Pierluigi Paganini
November 01, 2017
MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns. MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to […]
Pierluigi Paganini
October 31, 2017
Security experts from Fortinet spotted a new strain of the Sage ransomware that included new functionalities, such as anti-analysis capabilities. Sage 2.0 is a new ransomware first observed in December and not now it is distributed via malicious spam. Sage is considered a variant of CryLocker ransomware, it is being distributed by the Sundown and RIG exploit kits. The […]
Pierluigi Paganini
October 29, 2017
Security expert Jérôme Segura from Malwarebytes has spotted that Matrix Ransomware has risen again, it is now being distributed through malvertising. Malware researcher Jérôme Segura from Malwarebytes has discovered that Matrix Ransomware is now being distributed through malvertising campaign. https://twitter.com/EKFiddle/status/923660551095427072 The Matrix Ransomware was first spotted in 2016, in April 2017 the threat intelligence expert Brad Duncan uncovered the EITest campaign using […]
Pierluigi Paganini
October 28, 2017
Files Encrypted by Bad Rabbit Recoverable Without Paying Ransom. Some victims of the recent Bad Rabbit attack may be able to recover their files encrypted by the ransomware without paying the ransom. The discovery was made by researchers at Kaspersky Lab that analyzed the encryption functionality implemented by the ransomware. Once the ransomware infects a computer, […]
Pierluigi Paganini
October 27, 2017
UK Government blamed North Korea for the WannaCry attack that affected a third of English hospitals. “This attack, we believe quite strongly that it came from a foreign state,” Ben Wallace, a junior minister for security, told BBC Radio 4’s Today programme. “North Korea was the state that we believe was involved in this worldwide attack,” […]
Pierluigi Paganini
October 27, 2017
Security experts from Trend Micro have published an interesting report on the Middle East and North African cybercrime underground market, enjoy it! We explained several times that criminal communities adopt different tactics, techniques, and procedures (TTPs) depending on the location they operate. Experts at Trend Micro have highlighted the differences between the different underground communities, they […]
Pierluigi Paganini
October 27, 2017
Malware researchers at Cisco Talos team discovered the Bad Rabbit Ransomware leverages EternalRomance to propagate in the network. New precious details emerge from the analysis of malware researchers at Cisco Talos and F-Secure who respectively discovered and confirmed the presence an NSA exploit in the Bad Rabbit ransomware. On October 24, hundreds of organizations worldwide were hit by the Bad Rabbit […]
Pierluigi Paganini
October 26, 2017
The popular investigator Brian Krebs reported that the tech giant Dell lost the control of dellbackupandrecoverycloudstorage domain in June 2017. It is really embarrassing, Dell forgot to renew the domain www.dellbackupandrecoverycloudstorage.com name that was used by the tech giant to install operating systems on the PC it has sold. The incident was discovered by a third-party […]
Pierluigi Paganini
October 25, 2017
We at the CSE Cybsec ZLab have conducted a preliminary analysis of the Bad Rabbit ransomware discovering interesting aspects of the attack. This is just the beginning of a complete report that we will release in the next days, but we believe our findings can be useful for the security community. This malware remembers the notorious NotPetya basically […]
Pierluigi Paganini
October 24, 2017
Russian cyber espionage group APT28 targeted individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Researchers with Cisco Talos have spotted a Russian cyber espionage group targeting individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Experts attributed the attack to the dreaded Russian APT28 group, aka Pawn Storm, Fancy Bear, Sofacy, Group 74, Sednit, […]
Cyber Crime / December 08, 2025
