Malware

Pierluigi Paganini January 29, 2016
CenterPOS – The evolution of POS malware

Security Experts at FireEye discovered a new strain of POS malware dubbed CenterPOS that is threatening the retail systems. In the last 2/3 years, we have seen a significant increase in the number of POS malware, their diffusion is becoming even more worrying. We read about many high-profile breaches that involved high-complex malware targeting payment systems […]

Pierluigi Paganini January 29, 2016
Two thirds of the Android devices are vulnerable to Lockdroid ransomware

Experts at Symantec detected Lockdroid a new piece of Android ransomware capable of locking devices and fully wiping user data via factory resets. A new strain of ransomware called Lockdroid (Android.Lockdroid.E) is threatening Android users. The mobile ransomware has been detected by experts at Symantec, it is able to lock the device, change the PINs, […]

Pierluigi Paganini January 29, 2016
ATP group uses Word Docs to drop BlackEnergy Malware

The APT group behind the attacks against critical infrastructure in Ukraine is spreading BlackEnergy malware through specially crafted Word documents. Malicious campaigns leveraging the BlackEnergy malware are targeting energy and ICS/SCADA companies from across the world. The threat actors behind the recent attacks based on the popular malware are now targeting critical infrastructure in Ukraine. In […]

Pierluigi Paganini January 27, 2016
Hackers are blackmailing the creator of Open-Source Ransomware

The Turkish security researcher Utku Sen was blackmailed by hackers behind the Magic ransomware to close his projects. The developers behind the open source-based “Magic” ransomware are blackmailing the creator of Hidden Tear and EDA2 in order to force the developer to abandon the projects. Recently I have written about the RANSOM_CRYPTEAR.B ransomware developed Utku Sen starting from a proof-of-concept […]

Pierluigi Paganini January 27, 2016
Israeli Public Utility Authority hit by a severe cyber attack

The Israeli Public Utility Authority is suffering one of the largest cyber attack that the country has experienced, Minister of Infrastructure, Energy and Water Yuval Steinitz said on Tuesday. The Israel’s Minister of Infrastructure, Energy and Water, Yuval Steinitz, told CyberTech 2016 attendees in Tel Aviv that the Israeli Public Utility Authority suffered a severe cyber attack. […]

Pierluigi Paganini January 26, 2016
A new wave of attacks linked to the Codoso ATP Group

According to Palo Alto Networks’ Unit 42 the Chinese APT group Codoso has been targeting organizations in various industries in a new wave of cyber attacks. The group of experts at Palo Alto Networks Unit 42 have uncovered a new cyber espionage operation conducted by the Chinese AT Codoso  (aka C0d0so0 or Sunshop Group). The Codoso hacking crew has been […]

Pierluigi Paganini January 25, 2016
A flaw in TeslaCrypt ransomware allows file recovering

The victims of the infamous TeslaCrypt ransomware can now rejoice, there is a free tool to decrypt files encrypted by TeslaCrypt and TeslaCrypt 2.0 TeslaCrypt is one of the most insidious ransomware first detected in the wild in 2015, today I have a good news for its victims. TeslaCrypt was first detected in February 2015, the […]

Pierluigi Paganini January 25, 2016
Operators behind Angler Exploit Kit included CryptoWall 4.0

The latest variant of CryptoWall 4.0, one of the most popular and dangerous ransomware threats, has been recently added to the infamous Angler Exploit Kit. In my 2016 Cyber Security Predictions, I have predicted the criminal practices of the extortion will reach levels never seen before. Cyber criminals will threaten victims with ransomware and DDoS attack in […]

Pierluigi Paganini January 22, 2016
Be careful Facebook users, you are under attack!

Facebook users are receiving malicious email delivering malware masquerading as audio message, a similar campaign also targeted WhatsApp users. Social media and instant messaging application are a privileged vector for cyber threats, in many cases bad actors exploited them to spread malicious links and infect a large number of users. Now a new campaign is targeting […]

Pierluigi Paganini January 21, 2016
A new Drydex campaign targeted British businesses

Security experts at IBM X-Force team discovered a new hacking campaign based on the infamous Dridex trojan. Security experts at IBM X-Force team discovered a new wave of attacks based on the Dridex malware targeting British businesses. The malware has targeted rich UK bank accounts in a new campaign that is operated by threat actors well-resourced, a criminal […]