malware

Pierluigi Paganini September 29, 2014
iFrame-based redirection attacks used to monitor Chinese organizations

Security Experts at FireEye discovered a new malicious campaign which is targeting Chinese organizations with iFrame traffic redirection to serve RAT. Security experts at FireEye observed a new malicious campaign that is targeting non-profit organizations and non-governmental organizations by compromising legitimate website. The threat actors use to compromise legitimate websites to host iframes used to hijack visitors […]

Pierluigi Paganini September 26, 2014
Spike botnet runs DDoS attacks from IoT devices

Experts at Akamai spotted a new malware kit named Spike which is used by bad actors to run DDoS attacks through desktops and Internet of Things devices. According to Akamai’s Prolexic Security Engineering & Response Team (PLXsert) a new malware kit dubbed Spike was used by bad actors to run DDoS attacks through routers, smart thermostats, […]

Pierluigi Paganini September 23, 2014
VBA malware on the rise, a threat wrongly underestimated

Security experts at Sophos have detected a surge in cyber attacks based on VBA malware, such threats are still very insidious but often underestimated. Experts at SophosLabs observed a surge in VBA malware, according their analysis macro-based malware accounted for 28 percent of all malware attack detected in July, up from just six percent in June, despite […]

Pierluigi Paganini September 19, 2014
Home Depot confirms data theft for 56 million cards

Home Depot announced that data related to 56 million cards were stolen by cyber criminals. Home Depot, the US largest home improvement retailer, confirms breach impacted 56 million customers. On Thursday the company Home Depot released an update on the evolution of the investigation of the data breach suffered by the company. Home Depot data breach is larger than the […]

Pierluigi Paganini September 17, 2014
WikiLeaks publicly disclosed copies of FinFisher surveillance software

WikiLeaks has published copies of the criticized FinFisher surveillance software, claiming that the malware is sold to the most “abusive” regimes in the world. Copies of the surveillance software “FinFisher” were made available for public scrutiny by WikiLeaks early this week. The international, online journalistic organization has decided to publish the public disclose the criticized software online to allow […]

Pierluigi Paganini September 16, 2014
Citadel Trojan targets energy industry in Middle East

Experts at IBM Trusteer security firms have discovered a massively distributed Citadel trojan targets Middle Eastern Petrochemical companies. Researchers at IBM Trusteer have recently discovered targeted cyber attacks using a variant of the popular Citadel trojan on several Middle Eastern petrochemical companies. The Citadel Trojan is a malware designed to steal personal information, including banking and […]

Pierluigi Paganini September 16, 2014
New BoSSaBoTv2 botnet targeting vulnerable Servers

Trustwave has detected a new series of attacks on servers worldwide based on the exploitation of old CGI-PHP vulnerability to spread BoSSaBoTv2 botnet. It was 2012 when security experts discovered a security flaw (CVE-2012-1823) in some PHP builds that could be exploited by a threat actor to remotely execute commands on the affected server, if PHP was […]

Pierluigi Paganini September 12, 2014
Malicious Chrome Extensions in official Store serve infected links on Facebook

Security experts at TrendMicro have uncovered a new malicious campaign based on a Chrome extension deployed on the official Chrome Store. A few months ago I wrote an article on the presence of a malicious Chrome browser extension, dubbed Cryptsy Dogecoin (DOGE) Live Ticker, available on the official store that was able to steal digital coins. […]

Pierluigi Paganini September 11, 2014
Dyre Zeus variant malware used for corporate espionage

Security experts warn Dyre malware is being used by cyber criminals for corporate espionage instead harvest banking credentials. Dyre is the name of a new variant of the immortal Zeus banking trojan worries cyber security experts, this new strain doesn’t limit its stealing activity to user’s banking credentials, but search for customer information. Dyre has been detected […]

Pierluigi Paganini September 09, 2014
Clearsky detected Gholee malware – The Israel-Gaza Conflict Takes to the Cyber-Arena

Experts at Clearsky detected the Gholee virus which was likely developed by highly qualified factors, which may even be related to Israel’s long-time nemesis Iran. Experts from Clearsky, an Israeli cyber-security company, detected an “operation protective edge” themed spear phishing attack, carried out via emails containing a malicious excel file. Once opened and its VBA […]