malware

Pierluigi Paganini May 13, 2017
Experts discovered a kill switch to slow the spreading of the WannaCry ransomware

The WannaCry ransomware worm infected systems at organizations and critical infrastructure across at least 74 countries leveraging NSA exploits. Experts discovered a Kill Switch for the threat. It was a Black Friday for cyber security, organizations and critical infrastructure across at least 74 countries have been infected by the WannaCry ransomware worm, aka WanaCrypt, WannaCrypt or Wcry. […]

Pierluigi Paganini May 12, 2017
Massive ransomware attack leveraging on WannaCry hits systems in dozens of countries

WannaCry ransomware attack is infecting systems in dozens of countries leveraging NSA exploit codes leaked by the hacker group Shadow Brokers. A Massive ransomware attack targets UK hospitals and Spanish banks, the news was confirmed by Telefónica that was one of the numerous victims of the malicious campaign. The newspaper El Pais reported the massive attack, experts at […]

Pierluigi Paganini May 11, 2017
Cisco patched CVE-2017-3881 IOS XE Vulnerability leaked in CIA Vault 7 Dump

Cisco patched the critical CVE-2017-3881 flaw that affects CISCO Catalyst switches and that can be potentially exploited by attackers to hijack networks. Cisco patched a critical security flaw, tracked as CVE-2017-3881, affecting its CISCO Catalyst switches that can be potentially exploited by attackers to hijack networks. The vulnerability was disclosed in the CIA Vault 7 data leak, according to Switchzilla […]

Pierluigi Paganini May 10, 2017
The Rakos botnet – Exploring a P2P Transient Botnet From Discovery to Enumeration

The Rakos botnet – Exploring a P2P Transient Botnet From Discovery to Enumeration. 1. Introduction We recently deployed a high interaction honeypots expecting it to be compromised by a specific malware. But in the first few days, instead of getting infected by the expected malware, it received a variety of attacks ranging from SSH port forwarding […]

Pierluigi Paganini May 09, 2017
The Supply chain of the HandBrake Mac software compromised to spread Proton malware

Maintainers of the HandBrake video transcoder are warning Mac users who recently downloaded the software that they may have been infected with malware. Maintainers of the open-source HandBrake video transcoder are warning Mac users who recently downloaded the application that they may have been infected with malware.Mac users who downloaded and installed the program from May […]

Pierluigi Paganini May 08, 2017
Malwaresearch – A command line tool to find malware on Openmalware.org

Malwaresearch is a command line tool to find malware on Openmalware.org, it was developed to facilitate and speed up the process of finding and downloading malware samples. The tool was developed to facilitate and speed up the process of finding and downloading malware samples via the command line interface. We’ve made use of the API provided by […]

Pierluigi Paganini May 08, 2017
Operation WilySupply – Software remote update channel of the supply chain exploited as attack vector

Microsoft has recently uncovered an attack dubbed Operation WilySupply that leveraged the update mechanism of an unnamed software editing tool to compromise targets. The attackers mostly targeted organizations in the finance and payment industries. “An unknown attacker was taking advantage of a silent yet effective attack vector: the compromised update mechanism or software supply chain for a third-party […]

Pierluigi Paganini May 08, 2017
Fatboy Ransomware as a Service sets the ransom based on the victims’ location

Recently discovered Fatboy ransomware implements a dynamic method of setting the ransom amount based on the geographic location of the victims. Ransomware continues to monopolize the threat landscape, recently security experts have observed numerous evolution of this specific family of malware. A newly discovered ransomware-as-a-service (RaaS), dubbed Fatboy, implements a dynamic method of setting the […]

Pierluigi Paganini May 07, 2017
UK Government’s secret programme for mass surveillance on internet and phones leaked

According to a draft document leaked online, UK Government is assigning itself more powers to spy on live communications and use malware for surveillance. While the NSA is announcing it will stop surveillance activities on emails, texts, and other internet communications, the UK government has secretly drawn up more details of its new bulk surveillance powers. […]

Pierluigi Paganini May 06, 2017
The Bondnet botnet- From China with Love

The new Bondnet botnet “Bond007.01” recently discovered coming out of China and it has infected an estimated 15,000 Windows server computers world-wide. There’s a new botnet in town and it’s named after the spy with a license to kill – James Bond. The new Bondnet botnet “Bond007.01” was discovered coming out of China by researchers […]