Pierluigi Paganini
June 05, 2019
A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. The new piece of malware leverages many exploits […]
Pierluigi Paganini
June 04, 2019
Gamaredon continues to target Ukraine, Yoroi-Cybaze ZLab spotted a new suspicious activity potentially linked to the popular APT group Introduction The Gamaredon attacks against Ukraine don’t seem to have stopped. After a month since our last report we spotted a new suspicious email potentially linked to the Gamaredon group. The group was first discovered by Symantec and TrendMicro in 2015 but […]
Pierluigi Paganini
June 02, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” https://www.surveymonkey.com/r/EUBloggerAwards2018 Police seized Bestmixer, the mixing service washed […]
Pierluigi Paganini
June 02, 2019
Turla, the Russia-linked cyberespionage group, is weaponizing PowerShell scripts and is using them in attacks against EU diplomats. Turla (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON), the Russia-linked APT group, is using weaponized PowerShell scripts in attacks aimed at EU diplomats. Turla group has been active since at least 2007 targeting government organizations and […]
Pierluigi Paganini
June 01, 2019
GandCrab first appeared in the threat landscape in early 2018 and continuously evolved over time. Now operators are shutting down their operations. Early 2018, experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. The GandCrab was advertised in Russian hacking community, researchers noticed that authors leverage the RIG and […]
Pierluigi Paganini
May 31, 2019
Security experts at Intezer have discovered a new Linux malware tracked as ‘HiddenWasp’ that borrows from Mirai, Azazel malicious codes. HiddenWasp is a new sophisticated Linux malware still undetected by the majority of anti-virus solutions. According to the experts at Intezer, the malware was involved in targeted attacks. “Unlike common Linux malware, HiddenWasp is not […]
Pierluigi Paganini
May 30, 2019
Chinese Cyber-Spies Target Government Organizations in Middle East Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Experts at Palo Alto Networks reported that the Chinese APT group Emissary Panda (aka APT27, TG-3390, Bronze Union, and Lucky Mouse) has been targeting government organizations in two different […]
Pierluigi Paganini
May 30, 2019
Guardicore Labs uncovered a widespread cryptojacking campaign tracked as Nansh0u and aimed at Windows MS-SQL and PHPMyAdmin servers. Security experts at Guardicore Labs uncovered a widespread cryptojacking campaign leveraging a malware dubbed Nansh0u. The malicious code aimed at Windows MS-SQL and PHPMyAdmin servers worldwide. According to the experts, the malicious campaign is being carried out […]
Pierluigi Paganini
May 29, 2019
An attack against an Italian organization lead the experts at Yoroi-Cybaze ZLab to shed the light on ongoing operations attributed to TA505. Introduction In the last few days, during monitoring activities, Yoroi CERT noticed a suspicious attack against an Italian organization. The malicious email contains a highly suspicious sample which triggered the ZLAB team to […]
Pierluigi Paganini
May 29, 2019
Experts at IBM X-Force observed a new campaign involving the HawkEye keylogger in April and May 2019 aimed at business users. Malware attacks leveraging a new variant of the HawkEye keylogger have been observed by experts at Talos. The malware has been under active development since at least 2013 and it is offered for sale […]
