worm

Pierluigi Paganini November 18, 2023
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB. Check Point researchers observed Russia-linked Gamaredon spreading the worm called LitterDrifter via USB in attacks against Ukraine. Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) has been active since 2014 and its activity focuses on Ukraine, the group was observed using the multistage backdoor Pteranodon/Pterodo. The Gamaredon APT group continues to carry out […]

Pierluigi Paganini July 31, 2023
Experts discovered a previously undocumented initial access vector used by P2PInfect worm

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector. In July, Palo Alto Networks Unit 42 researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers running on both Linux and Windows systems. The capability to target Redis servers running on both Linux […]

Pierluigi Paganini July 20, 2023
P2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systems

Cybersecurity researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers. Palo Alto Networks Unit 42 researchers have discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers running on both Linux and Windows systems. The capability to target Redis servers running on both Linux and Windows operating systems makes P2PInfect more scalable and […]

Pierluigi Paganini October 27, 2017
UK Government links the WannaCry attack that crippled NHS to North Korea

UK Government blamed North Korea for the WannaCry attack that affected a third of English hospitals. “This attack, we believe quite strongly that it came from a foreign state,” Ben Wallace, a junior minister for security, told BBC Radio 4’s Today programme. “North Korea was the state that we believe was involved in this worldwide attack,” […]

Pierluigi Paganini March 05, 2017
Hackers who breached Barts NHS Trust exploited a zero-day vulnerability

In January, a cyber attack breached some systems at Barts NHS Trust and forced them offline. Hackers exploited a zero-day vulnerability. In January, a cyber attack breached some systems at Barts NHS Trust and forced them offline. Barts Health Trust runs the Royal London, St Bartholomew’s, Whipps Cross, Mile End and Newham hospitals. The hackers used […]

Pierluigi Paganini February 06, 2017
The Slammer worm is back after 13 years to target ancient SQL servers

The SQL Slammer worm, one of the most long-lived malware, now seems to be back online to compromise ancient SQL servers worldwide. SQL Slammer is probably one of the most long-lived threats, it first appeared  14 years ago and now it is back to compromise ancient SQL servers. SQL Slammer exploits an ancient flaw in Microsoft SQL […]

Pierluigi Paganini June 29, 2016
Hospitals Falling Victim to Old Malware

Security experts confirm that a growing number of cyber-attacks continue to hit hospitals threatening unpatched medical devices. In late 2015, MaineGeneral Health, a new state of the art hospital located in Augusta, Maine, reported that it had fallen victim to a cyberattack that leaked the names, addresses, and phone numbers for patients of its radiology services […]

Pierluigi Paganini June 22, 2016
Conficker, the malware with the most wide spread diffusion

Conficker (also known as Downup, Downadup e Kido) is one of the oldest and still active malware, according to Check Point researchers it is  “the most prominent family accounting for 14 percent of recognized attacks.” Conficker is technically a worm that leverages a vulnerability in the Windows Server Service to spread itself, it targets an […]

Pierluigi Paganini May 22, 2016
A dangerous Worm is infected outdated Ubiquiti Devices worldwide

A worm is infecting routers and other wireless devices across the world made by the Ubiquiti Networks company. An insidious worm is infecting routers and other wireless devices made by Ubiquiti Networks across the world. ISPs worldwide reported the malware-based attacks, the threat can take complete control of the wireless networking equipment by exploiting a year-old remote […]

Pierluigi Paganini May 07, 2016
Is the Armageddon a PLC-Based Worm?

Three German security researchers have presented a PLC-based worm with Proof-of-Concept based on the Siemens SIMATIC S7-1200 PLC. Three German security researchers have presented a PLC-based worm at Black Hat Asia. The proof of concept is based on the Siemens SIMATIC S7-1200 PLC which reminds us all two well of an earlier PLC attacking worm […]