Blog

The latest from Swascan: news, stories and events from the company and the Cyber world.

Swascan partners with Cloudflare to enhance SoC services

Swascan partners with Cloudflare to enhance SoC services

Swascan partners with Cloudflare to enhance SoC services and bring Cloudflare One Zero Trust solutions to the Italian market Milan XXXX 2022 – Swascan, the innovative Cyber Security company, has announced a new go-to-market partnership with Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet. The two companies […]

DISCOVER MORE
Malware analysis: Babuk Ransomware (mathematical curve analysis)

Malware analysis: Babuk Ransomware (mathematical curve analysis)

In this analysis, the methodology and encryption/decryption algorithm used by a sample of Babuk Ransomware (Linux variant) were considered. Babuk originated in 2021, the gang also known as ‘Vasa Locker’. In April of that year, they had their highest moment of ‘fame’, when the group went so far as to threaten the Metropolitan Police Department […]

DISCOVER MORE
Silent ETH Miner Builder: Malware analysis

Silent ETH Miner Builder: Malware analysis

Author: Fabio Pensa In this analysis it has been taken into consideration the builder of a Silent ETH Miner sample, whichperforms mining operations and it does “process masking” techniques by pointing to terminate somespecific processes which, as we will see next, are related to Process Explorer, Process Hacker, TaskManager and Performance Monitor (to render more […]

DISCOVER MORE
Report: DarkWeb Analysis 2022

Report: DarkWeb Analysis 2022

Today more than ever, the Dark Web is a parallel world on the internet, operating under the premise of greater anonymity and a libertarian philosophy in terms of rules. Obviously, you cannot access the dark web via a simple Google search. You need to use a specialbrowser called TOR, where communication is encrypted and each […]

DISCOVER MORE
Security Advisory: Yeastar N412 and N824 Configuration Panel Account Takeover

Security Advisory: Yeastar N412 and N824 Configuration Panel Account Takeover

Swascan Offensive Security Team has identified several vulnerabilities during a Penetration Test on Yeastar PBX Configuration Panel series N. After contacting the vendor on multiple occasions no official reply has been issues as of 19/10/2022. Swascan has published this responsible vulnerability disclosure well after the 90-day grace period recommended for this activity. YEASTAR Yeastar is […]

DISCOVER MORE
LockBit 3.0: Decryptor Analysis

LockBit 3.0: Decryptor Analysis

In this analysis, conducted by Soc Team Swascan, the decryptors of “LockBit 3.0” (Windows version) and “LockBit” (Linux variant) were analyzed. This was possible thanks to a leak that appeared in the last few hours on GitHub. Just a few days ago, on September 17, the same Criminal Hacker gang announced that it had awarded […]

DISCOVER MORE
Security Advisory: Inaz Comunication System HEXPERIENCE v8.8.

Security Advisory: Inaz Comunication System HEXPERIENCE v8.8.

Swascan Offensive Security Team has identified 1 vulnerability on Inaz HExperience v8.8.0 application. The vulnerability has been fixed in version 8.9.0. INAZ INAZ is the Italian company specialized in software and solutions for administering, managing and organizing work. It designs, manufactures and markets products, tools and services and continues to do research and innovation, collaborates […]

DISCOVER MORE
Ransomware Report: trends and analysis Q2 2022

Ransomware Report: trends and analysis Q2 2022

As speculated in the report published by Swascan analysing ransomware activity in January-March 2022, ransomware was also confirmed as the number one threat in the global computer security landscape in Q2 of the same year. The second quarter of 2022 actually shows how ransomware gangs remained “enemy number one” in terms of threats and continued […]

DISCOVER MORE
LockBit 3.0: Dynamic malware analysis

LockBit 3.0: Dynamic malware analysis

Author: Fabio Pensa LockBit 2.0 ransomware, during the last weeks, has been updated through the releasing of a new version and the announcing of a bug bounty program: in exchange of money it is possible to report to the developers of the threat possible bugs and security vulnerabilities to make it as evasive as possible […]

DISCOVER MORE
Security Advisory: Teclib – GLPI >= 9.3.0 (CVE-2022-31061)

Security Advisory: Teclib – GLPI >= 9.3.0 (CVE-2022-31061)

Swascan Offensive Security Team has identified 1 critical vulnerability on Teclib digital assets during a Penetration Test on a customer that use the software GLPI. Teclib Teclib is an open-source software editor that offers a vast range of fully integrated open-source technology packages, to better respond to business needs. Product description GLPI is a Free […]

DISCOVER MORE