Reports

Pierluigi Paganini August 02, 2018
Analyzing the Telegram-based Android remote access trojan HeroRAT

Researchers at CSE Cybsec ZLab analyzed shared published their analysis of the Telegram-based Android RAT tracked as HeroRAT. In June, researchers from security firm ESET discovered a new family of Android Remote Administration Tool (RAT), dubbed HeroRAT, that leverages the Telegram BOT API to communicate with the attacker. The use of Telegram API can be considered […]

Pierluigi Paganini August 02, 2018
Amnesty International employee targeted with NSO group surveillance malware

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. The human rights group published a report that provides details on the attack against its employee. The hacker […]

Pierluigi Paganini August 01, 2018
SamSam Ransomware operators earned more than US$5.9 Million since late 2015

The security experts from Sophos have published a report on the multimillion-dollar black market business for crooks, they analyzed the SamSam ransomware case as a case study. The researchers that have tracked Bitcoin addresses managed by the crime gang discovered that crooks behind the SamSam ransomware had extorted nearly $6 million from the victims since December […]

Pierluigi Paganini July 26, 2018
US-CERT warns of ongoing cyber attacks aimed at ERP applications

US-CERT warns of cyber attacks on ERP applications, including Oracle and SAP, and refers an interesting report published by Digital Shadows and Onapsis. US-CERT warns of cyber attacks on Enterprise resource planning (ERP) solutions such as Oracle and SAP, both nation-state actors and cybercrime syndicates are carrying out hacking campaign against these systems. The report published by […]

Pierluigi Paganini July 23, 2018
CSE Malware ZLab – APT-C-27 ’s long-term espionage campaign in Syria is still ongoing

Researchers at CSE Cybsec ZLab analyzed a malicious code involved in a long-term espionage campaign in Syria attributed to a APT-C-27 group. A few days ago, the security researcher Lukas Stefanko from ESET discovered an open repository containing some Android applications.   The folder was found on a compromised website at the following URL: hxxp://chatsecurelite.uk[.]to […]

Pierluigi Paganini July 15, 2018
Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Researchers from the Z-Lab at CSE Cybsec analyzed a new collection of malware allegedly part of a new espionage campaign conducted by the APT28 group. It was a long weekend for the researchers from the Z-Lab at CSE Cybsec that completed the analysis a number of payloads being part of a new cyber espionage campaign […]

Pierluigi Paganini July 15, 2018
FBI: Overall BEC/EAC losses between Oct 2013 and May 2018 result in $12 billion

The number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. FBI provided further data related to Email Account Compromise, according to the feds, the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. “Business […]

Pierluigi Paganini July 11, 2018
Do you want penetrate an airport network? An RDP access to internal machine goes for $10 on the dark web.

The access to a system at a major international airport via RDP (Remote Desktop Protocol) could be paid only $10 on the Dark Web. Experts at McAfee have discovered hackers offering RDP access to compromised machines worldwide while analyzing several black markets. The researchers discovered shops offering between 15 to more than 40,000 RDP connections for sale, the largest […]

Pierluigi Paganini July 01, 2018
Security issues in the LTE standard expose billions on mobile users to attacks

Security issues in the LTE mobile device standard could be exploited by persistent attackers to spy on users’ cellular networks and hijack data traffic. A team of from Ruhr-Universität Bochum and New York University Abu Dhabi has discovered some security issues in the LTE mobile device standard that could be exploited by persistent attackers (i.e. intelligence […]

Pierluigi Paganini June 18, 2018
DHS, FBI published a join alert including technical details of Hidden Cobra-linked ‘Typeframe’ Malware

The US DHS and the FBI have published a new joint report that includes technical details of a piece of malware allegedly used by the Hidden Cobra APT. A new joint report published by US DHS and FBI made the headlines, past document details TTPs associated with North Korea-linked threat groups, tracked by the US government as […]