Malware

Pierluigi Paganini March 27, 2018
Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram

Who is behind the newborn Grey Heron surveillance company? According to an investigation conducted by Motherboard, the firm is linked to the Italian surveillance firm Hacking Team. The development and sale of surveillance software is a profitable business, many government agencies use spyware for different purposes, in some their involvement is very questionable. Early this month, […]

Pierluigi Paganini March 27, 2018
GoScanSSH Malware spread avoiding Government and Military networks

Security experts at Cisco Talos discovered a new piece of malware dubbed GoScanSSH that was being used to compromise SSH servers exposed online. Security researchers at Cisco Talos have discovered a new piece of malware dubbed GoScanSSH that was being used to compromise SSH servers exposed online. The malicious code was written in Go programming language, uncommon for […]

Pierluigi Paganini March 23, 2018
City of Atlanta paralyzed by a ransomware attack, is it SAMSAM?

Computer systems in the City of Atlanta were infected by ransomware, the cyber attack was confirmed by the City officials. The city learned of the attack at around 5:40 am local time on Thursday. On Thursday, Mayor Keisha Lance Bottoms announced on Thursday that a malware has taken in hostage some internal systems, city’s data were encrypted. Mayor @KeishaBottoms holds […]

Pierluigi Paganini March 22, 2018
TeleRAT, a new Android Trojan that uses Telegram for data exfiltration

Security experts at Palo Alto Networks discovered a new Android Trojan dubbed TeleRAT that uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT appears to be originating from and/or to be targeting individuals in Iran, experts found similarities with another Android malware dubbed IRRAT Trojan, which also leverages […]

Pierluigi Paganini March 18, 2018
The Book : Digging the Deep Web: Exploring the dark side of the web

My new book, titled ‘Digging the Deep Web: Exploring the dark side of the web’ is available online, enjoy it. It’s a pleasure and an honor for me to announce the availability of my book “Digging the Deep Web: Exploring the dark side of the web“ Kindle Edition — Paper Copy What is the Deep Web and […]

Pierluigi Paganini March 18, 2018
Hackers tried to cause a blast at a Saudi petrochemical plant

A new cyber attack against a Saudi petrochemical plant made the headlines, hackers attempted to hit the infrastructure in August. Do you remember the powerful cyber attack that in 2012 hit computers at Saudi Aramco? A new cyber attack against a petrochemical plant in Saudi Arabia made the headlines, hackers attempted to hit the infrastructure in August. […]

Pierluigi Paganini March 17, 2018
Chinese APT Group TEMP.Periscope targets US Engineering and Maritime Industries

The China-linked APT group Leviathan. aka TEMP.Periscope, has increased the attacks on engineering and maritime entities over the past months. Past attacks conducted by the group aimed at targets connected to South China Sea issues, most of them were research institutes, academic organizations, and private firms in the United States. The group has also targeted professional/consulting services, high-tech industry, […]

Pierluigi Paganini March 16, 2018
GandCrab ransomware evolves thanks to an AGILE development process

According to Check Point report, the authors of the prolific GandCrab ransomware are continuously improving their malware by adopting the AGILE development process. Early February experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. The GandCrab was advertised in Russian hacking communities, researchers noticed that […]

Pierluigi Paganini March 15, 2018
The RottenSys botnet is already composed of nearly 5 million Android devices

RottenSys – A Chinese crime ring is building a huge botnet that is already composed of nearly 5 million Android device. Researchers at Check Point discovered attackers infecting the device with a strain of malware dubbed RottenSys that aggressively display ads on victims’ devices. “The Check Point Mobile Security Team has discovered a new widespread malware family […]

Pierluigi Paganini March 15, 2018
Qrypter RAT hits 243 organizations worldwide in February

Qrypter RAT hits 243 organizations worldwide in February 2018, its popularity in the cybercrime ecosystem continues to increase. A new strain of remote access Trojan dubbed Qrypter RAT (aka Qarallax, Quaverse, QRAT, and Qontroller) hit hundreds of organizations worldwide. The malware was spotted by security firm Forcepoint, it has been around for a couple of years, […]