malware

Pierluigi Paganini September 30, 2019
Exclusive: MalwareMustDie analyzes a new IoT malware dubbed Linux/ AirDropBot

After 2 years of waiting, MalwareMustDie returns with an excellent page of malware analysis of a new IoT malware: Linux/AirDropBot. Yes, I have to confess, it was hard to wait all this time, but the reward it was worth it: unixfreaxjp is return, with a new, great page of reverse engeeniring published on the MalwareMustDie […]

Pierluigi Paganini September 30, 2019
Arcane Stealer V, a threat for lower-skilled adversaries that scares experts

Experts recently analyzed an information-stealing malware tracked as Arcane Stealer V that is very cheap and easy to buy in the Dark Web. In July 2019, researchers at Fidelis Threat Research Team (TRT) analyzed a sample of Arcane Stealer V, a .net information-stealing malware that is easy to acquire in the dark web. The author […]

Pierluigi Paganini September 28, 2019
Nodersok malware delivery campaign relies on advanced techniques

Microsoft researchers observed a campaign delivering malware, dubbed Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft experts observed a malware campaign, tracked as Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft uncovered the campaign in mid-July when noticed patterns in the anomalous usage of MSHTA.exe. Nodersok abuse of legitimate tools also […]

Pierluigi Paganini September 28, 2019
Malware-based attacks disrupted operations of Rheinmetall AG and Defence Construction Canada

A series of cyber attacks hit the defense contractors Rheinmetall AG and Defence Construction Canada (DCC) causing the disruption of their information technology systems. This month a series of cyber attack hit defense contractors Rheinmetall AG and Defence Construction Canada (DCC) disrupting their information technology systems. German Rheinmetall AG is a market leader in the supply of military technology, in […]

Pierluigi Paganini September 27, 2019
Emsisoft released a new free decryption tool for the Avest ransomware

Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days after the release of WannaCryFake decryptor. Emsisoft security firm has released a new free decryption tool for the Avest ransomware, a few days ago the researchers also released a free decryptor for the WannaCryFake ransomware. The Avest ransomware […]

Pierluigi Paganini September 26, 2019
Study shows connections between 2000 malware samples used by Russian APT groups

A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts […]

Pierluigi Paganini September 26, 2019
Emsisoft releases a free decryptor for the WannaCryFake ransomware

Researchers at Emsisoft security firm have released a new free decryption tool for the WannaCryFake ransomware. Good news for the vicitms of the WannaCryFake ransomware, researchers at Emsisoft have released a FREE decryption tool that will allow decrypting their data. WannaCryFake is a piece of ransomware that uses AES-256 to encrypt a victim’s files. The […]

Pierluigi Paganini September 24, 2019
A new Fancy Bear backdoor used to target political targets

Security experts at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group aimed at political targets. Security researchers at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group (i.e. APT28, Sednit, Sofacy, Zebrocy, and Strontium) aimed at political targets. In the recent attacks, the hackers […]

Pierluigi Paganini September 24, 2019
North Korea-linked malware ATMDtrack infected ATMs in India

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. Threat actors deployed the malware on ATM systems to steal payment card details of […]

Pierluigi Paganini September 23, 2019
Campbell County Memorial Hospital in Wyoming hit by ransomware attack

Campbell County Memorial Hospital in Gilette, Wyoming is facing service disruptions after a ransomware attack hit its computer systems on Friday. On Friday, the Campbell County Memorial Hospital in Gilette, Wyoming, suffered a ransomware attack that is still causing service disruptions. “Campbell County Health has been the victim of a ransomware attack. All CCH computer […]