malware

Pierluigi Paganini April 17, 2020
A Brand New Ursnif/ISFB Campaign Targets Italian Organizations

Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe.   Recently, we have identified a new variant that is targeting Italian organizations. The malspam messages use […]

Pierluigi Paganini April 17, 2020
Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also […]

Pierluigi Paganini April 17, 2020
Syria-linked APT group SEA targets Android users with COVID19 lures

Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. The campaign aimed at users in Syria and surrounding regions was spotted by experts from mobile security firm […]

Pierluigi Paganini April 16, 2020
Shipping giant MSC discloses a malware-based attack

The shipping giant Mediterranean Shipping Company (MSC) was victim of a malware-based attack that caused an outage recently. The shipping giant Mediterranean Shipping Company (MSC) discloses a malware-based attack that took place on April 10. The incident affected the company’s data center and took down its website, msc.com, and its myMSC customer and vendor portal. “The […]

Pierluigi Paganini April 16, 2020
U.S. offers up to $5 Million rewards for info on North Korea-linked operations

The United States agencies released a joint advisory warning of ‘significant cyber threat’ posed by North Korea-linked hackers to the global financial sector. The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released a joint advisory that is warning organizations worldwide about the ‘significant cyber threat’ posed by the North Korean nation-state […]

Pierluigi Paganini April 14, 2020
Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Experts from Paloalto Unit 42 published a report that analyzes the cross-section between the various types of Coronavirus-themed attacks aimed at organizations in different industries. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that […]

Pierluigi Paganini April 12, 2020
Coronavirus-themed attacks April 05 – April 11, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from April 05 to April 11, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. April 09 – Phishers […]

Pierluigi Paganini April 12, 2020
Security Affairs newsletter Round 259

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Coronavirus-themed attacks March 29 – April 04, 2020 Experts uncovered hidden behavior in thousands of Android Apps Popular OGUsers hacking forum breached for the second time in a year DarkHotel APT uses VPN zero-day in attacks on Chinese […]

Pierluigi Paganini April 11, 2020
Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. The phishing messages urge victims to install the “update,” but […]

Pierluigi Paganini April 10, 2020
Sophos Sandboxie is now available as an open-source tool

Sophos announced the public release of the source code of the sandbox-based isolation program Sandboxie. Sophos is going to release the Windows sandbox-based isolation program Sandboxie in open source. “Sandboxie has long been a favorite sandbox-based isolation tool since its original release over fifteen years ago. Now this technology will live on in the hands of its […]