Malware

Pierluigi Paganini July 12, 2019
Exclusive, experts at Yoroi-Cybaze ZLab released a free decryptor for Loocipher Ransomware

Exclusive – Malware researchers at Yoroi-Cybaze ZLab have released a free decryptor tool for the Loocipher Ransomware. Ransomware continues to be an easy way to monetize the criminal efforts and for this reason new malware appear in the threat landscape. Loocipher is a new threat that is rapidly spreading, its functionalities are pretty straight forward […]

Pierluigi Paganini July 12, 2019
CVE-2019-1132 Windows Zero-Day exploited by Buhtrap Group in government attack

The CVE-2019-1132 flaw addressed by Microsoft this month was exploited by Buhtrap threat actor to target a government organization in Eastern Europe. Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, including two privilege escalation flaws actively exploited in the wild. The first vulnerability, tracked as CVE-2019-1132, affects the Win32k component and could be […]

Pierluigi Paganini July 11, 2019
Agent Smith Android malware already infected 25 million devices

‘Agent Smith’ is a new malware discovered by Check Point researchers that replaces legit Android Apps with malicious ones that infected 25 Million devices worldwide. Researchers at Check Point recently discovered a new variant of Android malware, dubbed Agent Smith, that has already infected roughly 25 million devices. The malware is disguised as a Google […]

Pierluigi Paganini July 11, 2019
A new NAS Ransomware targets QNAP Devices

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. NAS servers are a privileged target for hackers because they normally store […]

Pierluigi Paganini July 11, 2019
New FinFisher spyware used to spy on iOS and Android users in 20 countries

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. According to the experts, the new versions […]

Pierluigi Paganini July 09, 2019
Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016

The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. Now experts at Kaspersky confirmed that the malware was […]

Pierluigi Paganini July 09, 2019
A new Astaroth Trojan Campaign uncovered by Microsoft

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan. The malware is able to log the users’ keystrokes, collect information through hooking, access clipboard content, and monitor […]

Pierluigi Paganini July 08, 2019
Cyberattack shuts down La Porte County government systems

Government computer systems at La Porte County, Indiana, were shut down after a cyber attack hit them on July 6. Experts believe it was a ransomware attack. On July 6, a cyber attack brought down government computer systems at La Porte County, Indiana. At the time of writing, there were only a few details about […]

Pierluigi Paganini July 08, 2019
Spotting RATs: Delphi wrapper makes the analysis harder

Experts observed an increase of the malware spreading using less-known archive types as dropper,in particular ISO image.Delphi wrapper makes analysis harder Introduction In the last period, we observed an increase of the malware spreading using less-known archive types as an initial dropper, in particular, ISO image. The spread of threats exploiting ISO image to hide […]

Pierluigi Paganini July 07, 2019
Croatia government agencies targeted with news SilentTrinity malware

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. The SilentTrinity malware can take control over an infected computer, […]