Malware Archives

Maze: a short story of one of the most dangerous cyberthreats

The Maze group has been one of the subtlest hacking group in recent history. Maze was a hacking group targeting organizations worldwide across many industries. It has recently announced the stop of its activity. Maze had developed a ransomware which encrypts the data of the devices infected Security experts believe that Maze had operated via a black-hat hacking community. There, its developers had shared their proceeds with various groups that had deployed Maze in organizational networks. The damage made by Maze did not limit to violation of a given system, regrettably. Maze has proved for taking advantage of assets in one network to move laterally to other networks. What made […]

Jan 27

Sunburst: the attack that shook the world

Cyber analysts recently discovered the “Sunburst” attack malware, which triggered a series of cyber-espionage attacks that began in the spring of 2020. The attack involved thousands of public administrations, private organizations and individuals on a global scale. American investigators have been pointing fingers at Russian-sponsored hackers. US authorities have labelled it as the most severe cyberattack against public and private bodies alike in the United States and believe that the origin of the threat are Russia-sponsored hackers. How did the Sunburst attack happen? What happened exactly? Let’s explore which intrusion technique hackers employed in this case. First, hackers implanted a malware in the software update of a platform installed in […]

Jan 20

Fake vaccines online: beware of scams

The NAS Carabinieri blocked two sites advertising and offering fake vaccines for COVID-19 and flu. In the latter case, subject to the obligation of medical prescription and sold only in pharmacies by a qualified pharmacist. On the first site, the Authorities noted the sale of 3 alleged vaccines for COVID-19 potentially purchasable from Italy. The analysis of the second website allowed the Carabinieri to highlight the presence of 2 flu vaccines. The World Health Organization has indeed issued a “Medical product alert” relating to possible counterfeit matches of these vaccines. The context of the operation Is it just an isolated fact? Unfortunately not. The operation of the Italian military is […]

Jan 13

SolarWinds Attack: Italy activates the Cyber Security Nucleus

Following a tampering with a number of SolarWinds Orion platform updates in March, hackers have infiltrated the networks and computer systems of government and private entities around the world by spying on their moves and, in some cases, stealing highly sensitive data assets. The attack has also affected our country, unfortunately. From the early stages of the discovery, Italy activated the Cyber Security Nucleus, the collegiate body entrusted with the task of managing cyber incidents that could have a potential impact on national security. The Cyber Security Nucleus What is this? According to the current legislation that regulates the activities of the Information Security Department (DIS) of the Presidency of […]

Jan 11

COVID-19 vaccine: beware of phishing

Have you received a strange e-mail about COVID-19, offering you various solutions to buy an under-the-counter vaccine currently in distribution? Think twice before clicking on any link. In addition to trying to sell fake Covid-19 drugs and vaccines, hackers are using the latest news as bait for their phishing campaigns. Threat intelligence analysts have warned that cybercriminals are taking advantage of developments on the COVID vaccine distribution campaign to give rise to insidious malspam campaigns. The threats What threats are we talking about? These phishing campaigns contain a myriad of malicious files. We have singled out: .EXE with the name “Download_Covid 19 New approved vaccines.23.07.2020.exe” which, once clicked, will install […]

Nov 19

QNodeService stepped up its features while operated in widespread credential-theft campaigns

Since mid-year 2020, a new piece of malware emerged in the cyber threat landscape. It seems to be linked to the crimeware matrix due its main purpose and use, which is exfiltration of browsers and email services credentials against a fairly extensive range of potential targets. The group that operates this threat is currently unknown for us (internally tracked as RedMoon) but we know that it likely operates, at least for malware samples involving Italian assets, from a West Asia country and we noted it seems to be very focused on keeping their detection rates as low as possible. A variant of this threat was originally spotted by @malwrhunterteam on […]

May 26

How Artificial Intelligence and Machine Learning will change the world of cybersecurity

Artificial Intelligence (AI) and Machine Learning (ML) tools could substantially help in the fight against cybercrime. But even these technologies can’t guarantee absolute security, and they could even be exploited by malicious hackers. Here we will consider some of the implications about the use of these new instruments in the cybersecurity sector. In 2020 cyber criminals pose a growing threat to all kinds of organisations and companies, as well as their customers. Businesses are doing their best to defend themselves, but it’s hard to predict what new types of cyberattacks will emerge and how they’ll work, which cyber criminals tend use in their favour. Artificial Intelligence and Machine Learning can […]

May 19

Simjacker and other cyber threats for mobile devices in 2020

At the end of last year, a security company discovered a serious threat to the world of cell phones and beyond: Simjacker, an attack technique that allows, in fact, to take control of a mobile phone by simply sending an SMS. Given the always increasing use of smartphones, it’s easy to understand the great dangerousness of this type of attack. Here we will see some details about this and other cyber threats for mobile devices that have recently emerged. Simjacker, the first case of Malware-SMS The Simjacker technique is particularly dangerous because it can be successfully exploited against a large variety of connected devices: not only mobile phones and smartphones, […]

May 12

The revolutionary methods to attack air-gapped devices

In the last few years, the Cyber-Security Research Center of Israel’s Ben Gurion University of the Negev coordinated by Dr. Mordechai Guri, has developed and tested several new types of malware that allow to covertly steal highly sensitive data from air-gapped and audio-gapped systems. Here we will briefly analyse some of the most surprising techniques that they have successfully tested. What air-gapped systems are and the difficulty of hacking them The term “air-gapping” indicates a network security measure employed on one or more computers to ensure that a certain computer system is physically isolated from unsecured networks, such as the public Internet or an unsafe local area network. Air-gapped […]

Nov 25

Foreseeing what is next: the rise of 5G technologies

Foreseeing 5G technologies as the future of world innovation was right? History teaches us that such predictions were pretty accurate. At the end of the 17th century, the French artist Jean-Marc Côté made some illustrations about en l’an 2000. Already back then, life in the 2000 was pictured as highly automatized: an automatic barber would take care of your skin and a barely self-standing robot would do the housework. But many intuitions that our ancestors would have thought of as barely possible are now features of our pasts. 5G Technologies and Innovation The technological innovation that took place over this past century reaches far beyond these forecasts. Cars will drive […]

Tag Archives: Malware