Pierluigi Paganini
October 12, 2016
The DXXD ransomware specifically targets servers and is able to encrypt files on network shares even if they haven’t been mapped. Malware continues to evolve, the last threat in order of time that implemented a singular feature is the DXXD ransomware. The peculiarities of this threat is that it encrypts also file on network shares, even […]
Pierluigi Paganini
October 12, 2016
Microsoft October security bulletins patch tens of vulnerabilities, including four Microsoft zero-day vulnerabilities that have been exploited in the wild. Microsoft has released its monthly Patch Tuesday update that includes a total of 10 security bulletins, five the flaws addressed by the updates are zero-day vulnerabilities affecting Internet Explorer, Edge, Windows and Office products. They could be exploited by […]
Pierluigi Paganini
October 12, 2016
A report published by the Australian Cyber Security Centre confirmed the Australian Bureau of Meteorology hack was powered by foreign cyber spies. In December 2015 the Australian Broadcasting Corporation (ABC) revealed that a supercomputer operated by Australialian Bureau of Meteorology (BoM) was hit by a cyber attack. The Bureau of Meteorology is Australia’s national weather, climate, […]
Pierluigi Paganini
October 12, 2016
Cloudflare firm has published a report that analyzes two recent attacks that were powered by large IoT botnets based on the Mirai Threat. The IoT botnets represent one the most dangerous threats in the security landscape, recently we have assisted to cyber attacks powered by these infrastructures that reached magnitude never seen before. The recent DDoS attacks powered […]
Pierluigi Paganini
October 11, 2016
Kaspersky published a report on cyber espionage activities conducted by StrongPity APT that most targeted Italians and Belgians with watering holes attacks. Experts from Kaspersky Lab have published a detailed report on the cyber espionage activities conducted by the StrongPity APT. The group is very sophisticated, its operations leverage on watering holes attacks and malware to target users […]
Pierluigi Paganini
October 11, 2016
The TV5Monde director-general has told the BBC that his TV was almost destroyed by a targeted cyber attack conducted by the Russian APT28 group. On April 2015, the TV5Monde was hit by a severe cyber attack that compromised broadcasting of transmissions across its medium. The attackers also hijacked the Channel TV5Monde website and social media accounts of […]
Pierluigi Paganini
October 09, 2016
The users of the free version of the popular Spotify online music service have been served malicious advertisements. Spotify users have been targeted by a malvertising campaign, the malicious advertising served to the victims could automatically open a web browser and redirect victims websites hosting malware. Spotify is a popular online music service that allows its […]
Pierluigi Paganini
October 09, 2016
As the Hurricane Matthew batters the South Carolina coast, authorities are warning of a series of cyber attacks against residents. Cyber criminals have no scruples and are ready to bring in any tragic event in their favor. In the past crooks exploited the media interest in tragic events like the Boston Marathon attack and the […]
Pierluigi Paganini
October 08, 2016
OilRig campaign – An Iran-linked hacker group which previously targeted organizations in Saudi Arabia has now set its sights on other countries. Iranian hackers which previously targeted organizations in Saudi Arabia are now targeting organizations in other countries, including the US, as part of a campaign identified as OilRig campaign. In addition to expanding its reach, the group has been enhancing its malware tools. Researchers at Palo Alto Networks have been monitoring the group for some time and have reported observing attacks launched by a threat actor against financial institutions and technology companies in Saudi Arabia and on the Saudi defense industry. This campaign referred to as “OilRig,” by Palo Alto Networks, entails weaponized Microsoft Excel spreadsheets tracked as “Clayslide” and a backdoor called “Helminth.” Bank attacks by the Iran-linked group were analyzed and documented by FireEye in May. Security Week reports that Palo Alto Networks, “discovered that it has also targeted a company in Qatar and government organizations in the United States, Israel and Turkey.” Helminth is delivered, by the threat actors behind OilRig, by way of spear-phishing emails and malicious macro-enabled Excel documents. For instance, in the caseof a Turkish government organization, the Excel file was designed to replicate a login portal for an airline. There are four variants of the Helminth malware and the threat, capable of communicating with its command and control (C&C) server over both HTTP and DNS, can gain information on the infected device and download additional files via a remote server. One type of Helminth malware relies on VBScript and PowerShell scripts. Another is deployed as an executable file. Delivered by […]
Pierluigi Paganini
October 07, 2016
Researchers have been monitoring a campaign dubbed Magecart that compromised many ecommerce websites to steal payment card and other sensitive data. Researchers have been monitoring a campaign in which cybercriminals compromised many e-commerce websites in an effort to steal payment card and other sensitive information provided by their customers. Security experts from cloud-based security solutions provider […]
