Security Affairs

MARCH 20, 2021

Taiwanese multinational hardware and electronics corporation Acer was victim of a REvil ransomware attack, the gang demanded a $50,000,000 ransom. Taiwanese computer giant Acer was victim of the REvil ransomware attack, the gang is demanding the payment of a $50,000,000 ransom, the largest one to date. billion in revenue.

Ransomware 363

Ransomware Computer and Electronics Sales Encryption 363

Security Affairs

OCTOBER 19, 2020

GravityRAT is a malware strain known for checking the CPU temperature of Windows computers to avoid being executed in sandboxes and virtual machines. ” reads an analysis published by Cisco Talos that spotted the malware back in 2017 when it was used by an APT group targeting India. . ” concludes Kaspersky.

Computer and Electronics 342

Computer and Electronics IT Security Access 342

Security Affairs

NOVEMBER 16, 2018

Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper. The evidence comes from traffic analysis where the identified pattern sends (HTTP POST) data on browser history and specifically crafted files under User – AppData to specific PHP pages.

Computer and Electronics 279

Computer and Electronics File names Security IT 279

Security Affairs

MAY 3, 2020

Again, there is no filter and no post-processing analysis in that fields, by meaning you could probably find as TOP domain “google.com” or “microsoft update”, which is fine, since if the sample queried them before performing its malicious intent, well, it is simply recorded and took to your attention.

Computer and Electronics 326

Computer and Electronics File names Cybersecurity Security 326

Security Affairs

DECEMBER 29, 2023

Albania’s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed that cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania. “Today, we identified and handled with full capacity and actively a cyber security incident. ” adds AKCESK.

Computer and Electronics 355

Computer and Electronics Government Security IT 355

Security Affairs

OCTOBER 14, 2019

Today I’d like to share a quick analysis resulted by a very interesting email which claimed to deliver a SOC “weekly report” on the victim email. Technical Analysis. Analysis of dropped and executed file (emotet). I am a computer security scientist with an intensive hacking background. Emotet Depacked.

Computer and Electronics 267

Computer and Electronics Security Encryption IT 267

Security Affairs

AUGUST 18, 2020

Police conducted searches of the suspects’ residences and offices and seized more than $ 200,000 worth of computer equipment, weapons, ammunition and cash. Binance also partnered with TRM Labs, a blockchain analysis firm that focuses on fraud detection. “According to this fact, a criminal case under Part 2 of Art.

Computer and Electronics 350

Computer and Electronics Digital transformation Data science Blockchain 350

Security Affairs

MAY 14, 2019

So, I came up with this blog post and this GitHub repository where I proposed a new testing-set based on a modified version of Malware Instruction Set for Behavior-Based Analysis , also referred as MIST. The original post along many other interesting analysis are available on the Marco Ramilli blog: [link]. Pierluigi Paganini.

Computer and Electronics 253

Computer and Electronics Artificial Intelligence Honeypots Cybersecurity 253

Security Affairs

NOVEMBER 14, 2018

Experts at Yoroi’s Cyber Security Defence Center along with Fincantieri’s security team investigated the recently discovered Martymcfly malware attacks. Analysis ) where unknown attackers were targeting Italian naval industries. Background. On October 17th we disclosed the ‘MartyMcFly’ Threat ( Rif. Malicious Email.

Computer and Electronics 273

Computer and Electronics Phishing Security Encryption 273

Security Affairs

APRIL 5, 2019

This is not going to be a full path analysis so If you are interested in a more complete one, including dissection steps on final payloads, please refer to some of my previous analysis ( HERE , HERE , HERE ) or to Yoroi’s Blog. If you are interested on follow a full detailed analysis path, please take a look to Yoroi’s Blog.

Computer and Electronics 279

Computer and Electronics Encryption Communications Security 279

Security Affairs

JULY 31, 2019

A few hours ago, I have written about an interesting analysis of the possible hack of avionics systems, not DHS warns of cyber attacks against small airplanes. ” reads the alert published by the US Department of Homeland Security’s (DHS).

Computer and Electronics 266

Computer and Electronics Manufacturing Access Authentication 266

Security Affairs

JULY 18, 2019

Cyber security expert Marco Ramilli explains the difficulties for scraping the ‘TOR networks’ and how to enumerate hidden-services with s crapers. I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna.

