Cybercrime

Pierluigi Paganini November 25, 2016
ImageGate attack – How to spread malware via poisoned .JPG

Security experts from Checkpoint have discovered a new malware-based campaign through Facebook leveraging an image obfuscation trick dubbed ImageGate. Security experts from Checkpoint have discovered a new malware-based campaign through Facebook. Crooks leverage an image obfuscation trick, dubbed ImageGate, to spread the Locky ransomware via Facebook. Experts highlighted that the image obfuscation trick is able to bypass Facebook’s security checks. “Check […]

Pierluigi Paganini November 25, 2016
Crooks steal millions from European ATMs with jackpotting attacks

Criminal gangs like the Cobalt gang are now focusing their efforts on the banks to steal cash directly from the ATMs with jackpotting attacks. Security experts are assisting a change of tactics for the criminal organizations who target the ATMs and online banking credentials. Crooks are now focusing their efforts on the banks in the attempt to […]

Pierluigi Paganini November 23, 2016
WordPress Plugins could expose online shoppers on Black Friday and Cyber Monday

Black Friday and Cyber Monday are upon us, Checkmarx published a report analyzing the security of some of the top WordPress plugins. The Black Friday and the Cyber Monday are upon us and security experts from Checkmarx are questioning the security of some of the top WordPress e-commerce plugins that are currently used in more […]

Pierluigi Paganini November 22, 2016
ESET Crysis decryptor to rescue files encrypted by the Crysis ransomware

ESET security firm has included master decryption keys into a decryption tool that allows rescuing the encrypted files without paying the ransom. Good news for the victims of the Crysis ransomware, ESET security firm has included master decryption keys into a tool that allows rescuing the encrypted files. The decryption keys for the CrySis ransomware were posted online on […]

Pierluigi Paganini November 21, 2016
Watch out, Locky ransomware spread via SVG images on Facebook Messenger

Researchers have discovered a new hacking campaign leveraging on Facebook Messenger to spread the Locky ransomware via SVG images. The Locky Ransomware is spread via a downloader, experts noticed that it is able to bypass Facebook defense measures by pretending to be a harmless  image file. The campaign was first spotted during the weekend by the malware […]

Pierluigi Paganini November 18, 2016
Mirai botnet leverages STOMP Protocol to power DDoS attacks

Cyber criminals are exploiting the capability of the Mirai botnet to use the STOMP Protocol to launch massive DDoS attacks. The Linux Mirai IoT malware is one of the most popular cyber threats in the moment, its botnet was used to power the massive attacks against the Dyn DNS service, OVH, Brian Krebs’ blog, and likely […]

Pierluigi Paganini November 18, 2016
Three Mobile cyber data breach, six million customers’ private data at risk

The UK carrier Three Mobile confirmed a major cyber security breach which could have exposed the personal data of millions of customers. Bad news for the UK carrier Three Mobile, cyber criminals have broken into a company database containing customer personal details, details of possibly six million customers exposed. The news was reported by many […]

Pierluigi Paganini November 17, 2016
The Carbanak gang is now targeting the hospitality industry

The notorious Carbanak cybercrime gang is now changing strategy and it is targeting the hospitality and restaurant industries. The notorious Carbanak cybercrime gang that allegedly stole $1 billion from financial institutions worldwide is now changing strategy and target and it is targeting the hospitality and restaurant industries. “In the last month Trustwave was engaged by two separate hospitality clients, and one […]

Pierluigi Paganini November 17, 2016
CryptoLuck Ransomware spread through the RIG-E Exploit Kit

CryptoLuck ransomware is a new strain of malware discovered by the researcher Kafeine, that is being distributed via the RIG-E exploit kit. The notorious researcher Kafeine has spotted a new strain of ransomware dubbed CryptoLuck. The malware leverages DLL hijacking and exploits the legitimate GoogleUpdate.exe executable to infect computers. The ransomware appends the .[victim_id]_luck extension to the encrypted […]

Pierluigi Paganini November 15, 2016
CrySis ransomware decryption keys published online

The decryption keys for the CrySis ransomware were posted online on the BleepingComputer.com forum by a user known as crss7777. Good news for the victims of the CrySis ransomware, on Sunday the master decryption keys were released to the public. Security experts from Kaspersky Lab have already included the decryption keys in the Rakhni decryptor allowing victims […]