Malware

Pierluigi Paganini December 02, 2017
Kaspersky case – Now we know who is the NSA hacker who kept Agency’s cyber weapons at home

A former NSA hacker pleaded guilty on Friday to illegally taking classified documents home, which were later stolen by Russian cyber spies. A member of the US National Security Agency Tailored Access Operations hacking team, Nghia Hoang Pho (67) pleaded guilty in a US district court in Baltimore on Friday to one count of willful retention of national defense […]

Pierluigi Paganini December 01, 2017
Reading the NTT 2017 Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence Report

NTT Security, a company of the tech giant NTT Group focused on cyber security, has released its 2017 Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence Report. The research includes data collected over the last three months from global NTT Security managed security service (MSS) platforms and a variety of open-source intelligence tools and honeypots. The report […]

Pierluigi Paganini November 30, 2017
New variants of the UBoatRAT RAT hits targets in East Asia

Palo Alto Networks discovered a custom RAT dubbed UBoatRAT that has been used in targeted attacks on personnel or organizations related to South Korea. Security experts from Palo Alto Networks discovered custom remote access Trojan (RAT) dubbed UBoatRAT that has been used in targeted attacks on personnel or organizations related to South Korea and the video gaming […]

Pierluigi Paganini November 28, 2017
Google detects Android Tizi Spyware that spies on popular apps like WhatsApp and Telegram

Google identified a new family of Android malware dubbed Tizi spyware by using Google Play Protect, it spies on popular apps like WhatsApp and Telegram. In May, Google introduced the defense system called Google Play Protect to protect the Android devices, it implements a machine learning and app usage analysis to identify any malicious activity on the […]

Pierluigi Paganini November 26, 2017
A new Mirai variant is rapidly spreading, around 100,000 IPs running the scans in the past 60 hours

A new Mirai variant is rapidly spreading, experts observed around 100K IPs running the scans in the past 60 hours searching for flawed ZyXEL PK5001Z routers. According to Li Fengpei, a security researcher with Qihoo 360 Netlab, the publication of the proof-of-concept (PoC) exploit code in a public vulnerabilities database is the root cause of the […]

Pierluigi Paganini November 25, 2017
A new version of the Scarab ransomware is now being distributed via the Necurs botnet

The Scarab ransomware is now being distributed to millions of users via a massive spam campaign powered with the dreaded Necurs botnet. Scarab is a strain of ransomware, first spotted in June by the security researcher Michael Gillespie, that is now being distributed to millions of users via a massive spam campaign powered with the dreaded Necurs […]

Pierluigi Paganini November 23, 2017
Crooks set up a fake Symantec Blog to spread the macOS Proton malware

A new strain of the notorious macOS Proton malware is spreading through a blog spoofing the legitimate blog of the security firm Symantec. The attackers used the same domain registration information of the original site, except for the email address. The SSL digital certificate for the site is a legitimate certificate issued by Comodo instead of the […]

Pierluigi Paganini November 22, 2017
Lazarus APT uses an Android app to target Samsung users in the South Korea

The North Korea linked group Lazarus APT has been using a new strain of Android malware to target smartphone users in South Korea. The hacking campaign was spotted by McAfee and Palo Alto Networks, both security firms attributed the attacks to the Hidden Cobra APT. The activity of the Lazarus APT Group surged in 2014 and 2015, its […]

Pierluigi Paganini November 21, 2017
BankBot Trojan bypasses again security checks implemented by Google for the Play Store

Experts from several security firms has spotted two new malware campaigns targeting Google Play Store users, once of them spreads the BankBot Trojan. Once again crooks succeeded in publishing a malware in the official Google Play Store deceiving the anti-malware protections implemented by the tech giant. A team composed of security experts from several security […]

Pierluigi Paganini November 20, 2017
Experts observed a new wave of wp-vcd malware attacks targeting WordPress sites

Experts from the firm Sucuri observed a new wave of wp-vcd malware attacks that is targeting WordPress sites leveraging flaws in outdated plugins and themes A new malware campaign is threatening WordPress installs, the malicious code tracked as wp-vcd hides in legitimate WordPress files and is used by attackers to add a secret admin user and […]