Cyber Crime

Pierluigi Paganini October 16, 2019
Chinese-speaking cybercrime gang Rocke changes tactics

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past, has now using news tactics to evade detection. The group has been observed using new tactics, techniques, and procedures (TTPs), it is also […]

Pierluigi Paganini October 15, 2019
Global Shipping and mailing services firm Pitney Bowes hit by ransomware attack

The global shipping and mailing services company Pitney Bowes suffered a partial outage of its service caused by a ransomware attack. The Pitney Bowes company announced that a ransomware attack infected its systems and cause a partial system outage that made some of its service unavailable for some customers. Pitney Bowes is a global technology company […]

Pierluigi Paganini October 14, 2019
Is Emotet gang targeting companies with external SOC?

Cybercrime gang behind the Emotet malware is targeting organization with external SOC with emails claiming to deliver a SOC “weekly report.” Introduction The group behind Emotet malware is getting smarter and smarter in the way they deliver such a Malware. While the infection schema looks alike from years; the way the group tries to infect victims improves from day […]

Pierluigi Paganini October 13, 2019
Alabama Hospital chain paid ransom to resume operations after ransomware attack

An Alabama hospital chain announced to have restored normal operation after paying the ransom request by crooks that infected its systems with ransomware. A hospital chain in west Alabama was recently hit by a ransomware attack that paralyzed its systems. The organization opted out to pay the ransom and announced to have restored normal operation. […]

Pierluigi Paganini October 13, 2019
Security Affairs newsletter Round 235

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Hacker is auctioning a database containing details of 92 million […]

Pierluigi Paganini October 12, 2019
FIN7 Hackers group is back with a new loader and a new RAT

FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. Security experts at FireEye Mandiant discovered that the FIN7 hacking group has added new tools to its arsenal, including a new loader and a module that hooks into the legitimate […]

Pierluigi Paganini October 11, 2019
Researchers released a free decryptor for the Nemty Ransomware

Good news for the victims of the Nemty Ransomware, security researchers have released a free decryptor that could be used to recover files. I have great news for the victims of the recently discovered Nemty Ransomware, security researchers have released a free decryptor tool that could be used to recover files. In mid-August, the Nemty […]

Pierluigi Paganini October 11, 2019
Hacker breached escort forums in Italy and the Netherlands and is selling user data

Popular prostitution and escort forums in Italy and the Netherlands have been hacked and data have been offered for sale in the cybercrime underground. A Bulgarian hacker known as InstaKilla has breached two online escort forums and stole the user information that he is now offering for sale on a hacking forum. The two escort […]

Pierluigi Paganini October 10, 2019
iTunes Zero-Day flaw exploited by the gang behind BitPaymer ransomware

The gang behind BitPaymer and ransomware attacks has been found exploiting Windows zero-day for Apple iTunes and iCloud. The cybercriminals behind BitPaymer and iEncrypt ransomware attacks have been found exploiting a Windows zero-day vulnerability for Apple iTunes and iCloud in attacks in the wild. The zero-day vulnerability resides in the Bonjour updater that comes packaged with […]

Pierluigi Paganini October 08, 2019
Experts found a link between a Magecart group and Cobalt Group

Researchers from MalwareBytes and HYAS Threat Intelligence linked one of the hacking groups under the Magecart umbrella to the notorious Cobalt cybercrime Group. Hacker groups under the Magecart umbrella continue to target organizations worldwide to steal payment card data with so-called software skimmers. Security firms have monitored the activities of a dozen groups at least since 2010.  According to […]