Pierluigi Paganini
April 24, 2017
A group of Israeli researchers has devised a new technique to exfiltrate data from a PC in an air-gapped network through malware controlled via scanners. The team was composed of Ben Nassi, a graduate student at the Cyber Security Research Center at Ben-Gurion University, and his advisor Yuval Elovici, based on an idea of the prominent cryptographer Adi Shamir. […]
Pierluigi Paganini
April 21, 2017
A new report published by Kaspersky confirms that Stuxnet exploits targeting a Windows Shell Vulnerability is still widely adopted by threat actors. The case that I’m going to present to you demonstrates the importance of patch management and shows the effects of the militarization of cyberspace. Unpatched software is an easy target for hackers that can exploit […]
Pierluigi Paganini
April 21, 2017
According to Trend Micro, the RawPOS PoS malware was recently used to steal driver’s license information from victims. Security experts at Trend Micro have spotted a new variant of the RawPOS PoS malware stealing driver’s license information from victims. The RawPOS PoS malware is an old threat that has been active since 2008. RAWPOS is a memory scraper that has infected […]
Pierluigi Paganini
April 20, 2017
Symantec observed the Hajime IoT malware leaving a message on the devices it infects, is it the work of a cyber vigilante? The Mirai botnet is the most popular thingbot, it is targeting poorly configured and flawed ‘Internet of Things’ devices since August 2016, when the threat was first discovered by the researcher MalwareMustDie. Many other bots threaten […]
Pierluigi Paganini
April 19, 2017
The InterContinental Hotels Group announced that last week payment card systems at more than 1,000 of its hotels had been compromised by crooks. The multinational hotel chain owns prestigious brands like Holiday Inn and Crowne Plaza. This is the second time that the InterContinental Hotels Group suffers a credit card breach, early this year the hotel chain […]
Pierluigi Paganini
April 18, 2017
Experts at Recorded Future have discovered a cheap RaaS, the Karmen Ransomware that deletes decryptor if detects a sandbox. Security experts from threat intelligence firm Recorded Future have spotted a new ransomware as a service (RaaS) called Karmen. The service allows customers to easy create their ransomware campaign in a few steps and without specific skills. Wannabe-crooks […]
Pierluigi Paganini
April 18, 2017
Security researchers who analyzed the documents and hacking tools included in the last Shadow Brokers dump found a link to the Stuxnet virus. On Friday, the Shadow Brokers leaked a new bunch of files belonging to the alleged NSA arsenal. Security researchers who analyzed the documents and hacking tools included in the last dump have […]
Pierluigi Paganini
April 18, 2017
CradleCore ransomware is a malware offered in the underground as a source code, instead of the classic ransomware-as-a-service (RaaS) model. According to the experts at Forcepoint, the author is offering the malware in many Tor-based crime forums as source code allowing crooks to request a customized version of the code. The CradleCore ransomware is offered by the author as a […]
Pierluigi Paganini
April 17, 2017
The Sundown EK has been inactive since early this year, the Terror EK is being very popular in the cybercriminal ecosystem. One year ago the Angler EK and Nuclear EK disappeared from the threat landscape, while the Sundown EK was conquering the criminal underground. What’s happening now? The Sundown EK has been inactive since early this year, the […]
Pierluigi Paganini
April 13, 2017
Security researchers at FireEye discovered that the Microsoft Word CVE-2017-0199 exploit was linked to cyberspying in Ukraine conflict. The zero-day vulnerability in Microsoft Office that was recently fixed by Microsoft was used to deliver a surveillance malware to Russian-speaking targets. Security experts from firm FireEye spotted the targeted attacks leveraging specifically crafted Microsoft Word documents that […]
