malware

Pierluigi Paganini February 14, 2017
Office Loader leverages malicious macros to deliver multiple malware

Security researchers at Palo Alto Networks spotted a campaign leveraging Microsoft Office loader using malicious macros to drop multiple malware families. The researchers analyzed more than 650 unique samples of this specific loader since early December 2016, accounting for 12,000 phishing email targeting numerous industries. Most affected industries are High Tech, Professional and Legal Services, […]

Pierluigi Paganini February 13, 2017
Watering hole attacks on Polish Banks Linked to Lazarus Group

According to security experts from Symantec and BAE Systems, the recently discovered attacks aimed at Poland banks are linked to the Lazarus Group. Last week, several Polish banks confirmed their systems were infected with a malware after their staff visited the site of the Polish Financial Supervision Authority. The cyber attack was first reported by […]

Pierluigi Paganini February 13, 2017
Word documents laced with malicious macros used to hack Apple Mac systems

Crooks exploiting Word documents laced with malicious macros to compromise Apple Mac systems exactly in the same way they do with Microsoft machines. It’s amazing the number of Apple Mac users that tell me their systems are immune from malware. This false sense of security is very dangerous and I believe it is important to […]

Pierluigi Paganini February 10, 2017
Russia suspected over cyber espionage campaign on the Italian foreign ministry

Italian officials speculate Russia was behind a cyber espionage campaign on the Italian foreign ministry that lasted for months. The Italian Foreign Ministry was the victim of a targeted cyber espionage campaign, according to The Guardian newspaper who cited a diplomatic source that has spoken on condition of anonymity. According to the source, the attack […]

Pierluigi Paganini February 10, 2017
CRYSIS Ransomware is back and crooks are using RDP attacks once again

CRYSIS Ransomware attacks leveraging brute force via Remote Desktop Protocol (RDP) are still ongoing, mostly targeting US firms in the healthcare. Do you remember the CRYSIS ransomware? It is a ransomware that appeared in the threat landscape last year, now researchers at Trend Micro discovered the CRYSIS ransomware is being distributed via Remote Desktop Protocol (RDP) brute force […]

Pierluigi Paganini February 09, 2017
ENISA Threat Landscape Report 2016, who is attacking us, and how?

ENISA has issued the annual ENISA Threat Landscape Report 2016, a document that synthesizes the emerging trends in cyber security The European Union Agency for Network and Information Security (ENISA) is an EU Agency composed of security experts that work with these states, public organizations and private groups to develop advice and recommendations on good practice […]

Pierluigi Paganini February 08, 2017
Iranian hackers are back with the MACDOWNLOADER MAC malware

An Iranian espionage group has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac users. A cyber espionage group linked to the Iranian Government has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac computers. The researchers Claudio Guarnieri and […]

Pierluigi Paganini February 07, 2017
Phishme observed operators behind Locky and Sage ransomware share delivery infrastructure

PhishMe security researchers discovered that the Locky and Sage ransomware were recently observed being distributed by the same delivery infrastructure. It’s a common habit of cyber criminals to share delivery infrastructure to maximize the use of their resource and minimize the cost, Recently the Locky ransomware was observed being distributed through the delivery infrastructure used […]

Pierluigi Paganini February 07, 2017
Crooks hacked Polish banks with a malware planted on Government site

Several Polish banks confirmed their systems were infected with a malware after their staff visited the site of the Polish Financial Supervision Authority. Polish banks are investigating a massive cyber attack after a malware was spotted on several servers of the financial institutions. The cyber attack was first reported by the Zaufana Trzecia Strona, a local […]

Pierluigi Paganini February 06, 2017
The Slammer worm is back after 13 years to target ancient SQL servers

The SQL Slammer worm, one of the most long-lived malware, now seems to be back online to compromise ancient SQL servers worldwide. SQL Slammer is probably one of the most long-lived threats, it first appeared  14 years ago and now it is back to compromise ancient SQL servers. SQL Slammer exploits an ancient flaw in Microsoft SQL […]