Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware 363

Ransomware Computer and Electronics Sales Encryption 363

Security Affairs

NOVEMBER 16, 2018

The evidence comes from traffic analysis where the identified pattern sends (HTTP POST) data on browser history and specifically crafted files under User – AppData to specific PHP pages. Indicators of Compromise (IoCs) for the malicious code are reported in the original analysis published by Marco Ramilli in his blog.

Computer and Electronics 279

Computer and Electronics File names Security IT 279

Security Affairs

JULY 26, 2023

Swedish software firm Ortivus suffered a cyberattack that has resulted in at least two British ambulance services losing access to electronic patient records. Two British ambulance services were not able to access electronic patient records after a cyber attack that hit their software provider Ortivus. ” reads the advisory.

Computer and Electronics 246

Computer and Electronics Access IT Security 246

Security Affairs

OCTOBER 14, 2019

Today I’d like to share a quick analysis resulted by a very interesting email which claimed to deliver a SOC “weekly report” on the victim email. Technical Analysis. Analysis of dropped and executed file (emotet). I am a computer security scientist with an intensive hacking background. SOC report 10 12 2019.doc

Computer and Electronics 268

Computer and Electronics Security Encryption IT 268

Security Affairs

AUGUST 18, 2020

Police conducted searches of the suspects’ residences and offices and seized more than $ 200,000 worth of computer equipment, weapons, ammunition and cash. Binance also partnered with TRM Labs, a blockchain analysis firm that focuses on fraud detection. “According to this fact, a criminal case under Part 2 of Art.

Computer and Electronics 350

Computer and Electronics Digital transformation Data science Blockchain 350

Security Affairs

JULY 31, 2019

A few hours ago, I have written about an interesting analysis of the possible hack of avionics systems, not DHS warns of cyber attacks against small airplanes. The CAN is a crucial component in vehicles and aircraft that allows data and signaling information to be’ exchanged between the onboard computer systems.

Computer and Electronics 267

Computer and Electronics Manufacturing Access Authentication 267

Security Affairs

MAY 3, 2020

Again, there is no filter and no post-processing analysis in that fields, by meaning you could probably find as TOP domain “google.com” or “microsoft update”, which is fine, since if the sample queried them before performing its malicious intent, well, it is simply recorded and took to your attention.

Computer and Electronics 324

Computer and Electronics File names Cybersecurity Security 324

Security Affairs

MAY 14, 2019

So, I came up with this blog post and this GitHub repository where I proposed a new testing-set based on a modified version of Malware Instruction Set for Behavior-Based Analysis , also referred as MIST. The original post along many other interesting analysis are available on the Marco Ramilli blog: [link].

Computer and Electronics 254

Computer and Electronics Artificial Intelligence Honeypots Cybersecurity 254

Security Affairs

DECEMBER 29, 2023

Albania’s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed that cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania. In September 2022, Albania blamed Iran for another cyberattack that hit computer systems used by the state police. ” adds AKCESK.

Computer and Electronics 355

Computer and Electronics Government Security IT 355

Security Affairs

NOVEMBER 14, 2018

Analysis ) where unknown attackers were targeting Italian naval industries. The analysis was cited by Kaspersky’s ICS CERT who exposed a wider threat extension across multiple countries such as: Germany, Spain, and India. I am a computer security scientist with an intensive hacking background. Conclusion.

Computer and Electronics 273

Computer and Electronics Phishing Security Encryption 273

Security Affairs

APRIL 5, 2019

This is not going to be a full path analysis so If you are interested in a more complete one, including dissection steps on final payloads, please refer to some of my previous analysis ( HERE , HERE , HERE ) or to Yoroi’s Blog. If you are interested on follow a full detailed analysis path, please take a look to Yoroi’s Blog.

Computer and Electronics 279

Computer and Electronics Encryption Communications Security 279

Security Affairs

JULY 18, 2019

First of all you need an exceptional computational power (RAM mostly) for letting multiple runners grab web-pages, extracting new links and re-run the scraping-code against the just extracted links. I am a computer security scientist with an intensive hacking background. Scraping the “TOR hidden world” is a quite complex topic.

