Security experts at FireEye observed the financially motivated group FIN6 adding the LockerGoga and Ryuk ransomware to its arsenal. According to cybersecurity experts at FireEye, the FIN6 cybercrime group is diversifying its activities and added LockerGoga and Ryuk ransomware to its arsenal. Previous attacks conducted by the FIN6 group aimed at compromising point-of-sale (PoS) systems, […]
ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction A few days ago, […]
Security experts at Trend Micro spotted a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application. Trend Micro discovered a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application, the malware also attempts to infect Apple devices (iPhones and […]
Crime without punishment: Group-IB issues a new report on JS-sniffers that infected 2440 websites around the world Group-IB, an international company that specializes in preventing cyberattacks, has issued a new comprehensive report on the analysis of JavaScript-sniffers – a type of malware designed to steal customer payment data from online stores. 2440 infected ecommerce websites […]
Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. Crooks are utilizing hidden “well-known” directories of HTTPS sites running WordPress and Joomla websites to store and serve malicious payloads. Hacked websites were used for several malicious purposes, experts observed compromised WordPress and […]
Cybaze-Yoroi ZLAB malware researchers decided to use the NSA Ghidra suite in a real case study, the analysis of the AZORult malware. Introduction One of the most expected moments in the infosec community during the last few months was, with no doubt, the Ghidra public release. On the 5th of March, at the RSA conference, […]
The popular expert unixfreaxjp analyzed a new China ELF DDoS’er malware tracked as “Linux/DDoSMan” that evolves from the Elknot malware to deliver new ELF bot. Non-Technical-Premise “This report is meant for incident response or Linux forensics purpose, TO HELP admin & IR folks”, with this the very beginning sentence starts the new analysis of one […]
Another ransomware attack made the headlines, this time the victim is the City of Albany, its computer systems were infected with the malware. Computer systems in the City of Albany, New York, were infected with ransomware over the weekend that disrupted some municipal computers. According to Albany Mayor Kathy Sheehan, no personal information belonging to […]
Last week, Earl Enterprises admitted having suffered a payment card data breach from tens of its restaurants over a period of 10 months. Earl Enterprises admitted that hackers have stolen payment card data from tens of its restaurants over a period of 10 months. Restaurants at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Federal Emergency Management Agencys (FEMA) data leak exposes data of 2.3M survivors Malware Static Analysis Microsoft Defender APT now protects also macOS WordPress Social Warfare plugin zero-day exploited in […]