Pierluigi Paganini
November 09, 2017
Wikileaks released the first batch of documents starting with the source code and development logs of the Project Hive. Today the popular whistleblower organization Wikileaks announced a new Vault 8 series that shed the light on the source code and the hacking infrastructure developed by the CIA. Anyone can access the source code and analyze […]
Pierluigi Paganini
November 09, 2017
Security experts at McAfee observed the Russian APT28 group using the recently reported the DDE attack technique to deliver malware in espionage campaign. Security experts at McAfee observed the Russian APT group APT28 using the recently reported the DDE technique to deliver malware in targeted attacks. The cyber spies were conducting a cyber espionage campaign that involved blank documents […]
Pierluigi Paganini
November 06, 2017
A group of researchers demonstrated that malware signed with stolen Digital code-signing certificates continues to bypass security software. A recent study conducted by the Cyber Security Research Institute (CSRI) revealed that stolen digital code-signing certificates are available for sale for anyone to purchase on the dark web for up to $1,200. Digital code-signing certificates are a precious […]
Pierluigi Paganini
November 06, 2017
A new strain of ransomware dubbed GIBON ransomware was spotted by the ProofPoint researcher Matthew Mesa that observed it being distributed via malspam. The spam messages use a malicious document as attachment containing macros that once enabled will download and install the ransomware on a victim’s machine. The researcher dubbed the ransomware GIBON because of the presence of the string “GIBON” in two […]
Pierluigi Paganini
November 03, 2017
Experts at Cisco Talos observed crooks exploiting black Search Engine Optimization (SEO) to spread the Zeus Panda banking Trojan. Threat actors behind the Zeus Panda banking Trojan leveraged black Search Engine Optimization (SEO) to propose malicious links in the search results. Crooks were focused on financial-related keyword queries. The campaign was first spotted by experts at Cisco Talos, attackers […]
Pierluigi Paganini
November 01, 2017
The researchers at CSE Cybsec ZLab have completed their analysis the Bad Rabbit ransomware, the report follows our preliminary analysis. Introduction Recently a new ransomware, called BadRabbit, infected systems in many countries, most of in East Europe, such as Ukraine and Russia. The malware was not totally new, it seems to be an evolution of the old […]
Pierluigi Paganini
November 01, 2017
MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, experts speculate it was used to cover larger hacking campaigns. MBR-ONI is a new ransomware that is being used for targeted attacks in Japan, it is a bootkit ransomware that uses a modified version of the legitimate open-source disk encryption utility DiskCryptor to […]
Pierluigi Paganini
October 31, 2017
Security experts from Fortinet spotted a new strain of the Sage ransomware that included new functionalities, such as anti-analysis capabilities. Sage 2.0 is a new ransomware first observed in December and not now it is distributed via malicious spam. Sage is considered a variant of CryLocker ransomware, it is being distributed by the Sundown and RIG exploit kits. The […]
Pierluigi Paganini
October 29, 2017
Security expert Jérôme Segura from Malwarebytes has spotted that Matrix Ransomware has risen again, it is now being distributed through malvertising. Malware researcher Jérôme Segura from Malwarebytes has discovered that Matrix Ransomware is now being distributed through malvertising campaign. https://twitter.com/EKFiddle/status/923660551095427072 The Matrix Ransomware was first spotted in 2016, in April 2017 the threat intelligence expert Brad Duncan uncovered the EITest campaign using […]
Pierluigi Paganini
October 28, 2017
Files Encrypted by Bad Rabbit Recoverable Without Paying Ransom. Some victims of the recent Bad Rabbit attack may be able to recover their files encrypted by the ransomware without paying the ransom. The discovery was made by researchers at Kaspersky Lab that analyzed the encryption functionality implemented by the ransomware. Once the ransomware infects a computer, […]
APT / February 05, 2026
