Pierluigi Paganini
January 27, 2020
A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. Security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to […]
Pierluigi Paganini
January 21, 2020
In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […]
Pierluigi Paganini
January 20, 2020
Researchers from Cisco Talos discovered a new Trojan named JhoneRAT that was used in targeted attacks against entities in the Middle East. A new Trojan named JhoneRAT appeared in the threat landscape, it is selectively attacking targets in the Middle East by checking keyboard layouts. The malware targets a very specific set of Arabic-speaking countries, […]
Pierluigi Paganini
January 19, 2020
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Google removed 1.7K+ Joker Malware infected apps from its Play Store MageCart attack hit Australia bushfire Donors New Bill prohibits intelligence sharing with countries using Huawei 5G equipment 5G – The Future of Security and Privacy in Smart […]
Pierluigi Paganini
January 19, 2020
Attacks on Citrix servers are intensifying, one of the threat actors behind them is patching them and installing its own backdoor to lock out other attackers. Security experts are monitoring a spike in the number of attacks against Citrix servers after that researchers announced the availability online of proof-of-concept exploits for the CVE-2019-19781 flaw in Citrix NetScaler […]
Pierluigi Paganini
January 14, 2020
A group of anonymous security researchers that calls itself Intrusion Truth have tracked the activity of a China-linked cyber–espionage group dubbed APT40. A group of anonymous security researchers that calls itself Intrusion Truth has discovered that a China-linked cyberespionage group, tracked as APT40, uses 13 front companies operating in the island of Hainan to recruit […]
Pierluigi Paganini
January 09, 2020
Researchers at SentinelLabs reported that TrickBot operators used a new PowerShell backdoor in recent attacks aimed at high-value targets. SentinelLabs experts discovered a new PowerShell backdoor used by TrickBot operators in recent attacks aimed at Powershell high-value targets, such as financial institutions. TrickBot is a popular banking Trojan that has been around since October 2016, its […]
Pierluigi Paganini
January 08, 2020
MITRE announced the initial release of a version of its MITRE ATT&CK knowledge base that focuses on industrial control systems (ICS). MITRE’s ATT&CK framework is becoming a standard in cybersecurity community for the classification of attacker behavior. Now the organization is going to propose a knowledge base that focused on ICS systems for its MITRE’s ATT&CK. […]
Pierluigi Paganini
January 08, 2020
A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks. The SNAKE is a new ransomware that is threatening enterprises worldwide along with most popular ransomware families such as Ryuk, Maze, Sodinokibi, LockerGoga, BitPaymer, DoppelPaymer, MegaCortex, LockerGoga. The scary trend sees criminal organizations targeting enterprises, instead of […]
Pierluigi Paganini
January 05, 2020
Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. Synoptek, a California-based provider of IT management and cloud hosting services paid the ransom to decrypt its files following a Sodinokibi ransomware attack. The gang behind the Sodinokibi ransomware has been very active […]
