IT

Pierluigi Paganini May 29, 2020
Himera and AbSent-Loader Leverage Covid19 lures

Researchers at ZLab spotted a new phishing campaign using Covid19 lures to spread Himera and Absent-Loader.   Introduction During our Cyber Defense monitoring activities we intercepted waves of incoming emails directed to many companies under our protective umbrella. These messages were leveraging FMLA (Family and Medical Leave Act) requests related to the ongoing COVID19 pandemics. These […]

Pierluigi Paganini May 29, 2020
An archive with 20 Million Taiwanese’ citizens leaked in the dark web

Security experts from Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. According to the experts, the leak includes government data of an entire country, […]

Pierluigi Paganini May 28, 2020
Security breach impacted Cisco VIRL-PE infrastructure

Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers. Cisco has disclosed a security incident that impacted part of its VIRL-PE infrastructure, threat actors exploited vulnerabilities in the SaltStack software package to breach six company servers. These issues affect the following Cisco products running a vulnerable […]

Pierluigi Paganini May 28, 2020
Google TAG report Q1 details about nation-state hacking and disinformation

Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020. The Google Threat Analysis Group (TAG) is a group inside the Google’s security team that […]

Pierluigi Paganini May 28, 2020
Valak a sophisticated malware that completely changed in 6 months

Valak malware has rapidly changed over the past six months, it was initially designed as a loader, but now it implemented infostealer capabilities. The Valak malware completely changed over the past six months, it was first developed to act as a loader, but now it implements also infostealer capabilities.  The malicious code fist appeared in […]

Pierluigi Paganini May 23, 2020
Voter information for 2 millions of Indonesians leaked online

A hacker has leaked the 2014 voter information for close to 2 million Indonesians on a well-known hacker forum and threatens to release 200 million. A threat actor has published the 2014 voter information for close to 2 million Indonesians on a popular hacker forum and threatens to release data for a total of 200 million […]

Pierluigi Paganini May 20, 2020
Researchers disclose five Microsoft Windows zero-days

Security experts have disclosed five unpatched vulnerabilities in Microsoft Windows, four of which rated as high-risk severity. Security experts from Trend Micro’s Zero Day Initiative (ZDI) have published information on five unpatched vulnerabilities in Microsoft Windows. Four vulnerabilities are classified as high-risk severity, three of them are zero-day vulnerabilities tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915. The flaws […]

Pierluigi Paganini May 19, 2020
Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Experts from Palo Alto Networks discovered that the Mirai and Hoaxcalls botnets are targeting a vulnerability in legacy Symantec Web Gateways. Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. “I recently came across new […]

Pierluigi Paganini May 17, 2020
Coronavirus-themed attacks May 10 – May 16, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 10 to May 16, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 12 – Zeus Sphinx continues to be […]

Pierluigi Paganini May 13, 2020
Chancellor Merkel has ‘hard evidence’ of Russian hackers targeted her

German Chancellor Angela Merkel revealed that she is the target of an “outrageous” cyber espionage campaign carried out by Russia. German Chancellor Angela Merkel revealed that Russia-linked threat actors were targeting her in an “outrageous” cyberespionage campaign. “I can honestly say that it pains me. Every day I try to build a better relationship with […]