malware

Pierluigi Paganini February 12, 2019
Gootkit: Unveiling the Hidden Link with AZORult

Cybaze-Yoroi ZLAB revealed interesting a hidden connection between the AZORult toolkit and specific Gootkit payload. Introduction In the last days, a huge attack campaign hit several organizations across the Italian cyberspace, as stated on bulletin N020219 the attack waves tried to impersonate legit communication from a known Express Courier. However, a deeper analysis by Cybaze-Yoroi ZLAB revealed interesting hidden aspects, […]

Pierluigi Paganini February 11, 2019
MetaMask app on Google Play was a Clipboard Hijacker

Security researcher Lukas Stefanko from ESET discovered the first Android cryptocurrency clipboard hijacker impersonating MetaMask on the official Google Play store. The rogue MetaMask app is a Clipboard Hikacker that monitors a device’s clipboard for Bitcoin and Ethereum addresses and replaces them with addresses of wallets under the control of the attacker. Using this trick the attackers can transfers funds […]

Pierluigi Paganini February 11, 2019
A mysterious code prevents QNAP NAS devices to be updated

Users of QNAP NAS devices are reporting through QNAP forum discussions of mysterious code that adds some entries that prevent software update. Users of the Network attached storage devices manufactured by QNAP  have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. According to the […]

Pierluigi Paganini February 10, 2019
New Linux coin miner kills competing malware to maximize profits

Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner. Security experts from Trend Micro have discovered a new strain of coin miner that targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner, researchers observed it killing other Linux malware […]

Pierluigi Paganini February 10, 2019
Security Affairs newsletter Round 200 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Can Enterprises execute a GRC Movement? Experts observed […]

Pierluigi Paganini February 09, 2019
GandCrab ransomware campaign targets Italy using steganography

A newly discovered malware campaign leverages steganography to hide GandCrab ransomware in an apparently innocent Mario image. Security experts at Bromium have discovered a malware campaign using steganography to hide the GandCrab ransomware in a Mario graphic package. According to Matthew Rowan, a researcher at Bromium, threat actors use steganography to hide the malicious code and […]

Pierluigi Paganini February 07, 2019
Ursnif: Long Live the Steganography and AtomBombing!

Yoroi ZLab – Cybaze uncovered a new wave of Ursnif attacks using a variant that implements an exotic process injection technique called AtomBombing Another wave of Ursnif attacks hits Italy. Ursnif is one of the most active banking trojans. It is also known as GOZI, in fact, it is a fork of the original Gozi-ISFB banking Trojan that […]

Pierluigi Paganini February 06, 2019
Security expert Marco Ramilli released for free the Malware Hunter tool

Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.. I’v been working on cybersecurity for most than 10 years. During my […]

Pierluigi Paganini February 04, 2019
Experts found popular beauty apps in the Play Store including malicious code

Researchers at Trend Micro discovered at least 29 malicious photo editing and beauty apps that were able to perform several malicious activities. Crooks continue to abuse Google Play store to distribute malicious apps, this time experts at Trend Micro discovered at least 29 maliciousphoto editing and beauty apps that were stealing users’ photos. The malicious […]

Pierluigi Paganini February 03, 2019
Security Affairs newsletter Round 199 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Using steganography to obfuscate PDF exploits Aztarna – […]