malware

Pierluigi Paganini February 05, 2016
Australian NSW Government Department of Resources and Energy under attack. Is it Chinese cyber espionage?

According to the NSW Government Department of Resources and Energy Chinese hackers have launched a malware-based attack on its network in December. The Australian NSW Government Department of Resources and Energy revealed that in December 2015 unknown hackers targeted its systems. In the same period, the organization was launching a number of important projects, including […]

Pierluigi Paganini February 05, 2016
Someone has pwned the Dridex botnet serving the Avira Antivirus

Unknowns have pwned the Dridex botnet and are using it to spread a legitimate copy of the Avira Antivirus software instead the malicious payload. This story is very intriguing, someone has hacked a portion of the dreaded Dridex botnet and replaced malicious links with references to installers for the Avira Antivirus. The Antivirus company denies […]

Pierluigi Paganini February 04, 2016
Former DoE worker was hacking to steal nuclear secrets and resell them

A former Department of Energy (DoE) employee, Charles Harvey Eccleston [62], has been charged with trying to steal and sell nuclear secrets to foreign governments. A former employee at the Department of Energy (DoE), Charles Harvey Eccleston [62], has pleaded guilty of cyber espionage. The man attempted to infect al least 80 colleagues at the […]

Pierluigi Paganini January 31, 2016
27% of all detected malware appeared in 2015

According to a new report from Panda Security more than 84 million new malware samples were detected over the 2015, 27% of all malware of ever. In 2015, security experts have detected the a record number of new malware, according to a report published by Panda Security more than 84 million new malware samples were collected. […]

Pierluigi Paganini January 29, 2016
CenterPOS – The evolution of POS malware

Security Experts at FireEye discovered a new strain of POS malware dubbed CenterPOS that is threatening the retail systems. In the last 2/3 years, we have seen a significant increase in the number of POS malware, their diffusion is becoming even more worrying. We read about many high-profile breaches that involved high-complex malware targeting payment systems […]

Pierluigi Paganini January 29, 2016
ATP group uses Word Docs to drop BlackEnergy Malware

The APT group behind the attacks against critical infrastructure in Ukraine is spreading BlackEnergy malware through specially crafted Word documents. Malicious campaigns leveraging the BlackEnergy malware are targeting energy and ICS/SCADA companies from across the world. The threat actors behind the recent attacks based on the popular malware are now targeting critical infrastructure in Ukraine. In […]

Pierluigi Paganini January 27, 2016
Hackers are blackmailing the creator of Open-Source Ransomware

The Turkish security researcher Utku Sen was blackmailed by hackers behind the Magic ransomware to close his projects. The developers behind the open source-based “Magic” ransomware are blackmailing the creator of Hidden Tear and EDA2 in order to force the developer to abandon the projects. Recently I have written about the RANSOM_CRYPTEAR.B ransomware developed Utku Sen starting from a proof-of-concept […]

Pierluigi Paganini January 25, 2016
A flaw in TeslaCrypt ransomware allows file recovering

The victims of the infamous TeslaCrypt ransomware can now rejoice, there is a free tool to decrypt files encrypted by TeslaCrypt and TeslaCrypt 2.0 TeslaCrypt is one of the most insidious ransomware first detected in the wild in 2015, today I have a good news for its victims. TeslaCrypt was first detected in February 2015, the […]

Pierluigi Paganini January 25, 2016
Operators behind Angler Exploit Kit included CryptoWall 4.0

The latest variant of CryptoWall 4.0, one of the most popular and dangerous ransomware threats, has been recently added to the infamous Angler Exploit Kit. In my 2016 Cyber Security Predictions, I have predicted the criminal practices of the extortion will reach levels never seen before. Cyber criminals will threaten victims with ransomware and DDoS attack in […]

Pierluigi Paganini January 23, 2016
New RAT Trochilus, a sophisticated weapon used by cyber spies

Researchers spotted a new espionage campaign relying on a number of RATs including the powerful Trochilus threat. Security experts have uncovered a new remote access Trojan (RAT) named Trochilus that is able to evade sandbox analysis. The Trochilus malware was used to targeted attacks in multi-pronged cyber espionage operations. Experts at Arbor Networks uncovered a cyber […]