Malware

Pierluigi Paganini March 30, 2017
Nuclear Bot source code leaked online, a new threat will rapidly spread in the wild

The source code for a new banking Trojan dubbed Nuclear Bot was leaked online, experts speculate a rapid diffusion of the threat in the wild. The source code for a new banking Trojan, dubbed Nuclear Bot, is available for sale in the cyber criminal underground.The Nuclear Bot banking Trojan first appeared in the cybercrime forums […]

Pierluigi Paganini March 30, 2017
Imperva observed a new variant of the Mirai botnet unleashes 54-Hour DDoS attack

According to security experts at Imperva, a newly discovered variant of the Mirai botnet was used to power a 54-hour DDoS attack. According to security experts at Imperva, a newly discovered variant of the dreaded Mirai botnet was used to power a 54-hour distributed denial of service (DDoS) attack. The new variant of the Mirai […]

Pierluigi Paganini March 28, 2017
Shamoon 2 – Palo Alto Networks sheds lights on the method for network distribution

Security researchers at Palo Alto Networks have determined that the Shamoon 2 malware uses a rudimentary technique for network distribution. Security researchers at Palo Alto Networks continue to analyze the dreaded Shamoon 2 malware and the recent waves of attacks, now they have determined that the threat uses a rudimentary technique for network distribution. The Shamoon 2 malware […]

Pierluigi Paganini March 25, 2017
Malware posing as Siemens PLC application is targeting ICS worldwide

Findings of the MIMICS project conducted by Dragos Threat Operations Center show a malware posing as Siemens PLC application is targeting ICS worldwide. After the disclosure of the Stuxnet case, the security industry started looking at ICS malware with increasing attention. A malware that infects an industrial control system could cause serious damages and put in danger human lives. […]

Pierluigi Paganini March 25, 2017
CVE-2017-0022 Windows Zero-Day flaw used by AdGholas hackers and it was included in Neutrino EK

The recently patched CVE-2017-0022 Windows Zero-Day vulnerability has been exploited by threat actors behind the AdGholas malvertising campaign and Neutrino EK since July 2016. Microsoft has fixed several security flaws with the March 2017 Patch Tuesday updates. According to security experts at Trend Micro, the list of fixed vulnerabilities includes three flaws that had been exploited […]

Pierluigi Paganini March 25, 2017
Spear phishing campaign targeted Saudi Arabia Government organizations

Security researchers at MalwareBytes have uncovered a spearphishing campaign that targeted Saudi Arabia Government organizations. Security experts at MalwareBytes have spotted a new spear phishing campaign that is targeting Saudi Arabia governmental organizations. According to the experts, the campaign already targeted about a dozen Saudi agencies. Attackers used weaponized Word document and tricked victims into opening them […]

Pierluigi Paganini March 24, 2017
Fortinet researchers spotted a malware that infects both Microsoft and Apple OSs

Malware researchers at Fortinet have discovered a weaponized Word document that is able to start the infection process on both Microsoft and Apple OSs. Security researchers at Fortinet have spotted a weaponized Word document that has been designed to spread malware on either Microsoft Windows or Mac OS X, it is able to determine which OS […]

Pierluigi Paganini March 23, 2017
Rogue Cellphone towers used to spread the Android Swearing Trojan

Chinese scammers are deploying rogue cellphone towers to spread the Android Swearing Trojan via malicious URL in SMS messages. Chinese scammers are deploying fake mobile base stations to spread the Android Swearing Trojan in text messages. The attackers have improved the well-known Smishing attack using rogue cell phone towers as the attack vector and distribute the Android […]

Pierluigi Paganini March 20, 2017
Kirk ransomware – A Star Trek Themed Ransomware that requests Monero payments

The researchers have discovered a new piece of ransomware featuring a Star Trek theme, dubbed Kirk ransomware, the first one accepting Monero payments. Ransomware continues to be one of the most profitable cyber threats, for this reason, every week we see new strains of malware in the wild. The researchers have discovered a new piece […]

Pierluigi Paganini March 19, 2017
Arbor Networks linked a new Acronym Malware to the Potao Express campaign

Security experts at Arbor Networks linked a new Acronym malware to the malicious code used by threat actors behind the Operation Potao Express. Security experts at Arbor Networks have spotted a new strain of malware that could be linked to the malicious code used by threat actors behind the Operation Potao Express. The researchers started […]