Pierluigi Paganini
October 25, 2019
Experts at Fortinet analyzed NukeSped malware samples that share multiple similarities with malware associated with North Korea-linked APTs. Fortinet has analyzed the NukeSped RAT that is believed to be a malware in the arsenal of the Lazarus North-Korea linked APT group. The attribution to the Lazarus group is based on the similarities with other malware […]
Pierluigi Paganini
October 24, 2019
The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. S The Sweden government is going to authorize law enforcement agencies into using spyware to spy on suspects’ devices, the malicious code allows agents to read encrypted communications, to track their movements, exfiltrate […]
Pierluigi Paganini
October 22, 2019
German company Pilz, one of the world’s biggest producers of automation tools is still down after getting infected by ransomware more than a week ago. German firm Pilz was still down after getting infected by the BitPaymer ransomware more than a week ago, on October 13, 2019. “Since Sunday, October 13, 2019, all servers and […]
Pierluigi Paganini
October 21, 2019
Security experts have a new malware, dubbed skip-2.0 used by the China-linked APT group to establish a backdoor in Microsoft SQL Server systems. Security experts at ESET have discovered a new malware, dubbed skip-2.0, used by the Chinese Winnti cyberespionage group to gain persistence on Microsoft SQL Server systems. The Winnti group was first spotted by […]
Pierluigi Paganini
October 20, 2019
TA505 cybercrime group that operated the Dridex Trojan and Locky ransomware, has been using a new RAT dubbed SDBbot in recent attacks. Security experts at Proofpoint observed the notorious TA505 cybercrime group that has been using a new RAT dubbed SDBbot in recent attacks. The TA505 group, that is known to have operated both the Dridex and Locky malware families, continues […]
Pierluigi Paganini
October 20, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. A new Mac malware dubbed Tarmac has been distributed via […]
Pierluigi Paganini
October 19, 2019
Emsisoft firm has released a new free decryption tool the STOP (Djvu) ransomware, in the last months the research team helped victims of many other threats. STOP (Djvu) ransomware has 160 variants that infected more hundreds of thousands of victims worldwide. Experts estimated a total number of 460,000 victims, that makes this threat the most […]
Pierluigi Paganini
October 18, 2019
The US ingredient provider Ingredion Incorporated announced that it has recently detected suspicious activity associated with a malware attack. The US ingredient provider Ingredion Incorporated revealed to have detected an ongoing malware attack after its experts noticed a suspicious activity this week. Ingredion has hired third-party experts to help its staff in investigating the incident […]
Pierluigi Paganini
October 17, 2019
Researchers at Cyberbit spotted a crypto mining campaign that infected more than 50% of the European airport workstations. Security experts at Cyberbit have uncovered a crypto mining campaign that infected more than 50% of the European airport workstations. European airport systems were infected with a Monero cryptocurrency miner that was linked to the Anti-CoinMiner campaign discovered this […]
Pierluigi Paganini
October 17, 2019
Security experts at Palo Alto Networks discovered a worm dubbed Graboid that spreads using Docker containers. Palo Alto Networks researchers discovered a new Monero miner with wormable capabilities, dubbed Graboid, that spreads using Docker containers. Experts discovered that to target new systems, the Graboid worm periodically queries the C&C for vulnerable hosts, in this way […]
