Security Alerts & News
by Tymoteusz A. Góral

History
#624 Python-based PWOBot targets European organizations
We have discovered a malware family named ‘PWOBot’ that is fairly unique because it is written entirely in Python, and compiled via PyInstaller to generate a Microsoft Windows executable. The malware has been witnessed affecting a number of Europe-based organizations, particularly in Poland. Additionally, the malware is delivered via a popular Polish file-sharing web service.

The malware itself provides a wealth of functionality, including the ability to download and execute files, execute Python code, log keystrokes, spawn a HTTP server, and mine Bitcoins via the victim’s CPUs and GPUs.

There are at least 12 variants of PWOBot, and the malware has been observed in attacks dating back to late 2013. More recent attacks have been observed affecting organizations between mid-to-late 2015.
Read more
#632 Can Switzerland become a safe haven for the world's data?
#631 Oracle fixes 136 vulnerabilities with April critical patch update
#630 Latest TeslaCrypt targets new file extensions, invests heavily in evasion
#629 DRAM bitflipping exploits that hijack computers just got easier
#628 RansomWhere?: Generic ransomware detection comes to Apple OS X
#627 MULTIGRAIN – POS attackers make an unhealthy addition to the pantry
#626 New crypto-ransomware JIGSAW plays nasty games
#625 CryptXXX: new ransomware from the actors behind reveton, dropping via Angler
#624 Python-based PWOBot targets European organizations
#623 Netflix: VPN blockade backlash doesn’t hurt us
#622 FBI tells congress it needs hackers to keep up with tech company encryption
#621 Security firm SurfWatch Labs discovers secret plan to hack numerous websites and forums
#620 Google is partially dangerous - according to Google
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12