malware

Pierluigi Paganini May 17, 2020
Security Affairs newsletter Round 264

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Blue Mockingbird Monero-Mining campaign targets web apps Shiny Hunters group is selling data from 11 companies on the Dark Web Swiss rail vehicle manufacturer Stadler hit by a malware-based attack […]

Pierluigi Paganini May 16, 2020
APT group targets high profile networks in Central Asia

Security firms have foiled an advanced cyber espionage campaign carried out by Chinese APT and aimed at infiltrating a governmental institution and two companies. Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector. The level of sophistication of the […]

Pierluigi Paganini May 16, 2020
QNodeService Trojan spreads via fake COVID-19 tax relief

Experts spotted a new malware dubbed QNodeService that was involved in Coronavirus-themed phishing campaign, crooks promise victims COVID-19 tax relief. Researchers uncovered a new malware dubbed QNodeService that was employed in a Coronavirus-themed phishing campaign. The operators behind the campaign use COVID-19 lure promising victims tax relief. The phishing messages use Trojan sample associated with […]

Pierluigi Paganini May 15, 2020
Russian APT Turla’s COMpfun malware uses HTTP status codes to receive commands

Russia-linked cyberespionage group Turla targets diplomatic entities in Europe with a new piece of malware tracked as COMpfun. Security experts from Kaspersky Lab have uncovered a new cyberespionage campaign carried out by Russia-linked APT Turla that employs a new version of the COMpfun malware. The new malware allows attackers to control infected hosts using a […]

Pierluigi Paganini May 13, 2020
Crooks continues to use COVID-19 lures, Microsoft warns

Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan. Lokibot was already employed in Coronavirus-themed campaigns, early of April, security experts at FortiGuard Labs discovered phishing attacks using alleged messages from the World Health Organization […]

Pierluigi Paganini May 13, 2020
USCYBERCOM shares five new North Korea-linked malware samples

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT, it has uploaded the malicious code to VirusTotal. “On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the […]

Pierluigi Paganini May 12, 2020
Trojan Lampion is back after 3 months

Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file. Trojan Lampion is a malware observed at the end of the year 2019 impacting Portuguese users using template emails from the Portuguese Government Finance & Tax and EDP. The latest campaigns in Portugal were observed […]

Pierluigi Paganini May 12, 2020
Zeus Sphinx continues to be used in Coronavirus-themed attacks

The Zeus Sphinx banking Trojan continues to evolve while receiving new updates it is employed in ongoing coronavirus-themed scams.  IBM security researcher continues to monitor the evolution of the infamous Zeus Sphinx banking Trojan (aka Zloader or Terdot) that receives frequent updates and that was involved in active coronavirus scams.  The Zeus Sphinx banking Trojan is based […]

Pierluigi Paganini May 11, 2020
ATM vendor Diebold Nixdorf suffered a Ransomware attack

ATM maker Diebold Nixdorf discloses a ransomware attack, the good news is that the infection caused only “a limited IT systems outage.” Diebold Nixdorf, one of the major automatic teller machines (ATMs) maker suffered a ransomware attack that caused only “a limited IT systems outage.” The company discloses the security breach but pointed out that […]

Pierluigi Paganini May 11, 2020
STAMINA, a new approach to malware detection by Microsoft, Intel

Microsoft and Intel have devised a new approach to malware detection, dubbed STAMINA, that involves deep learning and the representation of malware as images. STAtic Malware-as-Image Network Analysis (STAMINA) is a new approach to malware detection proposed by Microsoft and Intel. The study is based on a previous work of Intel’s researchers on static malware […]