Malware

Pierluigi Paganini March 30, 2016
TreasureHunt PoS Malware targets small retailers and banks

Security experts at FireEye have spotted the activity of a criminal organization that using the custom PoS malware TreasureHunt to target small retailers. Security experts at FireEye have spotted the activity of a criminal organization that using custom PoS malware family to target retailers. Hackers are using the PoS malware dubbed TreasureHunt or TreasureHunter to steal payment card data and sells […]

Pierluigi Paganini March 29, 2016
Bitdefender Vaccine now supports also CTB-Locker, Locky, TeslaCrypt

The prevention is better that the cure, users can immunize their PC against CTB-Locker, Locky and TeslaCrypt using Bitdefender Anti-ransomware vaccine. Security experts from the Romanian security vendor Bitdefender have updated their anti-ransomware vaccine in order to protect machines from the latest versions of the CTB-Locker, Locky and TeslaCrypt ransomware. According data recently published by […]

Pierluigi Paganini March 29, 2016
USB Thief, the new USB-based data stealing Trojan

USB Thief, the new USB-based data-stealing Trojan discovered by ESET that relies on USB devices in order to spread itself and infect also air-gapped systems Security researchers at ESET have discovered a new insidious data-stealer, dubbed USB Thief (Win32/PSW.Stealer.NAI), that relies on USB devices in order to spread itself. USB Thief is able to infect […]

Pierluigi Paganini March 28, 2016
PowerWare ransomware, a new fileless threat in the wild

Experts at Carbon Black spotted in the wild a new threat dubbed PowerWare ransomware that exploits PowerShell, the native Windows framework. Authors of ransomware are implementing new features to make their malware even more dangerous and effective. Yesterday I wrote about the new Petya ransomware, which overwrites MBR causing a blue screen of death, now I […]

Pierluigi Paganini March 27, 2016
PETYA ransomware overwrites MBR causing a blue screen of death

The Petya ransomware causes a blue screen of death (BSoD) by overwriting the MBR and leaves a ransom note at system startup. Ransomware is one of the most dangerous threats of this first part of the year, recently experts at TrendMicro has spotted a new malicious code dubbed Petya (RANSOM_PETYA.A) that overwrites MBR to lock users out […]

Pierluigi Paganini March 25, 2016
EC Council Website Hacked and used to serve malicious code

Researchers at Fox-IT warn that the website of security certification provider EC Council has been compromised to host the malicious Angler Exploit Kit. No one is secure, we are all potential targets, even if you are a skilled expert and the fact that I’m going to tell you demonstrates it. The website of security certification provider […]

Pierluigi Paganini March 23, 2016
The FBI is investigating ransomware-based attack at Methodist Hospital

The FBI is investigating cyber-attack at Methodist Hospital in Henderson, once again a ransomware hit a critical infrastructure. Ransomware is one of the most dangerous cyber threats for businesses and government organizations, the number of infections worldwide is in constant increase. Recently I reported the discovery in the wild of the a new variant of the TeslaCrypt, […]

Pierluigi Paganini March 20, 2016
Olympic Vision BEC attacks target businesses worldwide with keyloggers

Trend Micro discovered a Business Email Compromise Campaign leveraging on the Olympic Vision keylogger that targets Middle East and Asia Pacific Companies. A new malware-based campaign is targeting key employees from companies in the US, Middle East and Asia. The attackers are using malware in a classic business email compromise (BEC) attack in order to […]

Pierluigi Paganini March 19, 2016
Be aware the unbreakable TeslaCrypt 4 was detected in the wild

According to the experts at Heimdal Security firm, the ransomware Teslacrypt 4 arrived and it is infecting systems in the wild. According to the experts at Heimdal Security, the fourth version of the infamous Teslacrypt ransomware has just been launched. Teslacrypt  4 implements new functionalities and is more stable of previous versions, stability, it also […]

Pierluigi Paganini March 18, 2016
New Android Gmobi adware found in firmware and popular apps

Malware researchers at the Dr Web firm have found an Android malware named Gmobi specifically designed to spread as a software development kit (SDK). Malware researchers at security firm Dr.Web have detected a new strain of malware that was specifically designed to spread as a software development kit (SDK) used by  software developers and mobile device […]