malware

Pierluigi Paganini December 29, 2019
A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. Security experts from Fortinet’s enSilo have discovered a new loader, dubbed BIOLOAD, associated with the financially-motivated group FIN7. The group that has been active since late 2015 targeted businesses worldwide […]

Pierluigi Paganini December 28, 2019
A Ryuk Ransomware attack took down a US maritime facility

A Ryuk Ransomware attack has taken down the corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. Ryuk Ransomware continues to infect systems worldwide, the U.S. Coast Guard (USCG) announced that the malware took down the corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. “The purpose of this […]

Pierluigi Paganini December 27, 2019
Windows systems at Maastricht University were infected with a ransomware

A new ransomware attack made the headlines, Maastricht University (UM) confirmed that the malware encrypted all its Windows systems on December 23. Maastricht University (UM) announced ransomware infected almost all of its Windows systems on Monday, December 23. Maastricht University is an excellent university attended by over 18,000 students, roughly 4,400 employees, and 70,000 alumni. “Maastricht […]

Pierluigi Paganini December 26, 2019
Ryuk Ransomware evolution avoid encrypting Linux folders

Experts spotted a new strain of the Ryuk Ransomware that was developed to avoid encrypting folders commonly seen in *NIX operating systems. Recently the City of New Orleans was the victim of ransomware attack, researchers from the BleepingComputer community revealed that the malware that infected the City’s systems was the Ryuk Ransomware. The experts found on […]

Pierluigi Paganini December 25, 2019
New Mozi P2P Botnet targets Netgear, D-Link, Huawei routers

A new Mozi P2P botnet is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. Security experts from 360 Netlab spotted a new Mozi P2P botnet that is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, […]

Pierluigi Paganini December 25, 2019
Actors behind Maze ransomware release files stolen from City of Pensacola

Maze ransomware operators have released 2GB of files that were allegedly stolen from the City of Pensacola during the recent attack. On December 7, 2019, the city of Pensacola has been hit by a ransomware attack, the city was forced to disconnect most of its systems following the attack that impacted emails, telephone lines, and […]

Pierluigi Paganini December 23, 2019
Champagne Bakery Cafe and Islands burger chain disclose payment card breaches

The news of two new payment card breaches made the headlines, the victims are the Islands restaurant chain and Champagne French Bakery Cafe. The new restaurant chains with locations across the U.S. disclosed payment card breaches, in both cases, attackers used PoS malware to capture card data stored in the magnetic stripe. Exposed data includes […]

Pierluigi Paganini December 22, 2019
Security Affairs newsletter Round 245

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs From iPhone to NT AUTHORITYSYSTEM – exploit ‘Printconfig dll with a real-world example Iran announced to have foiled a second cyber-attack in a week Largest hospital system in New Jersey was hit by ransomware attack A thief stole […]

Pierluigi Paganini December 20, 2019
Unveiling JsOutProx: A New Enterprise Grade Implant

Experts at Yoroi/Cybaze ZLab spotted a new sophisticated malware implant dubbed JsOutProx that seems to be unrelated to mainstream cyber weapons. Introduction During our threat intelligence source monitoring operations, we spotted a new sophisticated malware implant, dubbed JsOutProx, that seems to be unrelated to mainstream cyber weapons. In fact, the recovered sample raised many interrogatives […]

Pierluigi Paganini December 19, 2019
Maze Ransomware operators threaten victims to publish their data online

The victims of the Maze Ransomware now face another threat because operators behind the malware could publish their data online. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. The Maze ransomware also implements data harvesting capabilities, operators are threatening […]