Malware

Pierluigi Paganini July 27, 2021
Hackers flooded the Babuk ransomware gang’s forum with gay porn images

The Babuk ransomware operators seem to have suffered a ransomware attack, threat actors flooded their forum gay orgy porn images. At the end of June, the Babuk Locker ransomware was leaked online allowing threat actors to use it to create their own version of the popular ransomware. The Babuk Locker operators halted their operations at the end […]

Pierluigi Paganini July 26, 2021
No More Ransom helped ransomware victims to save almost €1B

The No More Ransom initiative celebrates its fifth anniversary, over 6 million victims of ransomware attacks recover their files for free saving almost €1 billion in payments. No More Ransom is celebrating its 5th anniversary, the initiative allowed more than 6 million ransomware victims to recover their files for free saving roughly $1 billion in […]

Pierluigi Paganini July 26, 2021
Hiding Malware inside a model of a neural network

Researchers demonstrated how to hide malware inside an image classifier within a neural network in order to bypass the defense solutions. Researchers Zhi Wang, Chaoge Liu, and Xiang Cui presented a technique to deliver malware through neural network models to evade the detection without impacting the performance of the network. Tests conducted by the experts […]

Pierluigi Paganini July 25, 2021
Crooks target Kubernetes installs via Argo Workflows to deploy miners

Threat actors target Kubernetes installs via Argo Workflows to cryptocurrency miners, security researchers from Intezer warn. Researchers from Intezer uncovered new attacks on Kubernetes (K8s) installs via misconfigured Argo Workflows aimed at deploying cryptocurrency miners. Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters. The experts discovered Argo Workflows instances with […]

Pierluigi Paganini July 25, 2021
XCSSET MacOS malware targets Telegram, Google Chrome data and more

XCSSET macOS malware continues to evolve, now it is able to steal login information from multiple apps, including Telegram and Google Chrome. Security researchers from Trend Micro continues to monitor the evolution of the XCSSET macOS malware, new variants are able to steal login information from multiple apps, including Telegram and Google Chrome, and send […]

Pierluigi Paganini July 24, 2021
Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics

Japanese researchers spotted an Olympics-themed wiper targeting Japanese users ahead of the 2021 Tokyo Olympics. Tokyo Olympics could be a great opportunity for cybercriminals and malware authors, the US FBI warned private US companies of cyberattacks that might attempt to disrupt the 2021 Tokyo Olympics. Researchers from the Japanese security firm Mitsui Bussan Secure Directions (MBSD) […]

Pierluigi Paganini July 23, 2021
Kaseya obtained a universal decryptor for REvil ransomware attack

The software provider Kaseya announced to have obtained a universal decryptor for the REvil ransomware. Earlier this month, a massive supply chain attack conducted by the REvil ransomware gang hit the cloud-based managed service provider platform Kaseya, impacting both other MSPs using its VSA software and their customers. The VSA tool is used by MSPs to perform […]

Pierluigi Paganini July 23, 2021
Threat Report Portugal: Q2 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from April to June, Q2, of 2021 The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is also supported […]

Pierluigi Paganini July 22, 2021
CISA analyzed stealthy malware found on compromised Pulse Secure devices

U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products. Experts pointed out […]

Pierluigi Paganini July 21, 2021
XLoader, a $49 spyware that could target both Windows and macOS devices

Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware.  FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is […]