Malware

Pierluigi Paganini July 26, 2018
Ransomware attack disrupted some systems of the shipping giant COSCO in the US

The Chinese shipping giant COSCO was reportedly hit by a ransomware based attack, the attack occurred in the American region. According to COSCO a “local network breakdown” disrupted some systems in the United States. Media confirmed the incident was the result of a ransomware attack and quoted a company spokesman as the source. “The China Ocean Shipping […]

Pierluigi Paganini July 26, 2018
Kronos Banking Trojan resurrection, new campaigns spotted in the wild

Researchers from Proofpoint have discovered a new variant of the infamous Kronos banking Trojan that was involved in several attacks in the recent months. The infamous Kronos banking Trojan is back, and according to the experts from Proofpoint it was involved in several attacks in the last months. The malware was first spotted in 2014 by researchers at […]

Pierluigi Paganini July 25, 2018
Hide ‘N Seek botnet also includes exploits for home automation systems

Security experts from Fortinet have discovered that the Hide ‘N Seek botnet is now targeting vulnerabilities in home automation systems. The Hide ‘N Seek botnet was first spotted on January 10th when it was targeting home routers and IP cameras. It was first spotted on January 10th by malware researchers from Bitdefender then it disappeared for a few days, and appeared […]

Pierluigi Paganini July 25, 2018
The Death botnet grows targeting AVTech devices with a 2-years old exploit

A new botnet, tracked as Death botnet has appeared in the threat landscape and is gathering unpatched AVTech devices with an old exploit. A new botnet, tracked as ‘Death botnet,’ has appeared in the threat landscape, its author that goes online with the moniker EliteLands is gathering unpatched AVTech devices in the malicious infrastructure. AVTech […]

Pierluigi Paganini July 24, 2018
DHS – Russian APT groups are inside US critical infrastructure

The US Government is warning of continuous intrusions in National critical infrastructure and it is blaming the Kremlin for the cyber attacks. According to the US Department of Homeland Security, Russia’s APT groups have already penetrated America’s critical infrastructure, especially power utilities, and are still targeting them. These attacks could have dramatic consequence, an attack against […]

Pierluigi Paganini July 23, 2018
The source code of the Exobot Android banking trojan has been leaked online

The source code of the Exobot Android banking trojan has been leaked online, researchers already verified its authenticity. The source code of the Exobot Android banking trojan has been leaked online and experts believe that we will soon assist at a new wave of attacks based on the malware. The Exobot Android banking trojan was first spotted at the end […]

Pierluigi Paganini July 23, 2018
CSE Malware ZLab – APT-C-27 ’s long-term espionage campaign in Syria is still ongoing

Researchers at CSE Cybsec ZLab analyzed a malicious code involved in a long-term espionage campaign in Syria attributed to a APT-C-27 group. A few days ago, the security researcher Lukas Stefanko from ESET discovered an open repository containing some Android applications.   The folder was found on a compromised website at the following URL: hxxp://chatsecurelite.uk[.]to […]

Pierluigi Paganini July 22, 2018
TA505 gang abusing PDF files embedding SettingContent-ms to distribute FlawedAmmyy RAT

Proofpoint uncovered a massive malspam campaign leveraging emails delivering weaponized PDF documents containing malicious SettingContent-ms files. Security experts from Proofpoint have uncovered a massive malspam campaign, crooks sent hundreds of thousands of emails delivering weaponized PDF documents containing malicious SettingContent-ms files. Experts attributed the malspam campaign to the cybercriminal group tracked as TA505, the attackers […]

Pierluigi Paganini July 21, 2018
Experts discovered Calisto macOS Trojan, the first member of Proton RAT family

Security experts from Kaspersky Lab have discovered a precursor of the infamous Proton macOS malware that was named Calisto. Malware researchers from Kaspersky Lab have discovered a malware, tracked as Calisto, that appears to be to the precursor of the Proton macOS malware. “We recently came across one such sample: a macOS backdoor that we named Calisto. The […]

Pierluigi Paganini July 18, 2018
QUASAR, SOBAKEN AND VERMIN RATs involved in espionage campaign on Ukraine

Security experts from ESET uncovered an ongoing cyber espionage campaign aimed at Ukrainian government institutions and involving three different RATs, including the custom-made VERMIN. Security researchers from ESET uncovered an ongoing cyber espionage campaign aimed at Ukrainian government institutions, attackers used at least three different remote access Trojans (RATs). The campaign was first spotted in January by […]