Malware

Pierluigi Paganini June 14, 2015
Security Affairs newsletter Round 13– Best of the week from best sources

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from the best sources free for you in your email box. The silent war between black markets in the deep web US Air Force located an ISIS command by analyzing a selfie A quick tour in the hacking black market […]

Pierluigi Paganini June 13, 2015
Duqu 2.0 could have been developed by Israel

Duqu 2.0, the malware that infected systems at Kaspersky could have been designed by Israel, no doubts abou the state-sponsored attack. A few days ago, the security industry was surprised by the discovery of a new strain of the popular Duqu worm, so called Duqu 2.0. The most disconcerting fact related to the discovery of the malware is that Duqu 2.0 […]

Pierluigi Paganini June 10, 2015
Duqu 2.0 the most sophisticated threat ever seen targeted also Kaspersky

Threat actors used a Duqu 2.0 worm in a series of attacks worldwide that also breached the systems at Kaspersky Lab. It is most complex malware ever seen. A new powerful strain of Duqu malware, dubbed Duqu 2.0, appeared in the wild after going dark in 2012. Duqu 2.0 is a very sophisticated agent that exploited a number […]

Pierluigi Paganini June 09, 2015
Vawtrak Uses Tor2Web making hard to track down its servers

Security experts at Fortinet uncovered a new strain of the Vawtrak banking Trojan is implementing an obscuring mechanism based on the Tor2Web service. The authors of the banking Trojan Vawtrak are adopting a new tactic to hide the traffic to its servers,  they are exploiting  the Tor2Web service to masquerade malicious connections. In the past, criminal crews behind […]

Pierluigi Paganini June 08, 2015
Tox ransomware platform builder is now available for sale

The owner of the Tox ransomware builder is offering for sale the platform worried by its popularity. He confirmed that he will pay ransoms to his customers. The owner of the famous Tox ransomware has decided that it was time to sell the platform, this after all popularity reached by its platform. The Tox platform […]

Pierluigi Paganini June 08, 2015
MalumPoS PoS malware used against Hotels and other Industries

Malware researchers at Trend Micro have discovered a news strain of the malumPoS used to target hospitality, food and beverage, and retail industries. Security experts at Trend Micro have discovered a new strain of the MalumPoS malware that was reconfigured to compromise PoS systems based on the OracleÂź MICROSÂź platform. Trend Micro was the first […]

Pierluigi Paganini June 06, 2015
Eataly NYC confirms data breach, customers card data exposed

Eataly NYC confirmed that New York retail location has been victim of a security incident, hackers used a PoS malware to steal customers’s card data. The Italian food market Eataly has confirmed a data breach occurred earlier this year. According investigators the data breach could have exposed data related to payment cards over a four-month period. […]

Pierluigi Paganini June 05, 2015
CryptoWall 3.0 Still Actively Being Spread as a New Campaign is Discovered in-the-wild

A new malicious phishing campaign is spreading CryptoWall ransomware in the wild, the expert Michael Fratello has analyzed it for us. Just a reminder to all — CryptoWall 3.0 is still very much active, with phish tactics that I think are less effective, but who knows; maybe they’re seeing great success with this method.  Personally, […]

Pierluigi Paganini June 03, 2015
APWG Global Phishing Survey – Registered malicious domains increased in H2 2014

The APWG Global Phishing Survey 2H2014 seeks to understand what the phishers are doing, and how, by quantifying the scope of the global phishing problem. The Anti-Phishing Working Group (APWG) has published the “Global Phishing Survey 2H2014“, a report that comes with some interesting numbers on phishing activities. The Global Phishing Survey 2H2014 report states […]

Pierluigi Paganini June 02, 2015
New Rombertik Sample has originated in Nigeria

ThreatConnect has conducted further investigations on the Rombertik malware and traced a malicious sample they analyzed to a Nigeria-based man. Lately Rombertik have been making the headlines of security related news, I wrote on SecurityAffairs about the malware a few weeks ago, last update from security researchers at ThreatConnect is that a new analysis traced […]