Pierluigi Paganini
June 06, 2018
Security expert Ankit Anubhav discovered a Command and Control server for the Owari botnet protected with weak credentials. An IoT botnet has been commandeered by white hats after its controllers used a weak username and password combination for its command-and-control server. Security expert Ankit Anubhav from Newsky Security discovered an IoT botnet that was controlled by […]
Pierluigi Paganini
June 05, 2018
A security researcher discovered email addresses and hashed passwords of roughly 92.3 million Myheritage users stored on a private server outside the company. The huge trove of data was contained in a file named “,” according to the experts the information is authentic and comes from Myheritage. “Today, June 4, 2018 at approximately 1pm EST, MyHeritage’s Chief […]
Pierluigi Paganini
June 05, 2018
The author of the Sigrun Ransomware is providing the decryption key to Russian victims for free, others have to pay a ransom of $2,500 worth of Bitcoin or Dash for the victims. We have reported several cases where Russian malware authors avoid infecting computers in their country, but the case we are going to discuss is […]
Pierluigi Paganini
June 05, 2018
Two months after the release of the security updates for the drupalgeddon2 flaw, experts continue to see vulnerable websites running on flawed versions of Drupal that hasn’t installed security patches. In March, the Drupal developers Jasper Mattsson discovered a “highly critical” vulnerability, tracked as CVE-2018-7600, aka drupalgeddon2, affecting Drupal 7 and 8 versions. Both Drupal 8.3.x and 8.4.x are […]
Pierluigi Paganini
June 05, 2018
Security experts at security firm Intezer have recently discovered backdoor, associated with the operation of the Iron cybercrime group, that is based on the leaked source code of Remote Control System (RCS). The Remote Control System (RCS) is the surveillance software developed by the HackingTeam, it was considered a powerful malware that is able to infect also mobile […]
Pierluigi Paganini
June 03, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · A bug in T-Mobile site allowed anyone see any customers account details · […]
Pierluigi Paganini
May 29, 2018
Group-IB has released a new report on Cobalt group’s attacks against banks and financial sector organizations worldwide after the arrest of its leader. Threat intelligence firm Group-IB published an interesting report titiled “Cobalt: Evolution and Joint Operations” on the joint operations of Cobalt and Anunak (Carbanak) groups after the arrest of the leader in March 2018. Researchers reported that […]
Pierluigi Paganini
May 28, 2018
The cybersecurity experts Marco Ramilli analyzed a new sample of malware dubbed MalHide that implements a quite new attack path to use the compromised system as eMail relay in order to hide the attacker networks. Today I’d like to share an interesting (at least to me) analysis on a given sample. I have called this sample MalHide but […]
Pierluigi Paganini
May 28, 2018
Malware researchers from FireEye recently noticed an interesting ongoing activity involving the infamous RIG Exploit Kit (EK) to deliver the Grobios Trojan. Security experts highlighted several times the decline of the exploit kit activity after the disappearance of the Angler and Nuclear exploit kits in 2016. Anyway, researchers at FireEye periodically observe significant developments in this […]
Pierluigi Paganini
May 27, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · Experts propose a new variation of the Spectre attack to recover data from […]
Security / December 19, 2025
