Pierluigi Paganini
October 11, 2017
Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii that could be used to empty an ATM. Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii. The ATMii malware was discovered in April this year, it implements an injector module (exe.exe) and the module to be injected (dll.dll). Crooks can […]
Pierluigi Paganini
October 10, 2017
Crooks are spreading the FormBook malware to target aerospace firms, defense contractors and some manufacturing organizations in the US and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting aim at Aerospace, Defense Contractor, and Manufacturing industries. The phishing emails that targeted US entities contain PDF, DOC or […]
Pierluigi Paganini
October 09, 2017
Security experts from Proofpoint have uncovered a malvertising actor named KovCoreG group that is spreading the Kovter malware via fake browser and Flash updates. Security researchers from Proofpoint have uncovered a malvertising group dubbed KovCoreG that is spreading the Kovter malware via fake browser and Flash updates. The Kovter malware is used in Ad fraud campaigns, victims were infected by simply clicking […]
Pierluigi Paganini
October 09, 2017
The Sri Lanka authorities have arrested two men allegedly involved in cyber heist at an unnamed Taiwan bank that occurred last week. The Sri Lanka police have arrested two men allegedly involved in the Taiwan cyberheist, the suspects are accused to have hacked into computers at a Taiwan bank and stole millions of dollars last week. According to an official, the […]
Pierluigi Paganini
October 05, 2017
The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle […]
Pierluigi Paganini
October 04, 2017
Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of the 32-bit CCleaner […]
Pierluigi Paganini
October 01, 2017
According to Kaspersky Lab, sixty percent of institutions in Saudi Arabia have experienced malware-based attacks over the past 12 months. Malware continues to be one of the most dangerous threats for organizations worldwide, and data recently disclosed by security firms. According to Kaspersky Lab, Saudi Arabia is under a constant malware-based attack, the experts reported that […]
Pierluigi Paganini
October 01, 2017
Cisco researchers discovered a malware campaign abusing a legitimate VMware binary to spread a banking Trojan. The threat actor behind the campaign uses multiple methods of re-direction when infecting the victims’ machines in order to remain under the radar, it also implemented a variety of anti-analysis techniques. The malware is written in Delphi, a novelty for […]
Pierluigi Paganini
September 28, 2017
Researchers have developed an attack method dubbed Illusion Gap for bypassing Windows Defender that will allow avoiding antivirus detection. Researchers from security firm CyberArk have devised a new technique dubbed ‘Illusion Gap’ that allows attackers to bypass Windows Defender. The technique leverages on the fact that Windows Defender detection can be bypassed by tricking the antivirus into […]
Pierluigi Paganini
September 27, 2017
The popular security expert Marco Ramilli shared the analysis of a cryptoworm having significant capabilities, enjoy the report! Introduction. Today I want to share a nice Malware analysis having an interesting flow. The “interesting” adjective comes from the abilities the given sample owns. Capabilities of exploiting, hard obfuscations and usage of advanced techniques to steal […]