Computer and Electronics 260

Computer and Electronics Cybersecurity Security Communications 260

Security Affairs

JUNE 6, 2019

Security expert Marco Ramilli has analyzed the recently leaked APT34 hacking tool tracked as Jason – Exchange Mail BF. Today I want to share a quick analysis on a new leaked APT34 Tool in order to track similarities between APT34 public available toolsets. I am a computer security scientist with an intensive hacking background.

Computer and Electronics 271

Computer and Electronics Passwords Security Cybersecurity 271

Security Affairs

OCTOBER 17, 2018

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here ).

Computer and Electronics 277

Computer and Electronics Encryption Security Military 277

Security Affairs

JULY 26, 2023

Swedish software firm Ortivus suffered a cyberattack that has resulted in at least two British ambulance services losing access to electronic patient records. Two British ambulance services were not able to access electronic patient records after a cyber attack that hit their software provider Ortivus. ” reads the advisory.

Computer and Electronics 246

Computer and Electronics Access IT Security 246

Security Affairs

JUNE 17, 2019

While the second side of the conditional branch is quite a normal behavior match "VirtualBox|VMware|KVM" ,which tries to avoid the execution on virtual environments (trying to avoid detection and analysis), the first side is quite interesting. But let’s move on the analysis. Security Affairs – targeted attack, hacking).

Computer and Electronics 279

Computer and Electronics Security Cybersecurity IT 279

Schneier on Security

MAY 13, 2020

The Army is developing a new electronic warfare pod capable of being put on drones and on trucks.the Silent Crow pod is now the leading contender for the flying flagship of the Army's rebuilt electronic warfare force. Insiders call this cognitive electronic warfare ). It's hard to tell what this thing can do.

Computer and Electronics 107

Computer and Electronics Artificial Intelligence Military Communications 107

Security Affairs

MARCH 19, 2020

Security researcher Marco Ramilli analyzed a new Coronavirus (COVID-19)-themed attack gathering evidence of the alleged involvement of an APT group. Web-Based Enterprise Management (WBEM) comprises a set of systems-management technologies developed to unify the management of distributed computing environments. OCX VT coverage.

Computer and Electronics 337

Computer and Electronics IT Security Encryption 337

Security Affairs

AUGUST 15, 2021

The existence of a secret SAS mobile hacker squad, named MAB5 and under the control of the Computer Network Operations (CNO) Exploitation, was revealed by a job ad published by the UK’s Ministry of Defence on an external website, reported Alan Turnbull of Secret Bases. ” states Secret Bases. Pierluigi Paganini.

Computer and Electronics 263

Computer and Electronics Military Manufacturing Communications 263

Security Affairs

AUGUST 7, 2019

Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. Today I’d like to share a comparative analysis of OilRig techniques mutation over time. The original post and other interesting analysis are published on the Marco Ramilli’s blog: [link].

e-Delivery 262

e-Delivery Computer and Electronics Phishing Communications 262

Security Affairs

JULY 7, 2019

The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands. ” reads the analysis published by Positive Technologies. The attack against Croatia was also spotted by experts at Information Systems Security Bureau (ZSIS) that issued two alerts about the attacks-.

Government 269

Government Computer and Electronics Archiving Phishing 269

Security Affairs

JULY 31, 2019

An expert analyzed the level of security of avionics systems used in small airplanes, and the results are disconcerting. Patrick Kiley, a senior security consultant at Rapid7 conducted an investigation into the security of avionics systems inside small airplanes. Kiley, which is also, an amateur pilot, was able to crack the ?

Computer and Electronics 238

Computer and Electronics Manufacturing Access Security 238

Security Affairs

JUNE 17, 2023

Bleeping Computer reported that the Polish police arrested two individuals running the DDoS-for-hire services and collected data from a server in Switzerland used by the perpetrators. The total amount of secured property is almost PLN 260,000. zlotys and money in the amount of over 145 thousand.

Computer and Electronics 246

Computer and Electronics Ransomware Security Information Security 246

Security Affairs

JULY 17, 2018

Security researchers from Italian security firm TG Soft have uncovered an ongoing malware campaigns targeting Samsung service centers in Italy. ” reads the analysis published by TG Soft. The electronics service centers appear not particularly interesting for attackers because the volume of data it manage is little.

Computer and Electronics 186

Computer and Electronics Phishing Security IT 186

Security Affairs

SEPTEMBER 20, 2018

Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit). In this scenario, it is used to make money at the expense of computer users by abusing the infected computer to mine Monero, a cryptocurrency. XMRIG prove 1.

