Malware

Pierluigi Paganini July 12, 2016
JIGSAW ransomware defeated once again, decrypt your files for free

If you are one of the victims of the Jigsaw ransomware there is a good news for you, experts from CheckPoint Security have defeated it once again. Let’s start the day with a  good news, the Jigsaw ransomware has been decrypted again. The JIGSAW ransomware was first spotted in April when experts noticed that the threat slowly […]

Pierluigi Paganini July 11, 2016
The hidden link between the Angler EK drop and the Lurk gang

Experts from Talos team have found a link between the drop in the Angler Kit usage and the crackdown against the Lurk gang. Security experts believe to have found a link between the drop in the Angler Kit usage and the crackdown against the Lurk gang. Law enforcement arrested suspects in June, authorities accused them […]

Pierluigi Paganini July 11, 2016
Be careful backdoored Pokemon GO Android App spotted in the wild

ProofPoint have found in the wild a backdoored version of the popular Pokemon GO Android App that could allow attackers to gain control over victim’s device The gamers are going crazy for the last Nintendo game Pokemon GO which uses augmented reality , the mobile app is used by players to walk around and collect […]

Pierluigi Paganini July 10, 2016
Realstatistics campaign leads to ransomware via compromised sites

Threat actors in the wild are behind the Realstatistics campaign are leveraging on out-of-date CMSs to deliver the CryptXXX ransomware. Security experts from Sucuri security firm have spotted a new ransomware-based campaign dubbed ‘Realstatistics’ conducted by threat actors in the past two weeks. “Our Incident Response Team (IRT) has been tracking a mass infection campaign over the […]

Pierluigi Paganini July 09, 2016
NetTraveler APT still targets European and Russian interests

Security experts from ProofPoint have spotted a new campaign operated by the APT Group NetTraveler that is targeting Russian and European organizations. NetTraveler is an ATP group first spotted by Kaspersky in 2013, when researchers discovered an espionage activity against over 350 high profile victims from 40 countries. The name of the operation derives from the malicious […]

Pierluigi Paganini July 07, 2016
Watch out the Satana ransomware is comining

A newly emerging strain of malware dubbed Satana, which was first spotted last week, appears to be basing itself on crypto-lockers Petya and Mischa. Experts from Malwarebytes Labs have described the malicious software to be in the stage of “malware-in-development” with expected growth and evolution to occur over the coming weeks as its popularity and use […]

Pierluigi Paganini July 07, 2016
Unmasking malware’s use of TLS without flow decryption

Researchers devised a method to unmask malware’s use of TLS without decrypting the data flow. The technique relies on analysis of observable data features. A team of security experts from Cisco demonstrated that it is possible to detect a malware in TLS connections without decrypting the traffic and block it. The researchers Blake Anderson, Subharthi Paul […]

Pierluigi Paganini July 07, 2016
New Locky variant – Zepto Ransomware Appears On The Scene

New threat dubbed Zepto Ransomware is spreading out with a new email spam campaign. It is a variant of the recent Locky Ransomware. The news was recently reported in a blog post by the Cisco Talos team: “We are watching Zepto very carefully. It’s closely tied to Locky, sharing many of the same attributes,” said Craig Williams, […]

Pierluigi Paganini July 07, 2016
Eleanor malware uses a Tor backdoor to control Macs

A malicious application named EasyDoc Converter.app delivers a sophisticated malware dubbed Eleanor malware that opens a Tor backdoor on the victim’s machine. Experts from security firm Bitdefender have spotted a new malware, dubbed Eleanor malware (Backdoor.MAC.Eleanor), that once compromised Macs set up a backdoor through Tor network. The malicious application, dubbed EasyDoc Converter.app, pretend to be a […]

Pierluigi Paganini July 06, 2016
Espionage SBDH Toolkit used to target European Countries

ESET security firm has uncovered an espionage toolkit dubbed SBDH that was used in espionage campaigns targeting government organizations in Europe. Security experts from ESET security firm have spotted an espionage toolkit dubbed SBDH that was used by threat actors in hacking operations targeting government organizations in Europe. The research observed infections in many countries, including […]