Tag: Malware

DanaBot targets Europe

Delaware, USA – June 21, 2019 – Another phishing campaign with the upgraded DanaBot trojan is reported to target Poland and Italy. The new DanaBot strain comes with a Blitzkrieg ransomware module that changes the extension of the encrypted files to .non. Initially, the DanaBot malware was observed during the phishing campaign in Australia back […]

Read More
Production of ASCO Stymied by Ransomware

Delaware, USA – June 18, 2019 – One of the leaders of airplane parts manufacturing was informed to have shut down operations at its plants because of a large-scale ransomware attack. Asco Industries who is the leader in the design and manufacture of major functional components for Boeing and Airbus commercial passenger jets, Airbus A400M […]

Read More
Refreshed Mirai Noticed

Delaware, USA – April 10, 2019 – The researchers of Palo Alto Networks Unit 24 published a report informing about a strain of Mirai malware compiled to target Xilinx MicroBlaze, Altera Nios II, Tensilica Xtensa and OpenRISC processors is in the wild. Along with the gained abilities to target new systems like digital signal processors, […]

Read More
Hoya Corp Focalizes Cryptojacking Attempt

Delaware, USA – April 9, 2019 – The largest optical products manufacturer Hoya Corporation suffered a cyber attack that infected more than 100 computers compromising users’ credentials and tried to take root for cryptocurrency mining, The Japan Times informs. The network controlling server was brought down on March 1 and the orders processing and production […]

Read More
Petya.A / NotPetya is an AI-powered cyber weapon, TTPs lead to Sandworm APT group

It’s been a hot summer for security industry: in less than a week since the initially suspected ransomware Petya.A has turned out to be much more than meets the eye. Security researchers around the world have rightfully dubbed it NotPetya and EternalPetya, as the malware was never meant to ask for ransom – it was […]

Read More
WannaCry no more: ransomware worm IOC’s, Tor C2 and technical analysis + SIEM rules

Good news everyone! After a rather long day, night and morning of studying the news, researching and hunting the #WannaCry ransomwareworm there are some discoveries to be shared.. This includes Host and Network IOCs, their analysis obtained with help of fellow security researchers and practitioners, review of C2 infrastructure and its interactions with Tor. Last but not least are some free SIEM use cases that […]

Read More