Cyber Crime

Pierluigi Paganini July 21, 2019
Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw

Hackers breached at least 62 college and university networks exploiting a flaw in Ellucian Banner Web Tailor, a module of the Ellucian Banner ERP. US Department of Education warned that hackers have breached at least 62 college and university networks by exploiting a vulnerability in the Ellucian Banner Web Tailor module of the Ellucian Banner ERP. The module is […]

Pierluigi Paganini July 19, 2019
Dutch police arrested the author of Dryad and Rubella Macro Builders

Dutch authorities announced the arrest of a 20-year old man for allegedly developing Dryad and Rubella Macro Builders. Dutch authorities announced have arrested a 20-year old man that is accused to be the author of Dryad and Rubella Macro Builders. The man lives in Utrecht, it created and distributed Rubella, Cetan and Dryad toolkits. “Recently […]

Pierluigi Paganini July 17, 2019

Threat actors used the Extembro DNS-changer Trojan in an adware campaign to prevent users from accessing security-related websites. Security experts at Malwarebytes observed an adware campaign that involved the Extembro DNS-changer Trojan to prevent users from accessing websites of security vendors. “Recently, we uncovered a new DNS-changer called Extenbro that comes with an adware bundler. […]

Pierluigi Paganini July 16, 2019
Mysterious hackers steal data of over 70% of Bulgarians

Hackers stole data of millions of Bulgarians, and sent it to local media, According to the media the source could be the National Revenue Agency. Hackers have exfiltrated data from a Bulgarian government system, likely the National Revenue Agency (NRA), and have shared it with the local media. The hackers have stolen the personal details […]

Pierluigi Paganini July 16, 2019
DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape

Some of the crooks behind the Dridex Trojan have split from the gang and released a forked version of the BitPaymer ransomware dubbed DoppelPaymer. Cybercrime gang tracked as TA505 has been active since 2014 and focusing on Retail and Banking industries. The group that is known for the distribution of the Dridex Trojan and the Locky ransomware, has released other pieces of […]

Pierluigi Paganini July 14, 2019
For nearly a year, Brazilian users have been targeted with router attacks

Brazilian users have been targeted by a large number of router attacks aimed at modifying the configuration of their routers for malicious purposes. This year, security experts at Avast have blocked more than 4.6 million cross-site request forgery (CSRF) attempts carried out by crooks to execute commands without the users’ knowledge. The campaign uncovered by […]

Pierluigi Paganini July 13, 2019
Magecart group infected over 17,000 domains via unprotected AWS S3 Buckets

The Magecart continues to target websites worldwide, it infected over 17,000 domains by targeting improperly secured Amazon S3 buckets.  The Magecart gang made the headlines again, according to a new report published by RiskIQ, it has infected over 17,000 domains by targeting improperly secured Amazon S3 buckets.  A few days ago, security experts at Sanguine Security have […]

Pierluigi Paganini July 12, 2019
New Miori botnet has a unique protocol for C2 communication

A new variant of the implements a unique protocol to communicate with Command and Control infrastructure A new variant of the Miori botnet uses a unique protocol to communicate with C&C infrastructure, it implements a protection mechanism to access the login panel. The Miori bot borrows the code from the dreaded Mirai malware. it first […]

Pierluigi Paganini July 12, 2019
Hackers stole $32 million from Bitpoint cryptocurrency exchange

BITPoint Japan-based cryptocurrency announced that hackers have stolen more than $32 million (3.5 billion yen) worth of cryptocurrency due to a cyber attack. BITPoint Japan-based cryptocurrency was victim of a cyber attack, the Remixpoint’s subsidiary announced that hackers have stolen more than $32 million (3.5 billion yen) worth of cryptocurrency. BITPoint discovered the security breach […]

Pierluigi Paganini July 12, 2019
CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. The first vulnerability, tracked as CVE-2019-1132, affects the Win32k component and could be […]