Pierluigi Paganini
April 09, 2019
Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks, and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. Group-IB Threat Intelligence team identified compromised credentials of 7 306 users from the Gulf countries in 2018 and detected the total of 138 978 compromised cards issued by the Gulf countries’ banks. Number […]
Pierluigi Paganini
April 08, 2019
Researchers at Emsisoft developed a decryptor for the Planetary Ransomware family that could allow victims to decrypt their files for free. Good news for the victims of the Planetary Ransomware, security firm Emsisoft has released a decryptor that allows victims to decrypt their files for free. The name Planetary ransomware comes from the use of […]
Pierluigi Paganini
April 08, 2019
Kaspersky Lab reported that hundreds of users have been targeted with malware over the past month as part of a recent Roaming Mantis campaign. Security experts at Kaspersky Lab reported that hundreds of users have been targeted with malware over the past month as part of a new campaign associated with Roaming Mantis gang. Roaming […]
Pierluigi Paganini
April 07, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Ex-NSA contractor Harold Thomas Martin pleads guilty to federal charge of willful retention of national defense information Experts released the List of ~600 MAC addresses hit in ASUS hack […]
Pierluigi Paganini
April 05, 2019
Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. The name ‘Xwo‘ comes from […]
Pierluigi Paganini
April 05, 2019
Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking about how to answer to such questions I received a MalSpam with a Microsoft Office document […]
Pierluigi Paganini
April 04, 2019
Security experts at Trend Micro spotted a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application. Trend Micro discovered a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application, the malware also attempts to infect Apple devices (iPhones and […]
Pierluigi Paganini
April 02, 2019
Cybaze-Yoroi ZLAB malware researchers decided to use the NSA Ghidra suite in a real case study, the analysis of the AZORult malware. Introduction One of the most expected moments in the infosec community during the last few months was, with no doubt, the Ghidra public release. On the 5th of March, at the RSA conference, […]
Pierluigi Paganini
April 02, 2019
The popular expert unixfreaxjp analyzed a new China ELF DDoS’er malware tracked as “Linux/DDoSMan” that evolves from the Elknot malware to deliver new ELF bot. Non-Technical-Premise “This report is meant for incident response or Linux forensics purpose, TO HELP admin & IR folks”, with this the very beginning sentence starts the new analysis of one […]
Pierluigi Paganini
March 29, 2019
Malware researchers at Cybaze-Yoroi ZLAB team dissected a new sample of Qrypter malware that revealed an interesting evolution of the threat. Introduction During the last weeks, Yoroi’s monitoring operation intercepted some malicious emails required further attention: they were sent to a very few organizations and the content was specifically tailored for Italian speaking targets. This […]
APT / February 05, 2026