Computer and Electronics 260

Computer and Electronics Cybersecurity Security Communications 260

Security Affairs

AUGUST 15, 2021

The existence of a secret SAS mobile hacker squad, named MAB5 and under the control of the Computer Network Operations (CNO) Exploitation, was revealed by a job ad published by the UK’s Ministry of Defence on an external website, reported Alan Turnbull of Secret Bases. ” states Secret Bases.

Computer and Electronics 264

Computer and Electronics Military Manufacturing Communications 264

Security Affairs

OCTOBER 17, 2018

Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here ). A quick analysis of the Stage2 exposes a new object inclusion. (as For IoC please visit the analysis from here. Stage2: OleOBj inclusion (click to expand it).

Computer and Electronics 277

Computer and Electronics Encryption Security Military 277

Security Affairs

JUNE 6, 2019

Today I want to share a quick analysis on a new leaked APT34 Tool in order to track similarities between APT34 public available toolsets. Additional technical details, including Yara Rules and IoCs, are reported in the original analysis published by Marco Ramilli on his blog: [link]. Michael Lortz.

Computer and Electronics 271

Computer and Electronics Passwords Security Cybersecurity 271

Security Affairs

JUNE 17, 2019

While the second side of the conditional branch is quite a normal behavior match "VirtualBox|VMware|KVM" ,which tries to avoid the execution on virtual environments (trying to avoid detection and analysis), the first side is quite interesting. But let’s move on the analysis. GET-UICulture).Name About the author Marco Ramilli.

Computer and Electronics 279

Computer and Electronics Security Cybersecurity IT 279

Security Affairs

JULY 7, 2019

The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands. ” reads the analysis published by Positive Technologies. Further technical details, including IoCs are reported in the analysis shared by the experts. ” reads one of the alerts.

Government 270

Government Computer and Electronics Archiving Phishing 270

Krebs on Security

JUNE 3, 2022

Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. In a statemen t about the changes, Deputy Attorney General Lisa O.

Security 318

Security Computer and Electronics Access Libraries 318

Security Affairs

MARCH 19, 2020

Web-Based Enterprise Management (WBEM) comprises a set of systems-management technologies developed to unify the management of distributed computing environments. Taking it on static analysis it will expose three callable functions: DeleteOfficeData ( 0x10001020 ), GetOfficeData ( 0x10001000 ) and EntryPoint 0x100015ac ). neighboring[.]site/01/index.php.

Computer and Electronics 339

Computer and Electronics IT Security Encryption 339

Security Affairs

JUNE 17, 2023

Bleeping Computer reported that the Polish police arrested two individuals running the DDoS-for-hire services and collected data from a server in Switzerland used by the perpetrators. DDoS-for-hire or ‘booter’ services allows registered users to launch order DDoS attacks without specific knowledge.

Computer and Electronics 246

Computer and Electronics Ransomware Security Information Security 246

Security Affairs

AUGUST 7, 2019

Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. Today I’d like to share a comparative analysis of OilRig techniques mutation over time. The original post and other interesting analysis are published on the Marco Ramilli’s blog: [link].

e-Delivery 261

e-Delivery Computer and Electronics Phishing Communications 261

Krebs on Security

DECEMBER 14, 2022

men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services. Miller was charged this week with conspiracy and violations of the Computer Fraud and Abuse Act (CFAA). The DOJ also charged six U.S. The booter service OrphicSecurityTeam[.]com com and royalstresser[.]com Defendant Angel Manuel Colon Jr.

Computer and Electronics 352

Computer and Electronics Education IT Risk 352

Security Affairs

JULY 17, 2018

” reads the analysis published by TG Soft. According to a technical report published by the experts, this attack and the one against Russian service centers offering maintenance and support for various electronic goods started in the same period, in March. . “TG Soft’s Research Centre (C.R.A.M.)

Computer and Electronics 186

Computer and Electronics Phishing Security IT 186

Security Affairs

JUNE 25, 2019

The analysis of the content of the USB drive allowed the authorities to identify the man. the police raided his house and investigated into his computer and electronic devices revealing a long cybercrime activity. Court documents refer to the hacktivist as a Brecht S.,

Computer and Electronics 279

Computer and Electronics Security IT 279

Security Affairs

JUNE 26, 2023

“In December 2021, in coordination with foreign law enforcement partners in Germany and Finland, the computer server hosting Monopoly was seized and taken offline.” Through extensive analysis of these records, Desnica was identified as the operator of Monopoly.” ” reads the press release published by DoJ.

