malware

Pierluigi Paganini May 25, 2019
Hackers target MySQL databases to deliver the GandCrab ransomware

Security experts at Sophos have detected a wave of attacks targeting Windows servers that are running MySQL databases with the intent of delivering the GandCrab ransomware Sophos researchers have observed a wave of attacks targeting Windows servers that are running MySQL databases, threat actors aim at delivering the GandCrab ransomware. This is the first time […]

Pierluigi Paganini May 23, 2019
PoC Exploits for CVE-2019-0708 wormable Windows flaw released online

Several security experts have developed PoC exploits for wormable Windows RDS flaw tracked as CVE-2019-0708 and dubbed BlueKeep. Experts have developed several proof-of-concept (PoC) exploits for the recently patched Windows Remote Desktop Services (RDS) vulnerability tracked as CVE-2019-0708 and dubbed BlueKeep. One of the PoC exploits could be used for remote code execution on vulnerable […]

Pierluigi Paganini May 23, 2019
Playing Cat and Mouse: Three Techniques Abused to Avoid Detection

The experts at Yoroi-Cybaze Zlab described three techniques commonly implemented by threat actors to avoid detection. Introduction During our analysis we constantly run into the tricks cyber-attackers use to bypass companies security defences, sometimes advanced, others not. Many times, despite their elegance (or lack of it), these techniques are effective and actually help the cyber […]

Pierluigi Paganini May 22, 2019
Emsisoft released a free Decrypter for the GetCrypt ransomware

For the second time in a few days, experts at Emsisoft released a free decrypter, this time to help victims of the GetCrypt ransomware. Security experts at Emsisoft released a new decrypted in a few days, it could be used for free by victims of the GetCrypt ransomware to decrypt their files encrypted by the malware. The […]

Pierluigi Paganini May 22, 2019
The Satan Ransomware adds new exploits to its arsenal

A variant of the Satan ransomware recently observed includes exploits to its arsenal and targets machines leveraging additional flaws. Experts at FortiGuard Labs have discovered a new variant of the Satan ransomware that includes new exploits to its portfolio and leverages additional vulnerabilities to infect as many machines as possible. The Satan ransomware first appeared […]

Pierluigi Paganini May 21, 2019
Emsisoft released a free Decrypter for JSWorm 2.0

Good news for the victims of the JSWorm 2.0 ransomware, thanks to experts at Emsisoft they can decrypt their file for free. Experts at Emsisoft malware research team released a decrypter for a recently discovered ransomware tracked as JSWorm 2.0. JSWorm 2.0 is written in C++ and implements Blowfish encryption. The first version of the […]

Pierluigi Paganini May 21, 2019
MuddyWater BlackWater campaign used new anti-detection techniques

A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros).  The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques, […]

Pierluigi Paganini May 20, 2019
Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. The name NSO Group made the headlines last week after the disclosure of the WhatsApp flaw exploited by the company to remotely install its surveillance software. The Israeli firm is now […]

Pierluigi Paganini May 19, 2019
Security Affairs newsletter Round 214 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” https://www.surveymonkey.com/r/EUBloggerAwards2018 Hacking the ‘Unhackable eyeDisk USB stick Security […]

Pierluigi Paganini May 16, 2019
A joint operation by international police dismantled GozNym gang

A joint effort by international law enforcement agencies from 6 different countries has dismantled the crime gang behind the GozNym banking malware. GozNym banking malware is considered one of the most dangerous threats to the banking industry, experts estimated it allowed to steal nearly $100 million from over 41,000 victims across the globe for years. “An […]