Malware

Pierluigi Paganini September 27, 2016
Fancy Bear Hackers use a new Mac Trojan against aerospace industry

Researchers at Palo Alto spotted a new campaign of the Russian Fancy Bear APT using a new Mac OS X Trojan against companies in the aerospace industry. In the last weeks, we have discussed a lot about a string of attacks that targeted the US  Democratic National Committee (DNC), security experts collected evidence of the involvement […]

Pierluigi Paganini September 26, 2016
The Libyan Scorpions group is behind a cyber espionage campaign in Lybia

The Cyberkov Security Incident Response team spotted a cyber espionage campaign in Lybia conducted by a group named Libyan Scorpions. Thinking of Libya we have in mind a non-stable political country where various forces fight for the control of strategic territories and oil productions. but only a few experts know about cyber malicious activities in the area. Evidently, something […]

Pierluigi Paganini September 26, 2016
Security firm Sucuri analyzed tens of thousands of compromised websites

Security firm Sucuri published a detailed study, titled Hacked Website Report for 2016/Q2, on compromised websites on the Internet. According to the security expert Daniel Cid from Sucuri, at least 15,769 WordPress websites have been compromised this year. Sucuri has published a report, titled Hacked Website Report for 2016/Q2, related compromised websites on the web. The […]

Pierluigi Paganini September 22, 2016
RAUM tool allows to spread malware through torrent files

InfoArmor has discovered the RAUM tool in criminal forums, it is a special tool to distribute malware by packaging it with popular torrent files. It is not a novelty, torrent files are a privileged channel for malware diffusion, according to a study conducted by researchers at Digital Citizens Alliance and RiskIQ, almost one-third of the 800 torrent sites […]

Pierluigi Paganini September 22, 2016
iSpy, a new sophisticated commercial keylogger in the criminal underground

The new variant of the popular iSpy keylogger (version 3.x) was available in the criminal underground with sophisticated features. Security researchers at Zscaler warn of a new sophisticated commercial keylogger dubbed iSpy. The malware is a perfect surveillance tool, it was developed to capture victim’s keystroke and screenshots, access webcam, steal user data and license keys […]

Pierluigi Paganini September 21, 2016
Italian security firm spotted BadEpilogue: The Perfect Evasion

Security firm Certego has been detecting multiple viral spam campaigns leveraging a new malware evasion technique it called BadEpilogue. Starting from May 2016, Certego Threat Intelligence platform has been detecting multiple viral spam campaigns using a new evasion technique. These attacks are able to hide malicious attachments inside a specific area of the MIME/Multipart structure and […]

Pierluigi Paganini September 21, 2016
Experts found apps in Google Play serving the Overseer malware to overseas travelers

Google has removed from the Google Play store four apps trojanized with the Overseer malware to target overseas travelers seeking embassy information. Google has removed from the official Google Play store four trojanized apps that targeted overseas travelers seeking embassy information and news for specific European countries. Three apps were named “Embassy”, “European News”, “Russian […]

Pierluigi Paganini September 19, 2016
Vawtrak v2, a close look at the cybercriminal groups behind the threat

Security experts from the cyber threat intelligence firm Blueliv have published a report on the banking Trojan Vawtrak v2 its criminal ecosystem. Security experts from the cyber threat intelligence firm Blueliv have conducted a technical investigation on the banking Trojan Vawtrak v2 and activities of the cybercriminal groups behind the threat. Vawtrak is a threat that has been […]

Pierluigi Paganini September 18, 2016
Hacking industrial processes with and undetectable PLC Rootkit

Two security researchers have developed an undetectable PLC rootkit that will present at the upcoming Black Hat Europe 2016. The energy industry is under unceasing attack, cyber criminals, and state-sponsored hackers continue to target the systems of the companies in the sector. The Stuxnet case has demonstrated to the IT community the danger of cyber attacks, […]

Pierluigi Paganini September 16, 2016
Mamba: The new Full Disk Encryption Ransomware Family Member

A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) Ransomware this week, dubbed Mamba. Mamba, as they named it, uses a disk-level encryption strategy instead of the conventional file-based one. This may be just the beginning of a new era for the Ransomware. In this article, Renato Marinho (@renato_marinho), […]