Malware

Pierluigi Paganini September 18, 2015
Thousands of legitimate WordPress sites are serving malware

Sucuri has noticed a spike in the number of compromised websites as part of a malware campaign which relies on thousands of compromised WordPress sites. According to security experts at Sucuri, threat actors have hijacked thousands of websites running the WordPress CMS to serve malware. The technique is not new, legitimate compromised websites host malicious […]

Pierluigi Paganini September 18, 2015
MWZLesson POS Trojan borrows code from other malware

Security experts at Doctor Web have discovered a new PoS Trojan dubbed MWZLesson that borrows code from other popular malicious software. Security experts at Dr. Web have discovered a new PoS Trojan that was designed by mixing code from other malware. The new PoS Trojan, dubbed Trojan.MWZLesson, was designed reusing the code of other popular malware, including the Dexter PoS […]

Pierluigi Paganini September 17, 2015
The DUKES APT – 7 years of Russian state sponsored hacking

F-Secure has published an interesting report on the cyber espionage operations conducted by the Dukes APT group, which appears linked to the Kremlin. Security researchers at F-Secure have published an interesting report detailing the cyber espionage operation of a Russian APT group, dubbed the Dukes, the experts speculate the group is backed by the Russian government. […]

Pierluigi Paganini September 17, 2015
Operation Iron Tiger, hackers target US Defense Contractors

Experts at Trend Micro uncovered the Operation Iron Tiger, a cyber espionage campaign carried out by Chinese hackers on United States Defense Contractors. Security experts at Trend Micro have uncovered a new targeted attack campaign dubbed Operation Iron Tiger. Threat actors behind the Operation Iron Tiger have stolen trillions of data from defense contractors in […]

Pierluigi Paganini September 16, 2015
Hundreds million potential victims of a new advanced malvertising campaign

Experts at MalwareBytes uncovered a massive malvertising campaign, booby-trapped web ads went undetected for weeks leveraging on the Angler Exploit Kit. In August, threat actors behind a number of major malvertising campaigns began to roll out new tactics to avoid the increasing scrutiny of security firms and law enforcement. Security experts at MalwareBytes revealed that crooks […]

Pierluigi Paganini September 14, 2015
SUCEFUL, the first multi-vendor ATM malware

According to the malware researchers at FireEye Labs Suceful is the first multi-vendor ATM malware threatening the banking industry. Experts at FireEye have discovered a new strain of malware dubbed Suceful (Backdoor.ATM.Suceful) specifically designed to target ATMs. Malware designed to hack ATMs are not new, in the past security experts have already detected malicious codes used […]

Pierluigi Paganini September 13, 2015
Lockerpin, the first known Android lock-screen ransomware

Lockerpin is the first known Android lock-screen ransomware to set a phone’s PIN lock that is targeting mainly US mobile users. Once again here we are to discuss a new mobile ransomware, this time the malicious Android app dubbed Android/Lockerpin.A locks out victims by changing lock screen PIN until owners pay a $US500 ransom. Android/Lockerpin.A, the […]

Pierluigi Paganini September 10, 2015
North Korea exploits a 0-day in the South Korea’s principal Word processor

FireEye suspects that the North Korea is responsible for a number of attacks against the South Korea relying a 0day in the South most popular Word processor. Security experts from FireEye speculate that The North Korea has carried out cyber attacks against entities of the South Korea by exploiting a zero-day ( CVE-2015-6585) in a […]

Pierluigi Paganini September 10, 2015
Microsoft fixed the Windows Media Center Hacking Team bug with the Patch Tuesday

This month’s Patch Tuesday features 12 updates including a fix for a Windows Media Center Hacking Team exploits reported to Microsoft by Trend Micro. In June, the Italian surveillance firm Hacking Team suffered a dramatic data breach, attackers leaked internal data of the company, including email messages and source code of the zero-day exploits used […]

Pierluigi Paganini September 10, 2015
Turla APT Group Abusing Satellite Internet Links

Security experts at Kaspersky Lab published a report on the Turla APT revealing the use Satellite links to control its botnet. According to a new analysis published by the experts at Kaspersky Lab reported that the popular Turla APT group exploited poorly secured satellite infrastructure to hide command-and-control operations. Turla APT was active in the last decade, […]