Pierluigi Paganini
July 18, 2017
The GhostCtrl backdoor, is an OmniRAT-Based Android malware that can spy on victims, steal data and take over Windows System using the RETADUP infostealer. Today’s smartphones are as powerful as the computers of only a few years ago. Unfortunately, that also means that Android phones have as many instances of malware as desktop and laptop […]
Pierluigi Paganini
July 17, 2017
For the second time in a year, a highly critical remote code execution vulnerability was found in the Cisco WebEx Extension. For the second time in a year, a highly critical remote code execution vulnerability, tracked as CVE-2017-6753, was discovered in the Cisco Systems WebEx browser extension for Chrome and Firefox. The vulnerability could be exploited by attackers to […]
Pierluigi Paganini
July 17, 2017
Renato Marinho detailed an unusual SMS phishing campaign that hit Brazilian users. All started with an SMS message supposedly sent from his bank. Introduction Today I faced quite an unusual SMS phishing campaign here in Brazil. A friend of mine received an SMS message supposedly sent from his bank asking him to update his registration […]
Pierluigi Paganini
July 17, 2017
Dating site for cheaters Ashley Madison has agreed to an $11.2 Million settlement for roughly 37 million users affected by the 2015 massive data breach. Dating site for cheaters Ashley Madison has agreed to an $11.2 Million settlement for roughly 37 million users whose personal details were exposed in a massive data breach in 2015. The site was […]
Pierluigi Paganini
July 16, 2017
The number of cyber attacks against ATM involving so-called ‘insert skimmers’ is increasing. Bran Krebs wrote about recent attacks using infrared devices. The number of cyber attacks against ATM involving so-called ‘insert skimmers’ is increasing. Insert Skimmers are wafer-thin fraud devices designed to fit invisibly inside the ATM card slot. Insert Skimmers are able to capture card […]
Pierluigi Paganini
July 16, 2017
The experts from Netskope Threat Research Labs discovered the Hackshit PhaaS platform, another interesting case of crimeware-as-a-service. A few days ago, we discussed the Katyusha scanner,a powerful and fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future that was available for $500 in the cyber crime underground. The Katyusha scanner is just one […]
Pierluigi Paganini
July 15, 2017
Security experts at the SANS Institute discovered that that NemucodAES ransomware and Kovter trojan are being delivered together in spam campaigns. Security experts at the SANS Institute Internet Storm Center, discovered that that two malware families, NemucodAES and Kovter are being delivered together in .zip attachments delivered via active spam campaigns. Security Researcher Brad Duncan […]
Pierluigi Paganini
July 15, 2017
Cisco has fixed nine serious remote code execution flaws in the SNMP subsystem running in all the releases of IOS and IOS XE software. The tech giant publicly disclosed the vulnerability on June 29 and provided workarounds, not it is notifying customers about the availability of security patches. The nine issues, that have been tracked with […]
Pierluigi Paganini
July 14, 2017
A new infostealer malware dubbed Ovidiy Stealer was offered for sale by a Russia-speaking malware developer that goes online with the moniker “TheBottle.” TheBottle has advertised the malware on various cybercrime forums. The Ovidiy Stealer was first spotted in June 2017, according to the experts at security firm Proofpoint the malware is under development and is […]
Pierluigi Paganini
July 14, 2017
A 20 years-old vulnerability in Kerberos, dubbed Orpheus’ Lyre, was parched this week for both Microsoft and Linux distros. A 20 years-old vulnerability in Kerberos was parched this week for both Microsoft and Linux distros. The vulnerability dubbed Orpheus’ Lyre has been found three months ago by Jeffrey Altman, founder of AuriStor, and Viktor Dukhovni and Nicolas Williams from […]
APT / February 05, 2026
