Pierluigi Paganini
July 17, 2019
One of the latest trends for the attackers is to leverage the ISO files to avoid detection, the technique has also been used in a recent Hawkeye campaign. Introduction As we described in our previous post, one of the latest trends for the attackers is to leverage the ISO files in order to reduce detection chances. […]
Pierluigi Paganini
July 17, 2019
Threat actors used the Extembro DNS-changer Trojan in an adware campaign to prevent users from accessing security-related websites. Security experts at Malwarebytes observed an adware campaign that involved the Extembro DNS-changer Trojan to prevent users from accessing websites of security vendors. “Recently, we uncovered a new DNS-changer called Extenbro that comes with an adware bundler. […]
Pierluigi Paganini
July 17, 2019
Kaspersky researchers revealed that since earlier this year, Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks. Security experts at Kaspersky revealed that the Russia-linked APT group Turla used new variants of the KopiLuwak Trojan in targeted attacks since early 2019. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting […]
Pierluigi Paganini
July 16, 2019
Some of the crooks behind the Dridex Trojan have split from the gang and released a forked version of the BitPaymer ransomware dubbed DoppelPaymer. Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. The group that is known for the distribution of the Dridex Trojan and the Locky ransomware, has released other pieces of […]
Pierluigi Paganini
July 15, 2019
On July 6, a ransomware attack brought down government computer systems at La Porte County, Indiana, finally, the county decided to pay $130,000 ransom. On July 6, a ransomware attack paralyzed the computer systems at La Porte County, Indiana, according to County Commission President Dr. Vidya Kora, employees were not able to access to any […]
Pierluigi Paganini
July 15, 2019
Security experts at Emsisoft released a new decryptor, it could be used for free by victims of the Ims00rry ransomware to decrypt their files. Thanks to the experts at Emsisoft the victims of the Ims00rry ransomware can decrypt their files for free. The Ims00rry ransomware used AES-128 algorithm for the encryption process. Unlike most of the […]
Pierluigi Paganini
July 14, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Croatia government agencies targeted with news SilentTrinity malware Customers of 7-Eleven Japan lost $500,000 due to a flaw in the mobile app Hackers compromised a Canonical GitHub account, Ubuntu […]
Pierluigi Paganini
July 13, 2019
The Magecart continues to target websites worldwide, it infected over 17,000 domains by targeting improperly secured Amazon S3 buckets. The Magecart gang made the headlines again, according to a new report published by RiskIQ, it has infected over 17,000 domains by targeting improperly secured Amazon S3 buckets. A few days ago, security experts at Sanguine Security have […]
Pierluigi Paganini
July 12, 2019
A new variant of the implements a unique protocol to communicate with Command and Control infrastructure A new variant of the Miori botnet uses a unique protocol to communicate with C&C infrastructure, it implements a protection mechanism to access the login panel. The Miori bot borrows the code from the dreaded Mirai malware. it first […]
Pierluigi Paganini
July 12, 2019
Exclusive – Malware researchers at Yoroi-Cybaze ZLab have released a free decryptor tool for the Loocipher Ransomware. Ransomware continues to be an easy way to monetize the criminal efforts and for this reason new malware appear in the threat landscape. Loocipher is a new threat that is rapidly spreading, its functionalities are pretty straight forward […]
