malware

Pierluigi Paganini May 06, 2017
Netrepser Cyber espionage campaign compromised hundreds of Government organizations worldwide

Experts from Bitdefender have uncovered the Netrepser Cyber espionage campaign that compromised more than 500 Government organizations worldwide. Security experts at Bitdefender uncovered a cyber espionage campaign that leverages a strain of malware dubbed Netrepser to target government organizations. Netrepser Trojan samples were first discovered by the Bitdefender in May 2016, according to experts the analysis […]

Pierluigi Paganini May 05, 2017
The Snake APT Group is preparing its offensive against high-profile Mac users

According to experts from the Fox-IT firm, the notorious Russian Snake APT group is ready to target also Mac users with a new variant of its malicious code. The sophisticated Russian Snake APT group is back and is leveraging on new malware to target Mac users.The Snake APT group, also known as Turla or Uroburos, has ported its Windows […]

Pierluigi Paganini May 04, 2017
NSA Cyber Weapons installed in High Profile Targets in Greece

The installation of monitoring software has been conducted either by NSA highly sophisticated hacking team or by hackers who leveraged the tools leaked by the Shadow Brokers. Last week, a collection of spy tools allegedly used by the National Security Agency for operations against global targets of interest was leaked online by the underground hacking group, […]

Pierluigi Paganini May 04, 2017
Carbanak gang makes the headlines again, hackers refined intrusion tactics

The notorious cyber crime gang Carbanak is back and it is continuing to refine its techniques and tactics and developed new tools for its attacks. The cyber crime gang Carbanak continues to refine its techniques and tactics. According to a new analysis conducted by the security firm Trustwave,  the group has refined its intrusion strategy and […]

Pierluigi Paganini May 03, 2017
Chinese TA459 APT exploits CVE-2017-0199 flaw to target Financial firms

Malware researchers at security firm ProofPoint reported the Chinese TA459 APT has exploited the CVE-2017-0199 vulnerability to target Financial firms. The notorious cyber espionage group tracked as TA459 APT has targeted analysts working at major financial firms using the recently patched  CVE-2017-0199 Microsoft Office vulnerability. Experts at Proofpoint published a detailed analysis of the espionage campaign conducted […]

Pierluigi Paganini May 03, 2017
Number of WordPress Attacks powered by compromised routers is rapidly dropping

Experts from security firm WordFence reported a rapid reduction of WordPress attacks originating from hundreds of ISPs worldwide. Experts at the security firm Wordfence a few weeks ago reported that tens of thousands of flawed routers from dozens of ISPs worldwide were recruited in a botnet used to power several types of attacks against WordPress […]

Pierluigi Paganini April 30, 2017
Lenovo warns of IBM Storwize shipped with infected initialization USB drives

Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo contain a malicious file. Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo V3500, V3700 and V5000 Gen 1 storage systems contain a file that has been infected with malicious code. The Initialization Tool […]

Pierluigi Paganini April 30, 2017
Poorly designed apps leave millions of phones at risk of open port attack

Security experts demonstrated that insecure mobile applications leave millions of smartphones at risk of open port attack. A group of security researchers from the University of Michigan ( Yunhan Jack Jia, Qi Alfred Chen, Yikai Lin, Chao Kong, and Prof. Z. Morley Mao) discovered a security hole in hundreds of applications in Google Play Store that could […]

Pierluigi Paganini April 27, 2017
Cracking APT28 traffic in a few seconds

Security experts from security firm Redsocks published an interesting report on how to crack APT28 traffic in a few seconds. Introduction APT28 is a hacking group involved in many recent cyber incidents. The most recent attack allegedly attributed to this group is the one to French presidential candidate Emmanuel Macron’s campaign. Incident response to this Advanced […]

Pierluigi Paganini April 27, 2017
The Hajime Botnet continues to grow and implements a new attack technique

The mysterious Hajime Botnet continues to grow and reached 300,000 IoT Devices, the author also implemented a new attack method. Recently experts from Symantec spotted a new IoT botnet dubbed Hajime that is spreading quickly in the last months, mostly in Brazil and Iran. The Hajime malware was first spotted in October 2016, it implements the same mechanism […]