Pierluigi Paganini
August 13, 2019
Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations. The Cloud Atlas cyberespionage group, aka Inception, continues to carry out attacks against government organizations and was observed using a new piece of polymorphic malware dubbed VBShower. The Cloud Atlas was first observed by researchers at Kaspersky Lab […]
Pierluigi Paganini
August 12, 2019
Canon DSLR Camera Infected with Ransomware Over the Air A researcher discovered 6 flaws in the image transfer protocol used in Canon EOS 80D DSLR cameras that allow him to infect the device with ransomware over the air. Security researcher Eyal Itkin from Check Point analyzed the Picture Transfer Protocol (PTP) implementation in Canon EOS […]
Pierluigi Paganini
August 12, 2019
Researchers discovered multiple flaws in more than 40 device drivers from at least 20 different vendors that could to install a persistent backdoor on Windows PCs. Experts at firmware security firm Eclypsium have conducted a study on the device drivers from major vendors and discovered serious issues in over 40 drivers from 20 companies. The […]
Pierluigi Paganini
August 11, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! DealPly adware abuses reputation services to remain […]
Pierluigi Paganini
August 09, 2019
Security researchers at Emsisoft have released a new decryptor tool that allows the victims of the JSWorm 4.0 ransomware to decrypt their files for free. Thanks to the experts at Emsisoft the victims of the JSWorm 4.0 ransomware can decrypt their files for free. Like previous versions of the malware, the JSWorm 4.0 ransomware is […]
Pierluigi Paganini
August 06, 2019
The experts at Yoroi-Cybaze ZLab discovered a new wave of attacks linked to the cyber espionage campaign tracked as Roma225. Introduction Few months ago we started observing a cyber operation aiming to attack private companies in various business sectors, from automotive to luxury, education, and media/marketing. The attack attribution is still unclear but the large scale of […]
Pierluigi Paganini
August 05, 2019
Recently a data-wiping malware tracked as GermanWiper has been targeting German organizations, the malicious code is pushed via phishing messages. GermanWiper is being distributed in Germany through spam messages that pretend to be emails sent by a job applicant named Lena Kretschmer that is submitting her resume. The messages have the subject “Ihr Stellenangebot – Bewerbung [Your job offer – […]
Pierluigi Paganini
August 04, 2019
It has happened again, for the second time in a few days, Houston County Schools in Alabama delayed the school year’s opening due to a malware attack. The long wave of malware attacks against US schools continues, for the second time in a week, the Houston County Schools in Alabama delayed the school year’s opening scheduled for […]
Pierluigi Paganini
August 04, 2019
Malware researchers from enSilo have spotted a new variant of the DealPly adware that uses a new method to avoid detection. Researchers from enSilo have discovered a new variant of the modular DealPly adware that abuses the reputation services provided by Microsoft’s SmartScreen (aka Windows Defender SmartScreen) and McAfee’s WebAdvisor to avoid detection. The main […]
Pierluigi Paganini
August 03, 2019
Researchers at Proofpoint discovered SystemBC, a new strain of proxy malware that is being distributed via Fallout and RIG Exploit Kits A new piece of malware dubbed SystemBC was discovered by experts at Proofpoint, it is being distributed via exploit kits like Fallout and RIG. The malware was tracked as “SystemBC” based on the URI path […]
