malware

Pierluigi Paganini February 29, 2020
Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm

Not only Maze ransomware gang, the operators behind Sodinokibi Ransomware allegedly leaked the data of Kenneth Cole Productions. The operators behind Sodinokibi Ransomware have published the download links to archives containing data allegedly stolen from the US firm Kenneth Cole Productions. The news was first reported by the Under the Breach research group. Sodinokibi (aka REvil) is […]

Pierluigi Paganini February 29, 2020
US Railroad firm RailWorks discloses a data breach after a ransomware attack

RailWorks Corporation, one of the leading railroad track and transit system providers in North America, disclosed a ransomware attack. RailWorks Corporation, one of the leading providers of rail infrastructure solutions in North America, disclosed a ransomware attack. The security breach may have also exposed personally identifiable information (i.e. Government-issued IDs, Social Security numbers, dates of birth, dates of hire/termination […]

Pierluigi Paganini February 28, 2020
NRC Health health care company hit with ransomware

A Lincoln health care company has been targeted by crooks, no patient data has been compromised during the cyber attack. NRC Health recently disclosed that it was hit by a ransomware attack that took place on February 11. The company provides analytics that help health care providers measure and improve quality and services. The Lincoln […]

Pierluigi Paganini February 27, 2020
Lampion malware origin servers geolocated in Turkey

After three months from the first detection, the Lampion origin was identified. A webserver named “portaldasfinancas” is available in Turkey and has been used to spread the threat in Portugal. Lampion malware is the most critical malware affecting Portuguese users’ last three months. From December 2019 it had spread, impersonating and using template emails from the Portuguese […]

Pierluigi Paganini February 27, 2020
New strain of Cerberus Android banking trojan can steal Google Authenticator codes

Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. Security researchers from ThreatFabric warn of a new Android malware strain can now steal one-time passcodes (OTP) generated through Google Authenticator that is used as part of 2FA to protect online […]

Pierluigi Paganini February 27, 2020
Data on Detection of Malicious Documents in Gmail are impressive

Google revealed that the enhancements to its scanning system implemented in Gmail are boosting its detection capabilities. Google announced that the new scanning capabilities implemented in Gmail have increased the detection rate of malicious documents. The IT giant proudly announced that combining its existing machine learning models with other protections it was able to detect […]

Pierluigi Paganini February 26, 2020
New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. Introduction Nowadays, it is common to say that the physical world and the cyber world are strictly connected. The proof is the leverage of the current physical threat, the CoronaVirus (COVID-19), as a social engineering […]

Pierluigi Paganini February 26, 2020
Fbot re-emerged, the backstage

Mirai Fbot is back with the stronger infection speed, “Currently FBOT’s infection speed is about 100 nodes per day.. Don’t trust me, trust the number”, said the researcher who figured the come-back…” In the previous month we covered the mystery behind the Mirai botnet variant dubbed as “Fbot” after the threat’s latest encryption was disclosed […]

Pierluigi Paganini February 25, 2020
South Korea suffers from the spread of people infected with Corona 19

In this situation, ‘Est security’ found malicious code disguised as a ‘Corona 19 real-time status’ inquiry program and asked the public’s attention. The malware found is an executable program (EXE) using file names such as ‘Corona’s domestic status’ and ‘Corona’s real-time corona status.’ When you run the file, you will see a pop-up window titled […]

Pierluigi Paganini February 24, 2020
FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report, FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families […]