Israeli Researchers have defined a new exfiltration technique dubbed BitWhisper that is based on the heat emissions and built-in thermal sensors. According researchers at the Ben Gurion University in Israel, by detecting the heat from one computer to an adjacent computer, is possible to establish a channel that can claiming can facilitate the spread of keys, malicious […]
Security experts at Proofpoint have discovered a new phishing campaign that exploits a Dridex variant that evades detection with AutoClose function. Criminal crews behind the Dridex banking malware are very prolific and are improving the popular malicious code. Recently we have discussed about a Dridex variant which was spread through phishing messages with Microsoft Office documents embedding malicious macros. The attackers exploited social engineering technique to lure […]
Cisco Security Team has spotted in the wild a new Point-of-Sale malware dubbed PoSeidon that is more sophisticated than previously detected PoS malware. Expert at Cisco have discovered a new Point-of-Sale (PoS) malware dubbed PoSeidon. The experts have discovered many similarities with the popular Zeus Trojan and use sophisticated methods to find card data respect other POS malware like BlackPoS, which was used […]
Security experts at Trend micro uncovered a new hacking campaign dubbed Operation Woolen Goldfish likely run by a threat actor group known as Rocket Kitten. Security experts at Trend Micro have uncovered a new cyber espionage campaign that is targeting a number of European organisations and businesses. The attackers run a spear phishing campaign that […]
Security researchers developed a new BIOS bootkit that exploit recently discovered vulnerabilities. The experts will present their study to the CanSecWest. BIOS bootkits are a reality despite there is little evidence of BIOS implants in the wild. The BIOS bootkits was mentioned when Snowden disclosed the catalog of surveillance tools used by the NSA ANT division, these malicious malware are […]
DHS ICS-CERT MONITOR report reveals that most critical infrastructure attacks involve APTs, but organizations lack monitoring capabilities. The DHS’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued its new ICS-CERT MONITOR report related to the period September 2014 – February 2015. The ICS-CERT MONITOR report According to the report, the Industrial Control Systems […]
TeslaCrypt is a new strain of ransomware, spotted in the wild by experts at Emsisoft, which is also targeting users of principal gaming platforms. A new strain of ransomware dubber TeslaCrypt was spotted in the wild by the researchers at the security firm Emsisoft. TeslaCrypt was discovered at the end of February, researchers at Bromium that analyzed the […]
Security Experts at Malwarebytes security firm spotted a new Facebook worm that spreads itself by leveraging multiple cloud services. Social media are a privileged attack vector, recent reports published by the principal security firms confirm that cyber criminal are exploiting these platforms for illegal activities. Last disastrous news for the users of the popular social […]
A security bulletin recently released by Microsoft addresses the LNK flaw that was exploited by Stuxnet and that we have wrongly considered patched since 2010. If you followed IT in the last few years, you might remember that Stuxnet was discovered around mid-2010 and at the time it was used against the Iranian nuclear program. […]
Android Gazon malware redirects a potential victim to a webpage that promises an Amazon gift card if you install an APK file hosted on the page. There is a new piece of malware called “Gazon”, and according to “adaptivemobile” already 4000 android users are infected. “Gazon” was discovered on 25 of February and until yesterday […]