Computer and Electronics 279

Computer and Electronics Mining IoT Security 279

Security Affairs

JUNE 25, 2019

The analysis of the content of the USB drive allowed the authorities to identify the man. the police raided his house and investigated into his computer and electronic devices revealing a long cybercrime activity. Court documents refer to the hacktivist as a Brecht S., Pierluigi Paganini.

Computer and Electronics 279

Computer and Electronics Security IT 279

Krebs on Security

OCTOBER 12, 2018

alongside Tony Sager , senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. Tony Sager, senior vice president and chief evangelist at the Center for Internet Security. TS: Like a lot of things in security, the economics always win.

Security 230

Security Computer and Electronics IoT Cloud 230

Security Affairs

SEPTEMBER 3, 2019

For this reason I believe it would be interesting to understand how MBR works and how is it possible to write a boot loader program, this skill will help you during the analysis of your next Boot Loader Malware. When you press the power button you are providing the right power to every electronic chips who needs it. Pierluigi Paganini.

Computer and Electronics 235

Computer and Electronics Libraries Cybersecurity Security 235

Security Affairs

JUNE 26, 2023

“In December 2021, in coordination with foreign law enforcement partners in Germany and Finland, the computer server hosting Monopoly was seized and taken offline.” Through extensive analysis of these records, Desnica was identified as the operator of Monopoly.” ” reads the press release published by DoJ.

Marketing 246

Marketing Computer and Electronics Sales Communications 246

Krebs on Security

DECEMBER 14, 2022

men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services. Miller was charged this week with conspiracy and violations of the Computer Fraud and Abuse Act (CFAA). The DOJ also charged six U.S. The booter service OrphicSecurityTeam[.]com com and royalstresser[.]com Defendant Angel Manuel Colon Jr.

Computer and Electronics 350

Computer and Electronics Education IT Risk 350

Security Affairs

JULY 30, 2019

“A former Seattle technology company software engineer was arrested today on a criminal complaint charging computer fraud and abuse for an intrusion on the stored data of Capital One Financial Corporation, announced U.S. I commend our law enforcement partners who are doing all they can to determine the status of the data and secure it.”

Data breaches 250

Data breaches Access Computer and Electronics IT 250

Security Affairs

JANUARY 29, 2019

“In the United Kingdom a number of webstresser.org users have recently been visited by the police, who have seized over 60 personal electronic devices from them for analysis as part of Operation Power OFF.” The post Law enforcement worldwide hunting users of DDoS-for-Hire services appeared first on Security Affairs.

Computer and Electronics 278

Computer and Electronics Government Security IT 278

Security Affairs

JUNE 26, 2019

Security expert Marco Ramilli analyzed similarities and differences between the MuddyWater and APT34 cyberespionage groups. The original post and other interesting analysis are published on the Marco Ramilli’s blog: [link]. I am a computer security scientist with an intensive hacking background. Pierluigi Paganini.

Computer and Electronics 269

Computer and Electronics Security Cybersecurity IT 269

Security Affairs

APRIL 23, 2019

Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten ). I am a computer security scientist with an intensive hacking background. Source: MISP Project ).

Computer and Electronics 269

Computer and Electronics Passwords Government Security 269

Security Affairs

MAY 2, 2019

But let’s move on and start a quick analysis on it. On April 19 2019 researchers at Chronicle, a security company owned by Google’s parent company, Alphabet, have examined the leaked tools , exfiltrated the past week on a Telegram channel, and confirmed that they are indeed the same ones used by the OilRig attackers.

Computer and Electronics 277

Computer and Electronics Communications Government Security 277

Security Affairs

NOVEMBER 15, 2018

The emails were disguised to look as if they come from the Central Bank of Russia and FinCERT, the Financial Sector Computer Emergency Response Team. All messages sent via email contain FinCERT’s electronic signature.”. Security Affairs – Central Bank of Russia, cybercrime ). Pierluigi Paganini.

Phishing 279

Phishing Computer and Electronics Data collection Security 279

Security Affairs

OCTOBER 1, 2019

Obfuscation comes to make the analysis harder and harder, but once you overcome that stage you would probably see a VBA code looking like the following one. In your next VBA Macro analysis keep in mind those stereotypes and speed up your analysis. I am a computer security scientist with an intensive hacking background.

Computer and Electronics 251

Computer and Electronics Security Encryption Passwords 251