Pierluigi Paganini
May 27, 2019
Security researchers are monitoring a new hacking campaign aimed at Joomla and WordPress websites, attackers used .htaccess injector for malicious redirect. Researchers at Sucuri are warning Joomla and WordPress websites admins of malicious hypertext access (.htaccess) injector found on a client website. The website was used by attackers to redirect traffic to advertising sites that […]
Pierluigi Paganini
May 26, 2019
According to Sectigo, most of the certificates used to sign the malware submitted to VirusTotal and issued by the company were expired and were already revoked. This week experts at Chronicle published a study on signed malware registered on VirusTotal that states that most of the digital certificates used to sign malware samples found on […]
Pierluigi Paganini
May 25, 2019
Security experts at Sophos have detected a wave of attacks targeting Windows servers that are running MySQL databases with the intent of delivering the GandCrab ransomware Sophos researchers have observed a wave of attacks targeting Windows servers that are running MySQL databases, threat actors aim at delivering the GandCrab ransomware. This is the first time […]
Pierluigi Paganini
May 23, 2019
Several security experts have developed PoC exploits for wormable Windows RDS flaw tracked as CVE-2019-0708 and dubbed BlueKeep. Experts have developed several proof-of-concept (PoC) exploits for the recently patched Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and dubbed BlueKeep. One of the PoC exploits could be used for remote code execution on vulnerable […]
Pierluigi Paganini
May 23, 2019
The experts at Yoroi-Cybaze Zlab described three techniques commonly implemented by threat actors to avoid detection. Introduction During our analysis we constantly run into the tricks cyber-attackers use to bypass companies security defences, sometimes advanced, others not. Many times, despite their elegance (or lack of it), these techniques are effective and actually help the cyber […]
Pierluigi Paganini
May 22, 2019
For the second time in a few days, experts at Emsisoft released a free decrypter, this time to help victims of the GetCrypt ransomware. Security experts at Emsisoft released a new decrypted in a few days, it could be used for free by victims of the GetCrypt ransomware to decrypt their files encrypted by the malware. The […]
Pierluigi Paganini
May 22, 2019
A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible. The Satan ransomware first appeared […]
Pierluigi Paganini
May 21, 2019
Good news for the victims of the JSWorm 2.0 ransomware, thanks to experts at Emsisoft they can decrypt their file for free. Experts at Emsisoft malware research team released a decrypter for a recently discovered ransomware tracked as JSWorm 2.0. JSWorm 2.0 is written in C++ and implements Blowfish encryption. The first version of the […]
Pierluigi Paganini
May 21, 2019
A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros). The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques, […]
Pierluigi Paganini
May 20, 2019
Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software. The Israeli firm is now […]
