malware

Pierluigi Paganini June 13, 2020
TroyStealer – A new info stealer targeting Portuguese Internet users

One of the most recent threats is the info stealer TroyStealer, first shared by Abuse.ch on Twitter, and targeting Portuguese users. The world of cybercrime is changing, and more and more malware variants have spread every day. To keep your system safe, one of the things you can do is following a cyber doctrine focused on […]

Pierluigi Paganini June 13, 2020
COVID-19 themed attacks increase in Brazil, India, and UK

Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […]

Pierluigi Paganini June 12, 2020
Gamaredon group uses a new Outlook tool to spread malware

Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. Reseaerchers from ESET reported that Russia-linked Gamaredon APT has a new tool in its arsenal, it is a module for Microsoft Outlook that creates custom emails with malicious documents and sends […]

Pierluigi Paganini June 12, 2020
City of Knoxville shuts down IT network after ransomware attack

A ransomware attack that targeted the offices of the City of Knoxville, Tennessee, forced to shut down its entire computer network. The city of Knoxville, Tennessee, has shut down its computer network following a ransomware attack. The attack took place in the night between June 10 and June 11, the malware encrypted multiple systems in the […]

Pierluigi Paganini June 10, 2020
Japanese car-maker giant Honda hit by a ransomware attack

Japanese carmaker Honda announced it has been hit by a cyberattack that disrupted its business in several countries. The Japanese carmaker Honda announced that threat actors have compromised the Honda network disrupting its business in several countries. Source informed about the security incident believe Honda’s systems have been infected with SNAKE Ransomware. BleepingComputer reported that […]

Pierluigi Paganini June 08, 2020
Higaisa threat actors targets organizations using Zeplin platform

A Korean threat actor, tracked as Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The Korean threat actor Higaisa, has been using malicious LNK files in recent attacks aimed at organizations that use the Zeplin collaboration platform. The group is believed to be a […]

Pierluigi Paganini June 08, 2020
Stealthworker botnet targets Windows and Linux servers

Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including (i.e. cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, […]

Pierluigi Paganini June 07, 2020
Covid-19 Themed attacks Infographic

This infographic includes interesting data related to the Covid-19 themed attacks observed by security researchers and law enforcement in the past months. [adrotate banner=”9″] [adrotate banner=”12″] Pierluigi Paganini (SecurityAffairs – COVID-19, hacking) [adrotate banner=”5″] [adrotate banner=”13″]

Pierluigi Paganini June 06, 2020
eCh0raix ransomware is back and targets QNAP NAS devices again

eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer […]

Pierluigi Paganini June 05, 2020
New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

ZLab malware researchers analyzed the attack chain used to infect Italian speaking victims with the Netwire malware. Introduction Info stealer malware confirms to be one of the most adopted weapons of cyber actors. One of them is Netwire (MITRE S0198), a multiplatform remote administration tool (RAT) that has been used by criminals and espionage groups […]