Malware

Pierluigi Paganini October 31, 2017
Experts spotted a new strain of the Sage Ransomware that implements Anti-Analysis capabilities

Security experts from Fortinet spotted a new strain of the Sage ransomware that included new functionalities, such as anti-analysis capabilities. Sage 2.0 is a new ransomware first observed in December and not now it is distributed via malicious spam. Sage is considered a variant of CryLocker ransomware, it is being distributed by the Sundown and RIG exploit kits. The […]

Pierluigi Paganini October 31, 2017
Gaza Cybergang is back, it leverages new tools against new targets

Gaza Cybergang threat actor it is back again, this time it is targeting organizations in the Middle East and North Africa (MENA) region. Gaza Cybergang is a threat actor that is believed to be linked to the Palestinian organization Hamas, it is back again targeting organizations in the Middle East and North Africa (MENA) region. According to the […]

Pierluigi Paganini October 29, 2017
Matrix Ransomware being distributed through malvertising

Security expert Jérôme Segura from Malwarebytes has spotted that Matrix Ransomware has risen again, it is now being distributed through malvertising. Malware researcher Jérôme Segura from Malwarebytes has discovered that Matrix Ransomware is now being distributed through malvertising campaign. #RIGEK drops Matrix ransomware. Payload https://t.co/PruaiZRuw9 SAZ https://t.co/KFwap516h4 pic.twitter.com/tSpl2PCGCA — EKFiddle (@EKFiddle) October 26, 2017 The Matrix Ransomware was first spotted in […]

Pierluigi Paganini October 28, 2017
Documents encrypted by Bad Rabbit ransomware could be recovered without paying ransom

Files Encrypted by Bad Rabbit Recoverable Without Paying Ransom. Some victims of the recent Bad Rabbit attack may be able to recover their files encrypted by the ransomware without paying the ransom. The discovery was made by researchers at Kaspersky Lab that analyzed the encryption functionality implemented by the ransomware. Once the ransomware infects a computer, […]

Pierluigi Paganini October 27, 2017
A new Ursnif Banking Trojan campaign targets Japan

Crooks continues to target Japanese users, now the hackers leverage the Ursnif banking Trojan, aka Gozi, to hit the country. According to researchers at IBM X-Force group, cyber criminals are delivering the infamous malware via spam campaigns that began last month. The Ursnif banking Trojan was the most active malware code in the financial sector in […]

Pierluigi Paganini October 27, 2017
UK Government links the WannaCry attack that crippled NHS to North Korea

UK Government blamed North Korea for the WannaCry attack that affected a third of English hospitals. “This attack, we believe quite strongly that it came from a foreign state,” Ben Wallace, a junior minister for security, told BBC Radio 4’s Today programme. “North Korea was the state that we believe was involved in this worldwide attack,” […]

Pierluigi Paganini October 27, 2017
Bad Rabbit Ransomware leverages the NSA Exploit for lateral movements

Malware researchers at Cisco Talos team discovered the Bad Rabbit Ransomware leverages EternalRomance to propagate in the network. New precious details emerge from the analysis of malware researchers at Cisco Talos and F-Secure who respectively discovered and confirmed the presence an NSA exploit in the Bad Rabbit ransomware. On October 24, hundreds of organizations worldwide were hit by the Bad Rabbit […]

Pierluigi Paganini October 26, 2017
Kaspersky: Hackers used backdoored MS Office key-gen to steal NSA exploits

According to Kaspersky, the PC was hacked after the NSA employee installed a backdoored key generator for a pirated copy of Microsoft Office. More details emerge from the story of the hack of the Kaspersky antivirus that allowed Russian intelligence to stole secret exploits from the personal PC of the NSA staffer. The PC was […]

Pierluigi Paganini October 25, 2017
CSE Malware ZLab – Preliminary analysis of Bad Rabbit attack

We at the CSE Cybsec ZLab have conducted a preliminary analysis of the Bad Rabbit ransomware discovering interesting aspects of the attack. This is just the beginning of a complete report that we will release in the next days, but we believe our findings can be useful for the security community. This malware remembers the notorious NotPetya basically […]

Pierluigi Paganini October 24, 2017
Bad Rabbit ransomware rapidly spreads, Ukraine and Russia most targeted countries

A new strain of malware dubbed Bad Rabbit ransomware has been found rapidly spreading in Russia, Ukraine and elsewhere. A new massive ransomware campaign is rapidly spreading around Europe, the malware dubbed Bad Rabbit has already affected over 200 major organizations mainly in Russia, Ukraine, Germany, Japan, and Turkey in a few hours. The Bad Rabbit ransomware has infected […]