Cybercrime

Pierluigi Paganini May 20, 2017
Stegano Exploit Kit now uses the Diffie-Hellman Algorithm

The Stegano exploit kit, also known as Astrum, continues to evolve, recently its authors adopted the Diffie-Hellman algorithm to hinder analysis. The Stegano exploit kit made was associated in the past with a massive AdGholas malvertising campaign that delivered malware, mostly Gozi and RAMNIT trojans. Experts at TrendMicro also observed the exploit kit in the Seamless malvertising campaign. “Astrum’s […]

Pierluigi Paganini May 20, 2017
UIWIX, the Fileless Ransomware that leverages NSA EternalBlue Exploit to spread

Security experts discovered a new ransomware family, dubbed UIWIX, that uses the NSA-linked EternalBlue exploit for distribution The effects of the militarization of the cyberspace are dangerous and unpredictable. A malicious code developed by a government could create serious problems for the Internet users, the recent WannaCry massive attack demonstrates it that used the EternalBlue Exploit to […]

Pierluigi Paganini May 18, 2017
Zomato Data breach – Nearly 17 million usernames and hashed passwords stolen

Nearly 17 million Zomato usernames and hashed passwords have been stolen by hackers., the company suspects it is an insider’s job. Nearly 17 million Zomato usernames and hashed passwords have been stolen by hackers. Zomato is the Indian largest online restaurant guide, the company confirmed data breach announcing that hackers have stolen accounts details of […]

Pierluigi Paganini May 17, 2017
Bell Canada hacked, 1.9 million customer account details stolen by hackers

The telco giant Bell Canada was the victim of a security breach that exposed roughly two million customer account details. The long string of data breach continues, while I’m writing about the intrusion in the systems of the technology provider DocuSign, another incident made the headlines, this time the victim is Bell Canada. The company admitted on […]

Pierluigi Paganini May 17, 2017
Some machines can’t be infected by WannaCry because they have been already infected by Adylkuzz

Security experts at ProofPoint security discovered that many machines can’t be infected by WannaCry because they have been already infected by Adylkuzz. The recent WannaCry ransomware attack wasn’t the first to use the NSA-linked EternalBlue and DoublePulsar hacking tools. Proofpoint researchers have discovered that the cryptocurrency miner Adylkuzz, was the first threat that used the EternalBlue exploit to trigger […]

Pierluigi Paganini May 16, 2017
Cyber criminals claim to have stolen the new episode of the Pirates of the Caribbean film saga

Crooks claim have stolen the Walt Disney’s forthcoming Pirates of the Caribbean film and are threatening to release it in 20 minutes chunks. Cybercriminals claim have stolen the Walt Disney’s forthcoming Pirates of the Caribbean film and are threatening to release it online if the company will not pay the ransom. CEO Bob Iger, told a […]

Pierluigi Paganini May 16, 2017
WannaCry – Important lessons from the first NSA-powered ransomware cyberattack

Last Friday, a weaponized version of an NSA exploit was used to infect over two hundred thousand computers in over 150 countries with the WannaCry ransomware. In addition to government ministries and transportation infrastructure, the British National Health Service (NHS) was crippled, disrupting treatment and care for thousands of patients, and putting countless lives at […]

Pierluigi Paganini May 16, 2017
Security experts link WannaCry ransomware to Lazarus Group

In the IT security community several experts start linking the WannaCry ransomware to the Lazarus Group due to similarities in the attack codes. The security researcher at Google Neel Mehta published a mysterious tweet using the #WannaCryptAttribution hashtag. What did he mean? 9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution — Neel Mehta (@neelmehta) May 15, 2017 According […]

Pierluigi Paganini May 15, 2017
It’s Monday, how to avoid being infected with the WannaCry ransomware

The number of victims would rise on Monday when a large number of users will be back at work, then how to protect your systems from the WannaCry ransomware. The massive WannaCry attack targeted systems worldwide, according to the Europol the number of cyber attack hits 200,000 in at least 150 countries. The number of […]

Pierluigi Paganini May 14, 2017
Experts at RedSocks analyzed the massive WannaCry Ransomware attack

Currently we are seeing a large scale WannaCry ransomware outbreak. This ransomware outbreak is more devastating than others because it spreads laterally. Enjoy the RedSocks ‘s analysis. Who does it affect: Any Windows computer without Windows Patch MS17-010. What to do: Apply patch MS17-010 immediately. MS17-010 The key factor in the ‘success’ of this malware strain called […]