Security Affairs

Pierluigi Paganini September 26, 2019
iOS 13 Bug Gives Third-Party Keyboards “Full Access” Permissions

This week, Apple released iOS 13 and iPadOS, now a few days later, the company is warning users of an unpatched security flaw in third-party keyboard apps. Apple has released a security advisory to warn users of an unpatched security bug in iOS 13 that affects third-party keyboard apps. The bug can result in granting […]

Pierluigi Paganini September 26, 2019
Study shows connections between 2000 malware samples used by Russian APT groups

A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts […]

Pierluigi Paganini September 26, 2019
USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

The popular researcher Luca Bongiorni described how to make a malicious USB Implant (USBsamurai) that allows bypassing Air-Gapped environments with 10$. In the previous post, I have talked a bit about USBsamurai based on C-U0007. With this article I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai […]

Pierluigi Paganini September 26, 2019
Emsisoft releases a free decryptor for the WannaCryFake ransomware

Researchers at Emsisoft security firm have released a new free decryption tool for the WannaCryFake ransomware. Good news for the vicitms of the WannaCryFake ransomware, researchers at Emsisoft have released a FREE decryption tool that will allow decrypting their data. WannaCryFake is a piece of ransomware that uses AES-256 to encrypt a victim’s files. The […]

Pierluigi Paganini September 25, 2019
US Utilities Targeted with LookBack RAT in a new phishing campaign

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. In early August, the expert reported that between […]

Pierluigi Paganini September 25, 2019
Adobe Patches two critical vulnerabilities in ColdFusion

Adobe released security updates to address three severe vulnerabilities in its ColdFusion web application development platform Adobe released ColdFusion 2016 Update 12 and ColdFusion 2018 Update 5 to address three severe vulnerabilities in its ColdFusion web application development platform, two of them have been rated as “critical.” “Adobe has released security updates for ColdFusion versions […]

Pierluigi Paganini September 24, 2019
A new Fancy Bear backdoor used to target political targets

Security experts at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group aimed at political targets. Security researchers at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group (i.e. APT28, Sednit, Sofacy, Zebrocy, and Strontium) aimed at political targets. In the recent attacks, the hackers […]

Pierluigi Paganini September 24, 2019
APT or not APT? What’s Behind the Aggah Campaign

Researchers at Yoroi-Cybaze ZLab discovered an interesting drop chain associated with the well-known Aggah campaign. Introduction During our threat monitoring activities, we discovered an interesting drop chain related to the well-known Aggah campaign, the ambiguous infection chain observed by Unit42 which seemed to deliver payloads potentially associated with the Gorgon Group APT. After that, we discovered other malicious activities […]

Pierluigi Paganini September 24, 2019
Microsoft released an out-of-band patch to fix Zero-day flaw exploited in the wild

Microsoft released an out-of-band patch to address a Zero-day memory corruption vulnerability in Internet Explorer that has been exploited in attacks in the wild. Microsoft has released an out-of-band patch for an Internet Explorer zero-day vulnerability that was exploited in attacks in the wild. The vulnerability tracked as CVE-2019-1367 is a memory corruption flaw that resides […]

Pierluigi Paganini September 24, 2019
North Korea-linked malware ATMDtrack infected ATMs in India

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. Threat actors deployed the malware on ATM systems to steal payment card details of […]