Pierluigi Paganini
June 20, 2019
According to security researchers at Trend Micro, a cyberespionage campaign is targeting Android users in Middle Eastern countries. Security researchers at Trend Micro have spotted a cyberespionage campaign, dubbed ‘Bouncing Golf, that is targeting Android users in Middle Eastern countries. Threat actors are using a piece of malware detected as GolfSpy, that implements multiple features […]
Pierluigi Paganini
June 19, 2019
Kaspersky experts recently discovered a backdoor dubbed Plurox that can spread itself over a local network and can allow installing additional malware. Kaspersky experts discovered the Plurox backdoor in February, it can spread itself over a local network and could be used by attackers to install additional malware. The Plurox backdoor is written in C […]
Pierluigi Paganini
June 18, 2019
The head of London’s Serpentine Galleries resigned on Tuesday following a Guardian report about her links to the Israeli surveillance firm NSO Group. On Tuesday, the chief executive of London’s Serpentine Galleries, Yana Peel, resigned following the revelation of the Guardian newspaper about her links to the Israeli surveillance firm NSO Group. According to the newspaper, Yana […]
Pierluigi Paganini
June 17, 2019
Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT. The […]
Pierluigi Paganini
June 17, 2019
Today I’d like to share an interesting and heavily obfuscated Malware which made me thinking about the meaning of ‘Targeted Attack’. Nowadays a Targeted Attack is mostly used to address state assets or business areas. For example a targeted attack might address Naval industry (MartyMcFly example is definitely a great example) or USA companies (Botnet Against […]
Pierluigi Paganini
June 16, 2019
Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. Recently a new botnet, tracked Echobot, appeared in the threat landscape its operators are adding new exploits to infect a broad range of systems, including IoT devices, enterprise apps Oracle WebLogic and VMware SD-Wan. […]
Pierluigi Paganini
June 16, 2019
On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim email servers, that already compromised some Azure installs. Bad actors continue to target cloud services in the attempt of abusing them for several malicious purposes, like storing malware or implementing command and control servers. Microsoft Azure is not immune, recently […]
Pierluigi Paganini
June 15, 2019
Experts at Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack is targeting electric utilities in the US and APAC. Xenotime threat actor is considered responsible for the 2017 Trisis/Triton malware attack that hit oil and gas organizations. In December 2017, the Triton malware (aka Trisis) was discovered by researchers at FireEye, it was specifically […]
Pierluigi Paganini
June 14, 2019
Good news for the victims of the pyLocky Ransomware versions 1 and 2, French authorities have released the pyLocky decryptor to decrypt the files for free. French authorities have released a decryptor for pyLocky Ransomware versions 1 and 2. The decryptor allows victims to decrypt their files for free. It was developed in collaboration between […]
Pierluigi Paganini
June 14, 2019
The Cybaze-Yoroi ZLab analyzed a new sample of Nanocore Remote Administrator Tools (RAT) using a Delphi wrapper to protect its code. Introduction Historically, cyber-criminals adopted one or more layers of encryption and obfuscation to lower their footprint and avoid detection. The usage of cryptors and packers has become a commodity in the contemporary malware landscape, providing the […]
