior to propagate itself. Microsoft is alerting all Windows users of a new type of ransomware that exhibits worm-like behavior. “We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. This […]

Pierluigi Paganini May 30, 2016
Android 6.0 Marshmallow permission-granting model is under attack

Malware researchers are warning Android’s latest permission-granting model in version 6.0 Marshmallow is now been targeted by Mobile malware authors. Android’s latest permission-granting model in version 6.0 Marshmallow is now been targeted by Mobile malware authors. The model  will let users grant permissions only when it is required by the app, rather be accepting all […]

Pierluigi Paganini May 30, 2016
Highly targeted ransomware campaign hit Swedish Telia customers

According to a new analysis published by experts at Heimdal Security a new Ransomware campaign targeted millions by spoofing Telco giant Telia. Ransomware continues to represent one of the most insidious and aggressive cyber threats, a new campaign launched by threat actors in the wild is impersonating the telecom giant Telia. According to the experts at the […]

Pierluigi Paganini May 28, 2016
Wekby APT group leverages DNS requests for C2 communications

PaloAlto Networks has spotted a new campaign conducted by the Wekby APT that leverages on a malware that uses DNS requests for C2 communications. Security experts at Palo Alto Networks have spotted a China-linked APT group that has been using a strain of malware that leverages DNS requests for command and control (C&C) communications. The group […]

Pierluigi Paganini May 27, 2016
A fourth bank hit by SWIFT hackers, are they backed by the DPRK

A fourth Bank in Philippines was a victim of the SWIFT hackers and experts at Symantec confirmed the malware shares code with tools used by the Lazarus group. The list of banks victims of the SWIFT hackers is lengthening, a fourth bank in the Philippines has been a victim of the crew that targeted the SWIFT interbank transfer system. […]

Pierluigi Paganini May 26, 2016
Creators of the Nuclear EK are gaining nearly 100K USD each month

According to security experts at Check Point the creators of the Nuclear EK are gaining nearly 100K USD each month, most victims are in Europe and US. Most people interested working with a cloud business model nowadays, even malware programmers. It is better than just one time selling a security exploit, authors of malware are […]

Pierluigi Paganini May 25, 2016
DMA Locker Ransomware has been significantly improved

Malware authors behind the DMA Locker ransomware have improved the threat is a significant way, now it is ready for a massive distribution. Ransomware represents one of the most worrying cyber threats in the wild, vxers continue to improve their code making hard for victims to defend their systems. Now experts from Malwarebytes researchers are warning […]

Pierluigi Paganini May 24, 2016
Operation Ke3chang, alleged Chinese hackers target Indian Embassies Worldwide

Security experts from PaloAlto Networks collected evidence that the Operation Ke3chang discovered by FireEye in 2013 is still ongoing. Back in 2013, the security researchers at FireEye spotted a group of China-Linked hackers that conducted an espionage campaign on foreign affairs ministries in Europe. The campaign was named ‘Operation Ke3chang,’ now threat actors behind the […]

Pierluigi Paganini May 23, 2016
Cyberespionage against RUAG, from Red October to Turla, who is the culprit?

Security experts from Melani published a detailed technical report about the strain of Turla used in the cyberespionage attack against the RUAG firm. A few weeks ago I reported about the cyber espionage attack on the Swiss Defense Department that was revealed after a presentation on cyber espionage to the Federal Intelligence Service. The cyber attack […]

Pierluigi Paganini May 23, 2016
Magnitude EK authors are integrating exploit code for CVE-2016-4117 Adobe flaw

The authors of the Magnitude exploit kit are integrating the exploit code for the CVE-2016-411 Adobe Flash Player vulnerability. Recently security experts from FireEye detailed the exploit chain for the  Adobe Flaw Vulnerability CVE-2016-4117 that was first spotted by the company earlier May. The CVE-2016-4117 flaw affects older versions of the Adobe Flash, after the disclosure of […]