Pierluigi Paganini
September 04, 2019
Malware researchers at Yoroi-Cybaze ZLab have analyzed the fourth version of the infamous JSWorm Ransomware. Introduction The ransomware attacks have no end. These cyber weapons are supported by a dedicated staff that constantly update and improve the malware in order to make harder detection and decryption. As the popular GandCrab, which was carried on up […]
Pierluigi Paganini
September 03, 2019
Marco Ramilli explained MBR works and how is it possible to write a bootloader program, this skill will help you to analyze next BootLoader Malware. From time to time we might observe special Malware storing themselves into a MBR and run during the booting process. Attackers could use this neat technique to infect and to mess-up your […]
Pierluigi Paganini
September 02, 2019
Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The popular researcher Larry Cashdollar, from Akamai SIRT, announced in exclusive to The Register, that he observed a miner that previously hit only Arm-powered IoT devices targeting Intel systems. The researchers revealed that one […]
Pierluigi Paganini
September 01, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! 80 defendants charged with participating in […]
Pierluigi Paganini
September 01, 2019
Attackers are using Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via camouflaged as PDF documents. Security experts at Cofense uncovered a malspam campaign the leverages Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via executables camouflaged as PDF documents. TrickBot is a popular banking Trojan that has been around […]
Pierluigi Paganini
August 31, 2019
Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. Experts noticed that most of the devices targeted by the bot are Android […]
Pierluigi Paganini
August 30, 2019
The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data. PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe. DDS Safe, is a HIPAA Compliant 3 layered online dental […]
Pierluigi Paganini
August 30, 2019
Security experts at Kaspersky have spotted a new Android remote access tool (RAT) dubbed BRATA used to spy on Brazilian users. Security experts at Kaspersky have discovered a new Android remote access tool (RAT), tracked as BRATA (the name comes from ‘Brazilian RAT Android’), that was used to spy on Brazilian users. The BRATA RAT […]
Pierluigi Paganini
August 28, 2019
The French police force, National Gendarmerie, announced to have neutralized the Retadup malware on over 850,000 computers taking over its C2 server. The French police force, National Gendarmerie, announced the successful takedown of a huge RETADUP botnet after it has taken the control of its command and control (C2) server. The operation allowed the France law enforcement […]
Pierluigi Paganini
August 28, 2019
Recent campaigns show threat actors behind the Dridex and Locky malware families, the TA505 group, have updated tactics and expanded its target list. Trend Micro revealed that the TA505 group that is behind the Dridex and Locky malware families continue to make small changes to its operations. TA505 hacking group has been active since 2014 […]
APT / February 05, 2026
