Pierluigi Paganini
June 05, 2020
ZLab malware researchers analyzed the attack chain used to infect Italian speaking victims with the Netwire malware. Introduction Info stealer malware confirms to be one of the most adopted weapons of cyber actors. One of them is Netwire (MITRE S0198), a multiplatform remote administration tool (RAT) that has been used by criminals and espionage groups […]
Pierluigi Paganini
June 05, 2020
Experts recently discovered a multi-platform ransomware, dubbed Tycoon Ransomware, that uses a Java image file (JIMAGE) to evade detection. Experts from BlackBerry Threat Intelligence and KPMG recently discovered a new strain of multi-platform ransomware dubbed Tycoon ransomware. The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and […]
Pierluigi Paganini
June 05, 2020
Cyber Defense Magazine June 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 165 pages of excellent content. Cyber Defense Magazine June 2020 Edition has arrived. Tips, tricks, ideas, secrets and insider information on the best practices in cybersecurity. Please read it and share it with your friends. With much appreciation to […]
Pierluigi Paganini
June 05, 2020
Google researchers revealed that campaign staffs for both President Donald Trump and Joe Biden have been targeted recently by foreign hackers. Foreign hackers are targeting campaign staffs for both President Donald Trump and Democratic rival Joe Biden ahead of the November US election. The news was revealed by Google in a series of tweets published […]
Pierluigi Paganini
June 04, 2020
A Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The Cycldek group was […]
Pierluigi Paganini
June 04, 2020
North Atlantic Council issued a statement warning of concerning malicious cyber activities against entities involved in the fight against COVID-19. A statement published by the North Atlantic Council condemns malicious cyber activities that are targeting critical entities involved in the response against the COVID-19 pandemic. Threat actors are targeting healthcare services, hospitals, and research institutes endangering […]
Pierluigi Paganini
June 04, 2020
Security experts have observed a large-scale campaign over the weekend aimed at stealing configuration files from WordPress sites. Security researchers from WordFence have observed a large-scale campaign over the weekend aimed at stealing configuration files from WordPress sites. Threat actors attempted to exploit well- known vulnerabilities in unpatched plugins to download configuration files from WordPress […]
Pierluigi Paganini
June 04, 2020
Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Then the attackers used the hijacked domain to launch spear-phishing attacks against […]
Pierluigi Paganini
June 03, 2020
Tor Browser 9.5 includes important security updates to Firefox, users on desktop will be able to opt-in for using onion sites automatically whenever the website makes them available. Starting with the release of Tor Browser 9.5, new features will make accessing onion addresses easier. Now, there is also an opt-in mechanism available for websites that want Tor […]
Pierluigi Paganini
June 02, 2020
A flaw in the IP-in-IP tunneling protocol that can be exploited for DoS attacks and to bypass security controls impact devices from Cisco and other vendors. A vulnerability that affects the IP-in-IP tunneling protocol (aka IP Encapsulation within IP) implemented by Cisco and other vendors could be exploited for denial-of-service (DoS) attacks and to bypass […]
