malware

Pierluigi Paganini July 30, 2014
Millions of Android devices exposed to fake ID flaw

Android devices are affected by a critical vulnerability which allows a malicious app to impersonate a trusted application inheriting its permissions. Researchers at Bluebox Security have discovered a critical vulnerability in millions of Android devices that allow a malicious app to impersonate a trusted application in a stealthy way, allowing a bad actor an attacker to perform different malicious actions. […]

Pierluigi Paganini July 29, 2014
Misusing Digital Certificates

Excerpt from the post “How Cybercrime Exploits Digital Certificates” which details means and motivation of illicit activities which abuses digital certificates. Digital certificates have been misused many times during recent years. Bad actors abused them to conduct cyber attacks against private entities, individuals and government organizations. The principal abuses of digital certificates observed by security […]

Pierluigi Paganini July 29, 2014
Kaspersky uncovered the complex infrastructure of Koler ransomware

Researchers at Kaspersky Lab issued a report on the Koler ransomware, which is targeting both Android devices and desktop browsers. Experts at Kaspersky Lab published a report titled “Koler—The Police Ransomware for Android” that examines how bad actors behind the Reveton campaign have operated, Koler ransomware recently targeted Android users. The report on the Koler malware is more […]

Pierluigi Paganini July 25, 2014
Mayhem Malware is targeting Linux and FreeBSD servers

A security team at Russian Internet firm Yandex has identified a botnet based on a malware dubbed Mayhem which is targeting Linux and FreeBSD web servers. Security experts at Russian Internet company Yandex have detected a new strain of malware dubbed Mayhem which is targeting server based on Linux and FreeBSD OSs.  Yandex is a Russian company which operates the […]

Pierluigi Paganini July 22, 2014
Gyges, the mixing of commercial malware with cyber weapon code

Sentinel Labs firm discovered a sophisticated malware dubbed Gyges that is the mixing of commercial malicious code with code of alleged cyber weapon. Experts at Sentinel Labs security firm have discovered Gyges malware in the wild in March 2014, the malicious code appears very sophisticated to the researches which attributed it to a state-sponsored project. The level of complexity […]

Pierluigi Paganini July 21, 2014
Cybercrime exploits the crash of Malaysia Airlines Flight MH17

Security experts at TrendMicro have detected a spam campaign via Twitter which exploits the incident occurred to Malaysia Airlines Flight MH17. Unfortunately, tragedies like the one occurred to the Malaysia Airlines Flight MH17 or the recent escalation in Gaza are excellent occasions for cyber criminals that try to exploit the public attention to carry out illegal activities. […]

Pierluigi Paganini July 19, 2014
A new PushDo botnet variant infected 11,000 machine in 24 hours

Security Experts at Bitdefender report that a new PushDo variant emerged from the underground compromising 11,000 machine in 24 hours. Security experts at BitDefender have recently detected a surge in the number of Pushdo trojan infections analyzing data from e sinkholing of C&C domains used by the malware. The experts discovered that the new Pushdo campaign is […]

Pierluigi Paganini July 19, 2014
Critroni, a sophisticated ransomware which uses Tor Network as C&C

A security researcher has detailed Critroni ransomware, a new sophisticated malware which is being sold in different underground forums. In 2013 ransomware were among the menaces that monopolized the threat landscape, malware such as Cryptolocker infected hundreds of thousand machines worldwide. Critroni (aka CTB-Locker) is the name of the last ransomware which captured the attention of security experts, the malware […]

Pierluigi Paganini July 16, 2014
SSL Blacklist a new weapon to fight malware and botnet

A Security Researcher at Abuse.ch has started SSL blacklist project to create an archive of all the digital certificates used for illicit activities. In recent years security experts have discovered many cases in which bad actors have abused of digital certificates for illicit activities, from malware distribution to Internet surveillance. Botmasters are exploiting new techniques to avoid detection by security experts and […]

Pierluigi Paganini July 15, 2014
Kronos, the new banking trojan from Russian underground

Experts at Trusteer have recently discovered an adv on the Russian underground market regarding a new financial Trojan dubbed Kronos. Russian underground is probably the most prolific market for sale of banking malware, malicious code like Citadel, Zeus, Gozi have infected millions computers worldwide dominating the malware threat landscape. The huge demand for banking trojan  is creating the conditions […]