Marketing 246

Marketing Computer and Electronics Sales Communications 246

Security Affairs

JULY 31, 2019

The expert focused the analysis on the Controller Area Network (CAN) bus implements by two commercially available avionics systems from aircraft manufacturers who specialize in light aircraft. However, electronic controls for flaps, trim, engine controls, and autopilot systems are becoming more common,” explained Kiley.

Computer and Electronics 239

Computer and Electronics Manufacturing Access Security 239

Security Affairs

SEPTEMBER 20, 2018

Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). In this scenario, it is used to make money at the expense of computer users by abusing the infected computer to mine Monero, a cryptocurrency. XMRIG prove 1.

Computer and Electronics 279

Computer and Electronics Mining IoT Security 279

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Security 306

Security Data breaches Computer and Electronics Ransomware 306

Security Affairs

SEPTEMBER 3, 2019

For this reason I believe it would be interesting to understand how MBR works and how is it possible to write a boot loader program, this skill will help you during the analysis of your next Boot Loader Malware. When you press the power button you are providing the right power to every electronic chips who needs it.

Computer and Electronics 231

Computer and Electronics Libraries Cybersecurity Security 231

Security Affairs

JANUARY 29, 2019

“In the United Kingdom a number of webstresser.org users have recently been visited by the police, who have seized over 60 personal electronic devices from them for analysis as part of Operation Power OFF.” ” reads the press release published by the Europol. ” concludes the Europol.

Computer and Electronics 278

Computer and Electronics Government Security IT 278

Security Affairs

JULY 30, 2019

“A former Seattle technology company software engineer was arrested today on a criminal complaint charging computer fraud and abuse for an intrusion on the stored data of Capital One Financial Corporation, announced U.S. Thompson was charged with computer fraud and abuse in U.S. Attorney Brian T. “PAIGE A. .”

Data breaches 247

Data breaches Access Computer and Electronics IT 247

Everteam

APRIL 4, 2019

While everyone is digging deep into the Artificial Intelligence, Machine Learning, Blockchain and many other new digital transformation phenomena, Quantum Computing has been transformed from theory to reality. Let’s move to how it’s related to computers. What is Quantum Computing? A Quick Quantum look. Too much physics?

Computer and Electronics 75

Computer and Electronics Artificial Intelligence Digital transformation ECM 75

Thales Cloud Protection & Licensing

AUGUST 5, 2019

Preparing for Data Security in the Quantum Computing Era. Each passing day brings the world closer to the exciting reality of powerful quantum computing. Quantum computing is a threat to public key infrastructure and security systems that rely on it. Waiting until quantum computing is widely available ?

Computer and Electronics 90

Computer and Electronics Risk Paper Security 90

Security Affairs

JUNE 26, 2019

The original post and other interesting analysis are published on the Marco Ramilli’s blog: [link]. I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna.

Computer and Electronics 268

Computer and Electronics Security Cybersecurity IT 268

Security Affairs

APRIL 23, 2019

Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten ). I am a computer security scientist with an intensive hacking background. The original post is available at the following URL : APT34: webmask project.

Computer and Electronics 269

Computer and Electronics Passwords Government Security 269

Armstrong Archives

MARCH 3, 2025

While a select few organizations began computerization in the 1970s, it wasnt until the 2000s that federal regulations pushed businesses toward secure electronic records management. Artificial Intelligence (AI): Natural language processing and machine learning algorithms are revolutionizing data extraction, analysis, and decision-making.

Records Management 52

Records Management Computer and Electronics Blockchain Compliance 52

Security Affairs

MAY 2, 2019

But let’s move on and start a quick analysis on it. Since May 2016, the threat group has introduced new tools using different tunneling protocols to their tool set ” Robert Falcone of Palo Alto Networks’ Unit 42 research team wrote in an analysis of the group’s activities. About the author: Marco Ramilli, Founder of Yoroi.

Computer and Electronics 277

Computer and Electronics Communications Government Security 277