Malware

Pierluigi Paganini March 08, 2017
Dahua Video Recorders and Cameras affected by a serious flaw. Is it a backdoor?

The manufacture Dahua Technology has started releasing firmware updates fix a serious flaw in some models of its video recorders and IP cameras. Security experts believe the flaw is a true backdoor that could be used to remotely access the user database containing usernames and hashed passwords. The backdoor was discovered by a researcher that is known online as “bashis.” Once the attacker […]

Pierluigi Paganini March 07, 2017
Kaspersky Lab discovered a new sophisticated Shamoon-Linked malware dubbed StoneDrill

The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten. Researchers at Kaspersky Lab have discovered further information about the dreaded Shamoon 2 malware. The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten (aka Newscaster and […]

Pierluigi Paganini March 05, 2017
Hackers who breached Barts NHS Trust exploited a zero-day vulnerability

In January, a cyber attack breached some systems at Barts NHS Trust and forced them offline. Hackers exploited a zero-day vulnerability. In January, a cyber attack breached some systems at Barts NHS Trust and forced them offline. Barts Health Trust runs the Royal London, St Bartholomew’s, Whipps Cross, Mile End and Newham hospitals. The hackers used […]

Pierluigi Paganini March 03, 2017
Talos team spotted a PowerShell malware that uses DNS queries to contact the C2

Researchers from Cisco Talos team spotted a new strain of malware that leverages PowerShell scripts to fetch commands from DNS TXT records. Malware researchers at Cisco Talos have published a detailed analysis on a targeted attack leveraging a weaponized Microsoft Word document that is spread in spam emails as an attachment. The malicious code used in the […]

Pierluigi Paganini March 02, 2017
Alleged Master Keys for the Dharma Ransomware Leaked on BleepingComputer

Good news for the victims of the Dharma Ransomware, someone has released the alleged Master Keys on the BleepingComputer.com forums. The alleged Master Keys for the Dharma Ransomware has been released by someone on BleepingComputer.com forums. A member using the online moniker ‘gektar‘ published a post containing a Pastebin link to a header file in C programming […]

Pierluigi Paganini March 01, 2017
Phishing Trends Report – 2016 ended as the worst year for phishing in history

The Anti-Phishing Working Group (APWG) published the Phishing Trends Report for Q4 2016. APWG reported 1.2 million phishing attacks in 2016. The Anti-Phishing Working Group (APWG) published the Phishing Trends Report for Q4 2016. The data are worrisome, 2016 ended as the worst year for phishing in history. The experts reported the total number of phishing attacks in 2016 […]

Pierluigi Paganini March 01, 2017
Dridex v4, the dreaded malware has been improved with AtomBombing technique

Malware author are using Dridex v4 in the wild, an improved version of the Trojan that includes a new injection method known as AtomBombing. According to researchers with IBM X-Force, vxers have improved the Dridex banking Trojan adding a new injection method for evading detection, the technique is known as AtomBombing. The researchers have spotted […]

Pierluigi Paganini February 28, 2017
The Gamaredon Group is back with new weapons in its arsenal

The Russian state-actor dubbed Gamaredon is back and has been using a custom-developed malware in a new cyber espionage campaign. According to the experts from Palo Alto Networks, a Russian state-actor dubbed Gamaredon has been using a custom-developed malware in cyber espionage campaign on the Ukrainian government, military and law enforcement officials. The Gamaredon APT was first spotted in […]

Pierluigi Paganini February 27, 2017
The Necurs botnet is evolving, now includes a DDoS module

The Necurs botnet is evolving and recently the experts at BitSight’s Anubis Labs discovered that it was improved to launch DDoS attacks. The Necurs botnet continues to evolve and recently it was used by crooks not only to spread the dreaded Locky ransomware but he was improved to launch DDoS attacks. According to the researchers BitSight’s […]

Pierluigi Paganini February 26, 2017
Shamoon 2 malware, ASERT has shed light on the C2 and the infection process

The analysis conducted by Arbor Networks on the Shamoon 2 malware has shed light on the control infrastructure and the infection process. Security researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) have conducted a new analysis of the Shamoon 2 malware discovering further details on the tools and techniques used by the threat […]