Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited some CMS vulnerabilities to upload and execute arbitrary PHP pages used to generate revenues via advertising. In the last days of 2017, researchers at CSE Cybsec observed threat actors exploiting some CMS vulnerabilities to upload […]
Cybersecurity week Round-Up (2018, Week 3) -Let’s try to summarize the most important event occurred last week in 3 minutes. The week started with the discovery of a new variant of the dreaded Mirai Botnet dubbed Okiru, for the first time a malware targets ARC based IoT devices, billions of IoT devices are potentially at […]
The Samsam Ransomware made the headlines in the first days of 2018, the malicious code infected systems of some high-profile targets, including a hospital that paid a $55,000 ransom. The SamSam ransomware is an old threat, attacks were observed in 2015 and the list of victims is long, many of them belong to the healthcare industry. […]
Threat actors with a deep knowledge of the Fiscal Italian ecosystem are using a huge botnet to target Italian companies and Ministry of the Interior. On Januaty 18 a colleague of mine (Luca) called me telling a malicious email was targeting Italian companies. This is the beginning of our new analysis adventure that Luca and […]
Security researchers at Forcepoint have spotted a new spam campaign that is abusing compromised FTP servers as a repository for malicious documents and infecting users with the Dridex banking Trojan. The Dridex banking Trojan is a long-running malware that has been continuously improved across the years. The malicious email campaign was first noticed by Forcepoint on January 17, 2018, the […]
North Korean hackers belonging to the North Korea Group 123 have conducted at least six different massive malware campaigns during 2017. North Korean hackers have conducted at least six different massive malware campaigns during 2017, most of them against targets in South Korea. Security researchers from Cisco’s Talos group who have monitored the situation for 12 […]
Security experts from FireEye have spotted a new strain of the Zyklon malware that has been delivered by using new vulnerabilities in Microsoft Office. Researchers at FireEye reported the malware was used in attacks against organizations in the telecommunications, financial, and insurance sectors. Zyklon has been spotted for the first time in 2016, it is a publicly available […]
The Skygofree spyware analyzed by Kaspersky today was first spotted by the researcher Lukas Stefanko and the first analysis was published last year by the CSE Cybsec ZLab. Security researchers at Kaspersky Lab have made the headlines because they have spotted a new strain of a powerful Android spyware, dubbed Skygofree, that was used to gain full control […]
A new variant of the infamous disk-wiper malware KillDisk has been spotted by malware researchers at Trend Micro while targeting financial organizations in Latin America. A new variant of the infamous disk-wiper malware KillDisk has been spotted by malware researchers at Trend Micro. This variant of KillDisk, tracked as TROJ_KILLDISK.IUB, was involved in cyber attacks against financial […]
Researcher @unixfreaxjp spotted the first time ever in the history of computer engineering a Linux malware designed to infect ARC CPU, this new Linux ELF malware was dubbed MIRAI OKIRU. In August 2016 the researcher @unixfreaxjp from @MalwareMustDie team first spotted the dreaded Mirai botnet, now the same researcher is announcing a new big earthquake in the malware […]