Pierluigi Paganini
December 27, 2020
The Burlington-based University of Vermont Health Network has finally admitted that ransomware was behind the October attack. In October, threat actors hit the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network. The cyber attack took place on October 28 and disrupted services at the UVM Medical Center and affiliated facilities. A […]
Pierluigi Paganini
December 27, 2020
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A massive fraud operation used mobile device emulators to steal millions from online bank accounts SolarWinds hackers also breached the US NNSA nuclear agency Clop ransomware gang paralyzed flavor and […]
Pierluigi Paganini
December 27, 2020
White hat hacker could be a profitable profession, Cosmin Iordache earned more than $2M reporting flaws through the bug bounty program HackerOne. Iordache is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne. HackerOne announced that the bug bounty hunter Cosmin Iordache (@inhibitor181) […]
Pierluigi Paganini
December 27, 2020
SolarWinds released an updated advisory for the SuperNova malware discovered while investigating the recent supply chain attack. SolarWinds has released an updated advisory for the SuperNova backdoor that was discovered while investigating the recent SolarWinds Orion supply-chain attack. The SuperNova backdoor was likely used by a separate threat actor. After the initial disclosure of the […]
Pierluigi Paganini
December 26, 2020
GoDaddy made the headlines for an initiative that is dividing cybersecurity community, it sent phishing messages offering bonuses to its employees. GoDaddy sent an email to its employee that promised a Christmas bonus to help them to face economic problems caused by the ongoing COVID-19 pandemic. The web provider apologized Thursday for the cyber security test […]
Pierluigi Paganini
December 26, 2020
Emotet is back on Christmas Eve, cybercrime operators are sending out spam messages to deliver the infamous Trickbot Trojan. Emotet is back on Christmas Eve, after two months of silence, cybercrime operators are sending out spam messages to deliver the infamous Trickbot Trojan. The recent Emotet campaign uses updated payloads and is targeting over 100,000 […]
Pierluigi Paganini
December 26, 2020
REvil ransomware gang, aka Sodinokibi, hacked The Hospital Group and threatens to release before-and-after pictures of celebrity clients. The Hospital Group has 11 clinics and has a celebrity clientele, but it made the headlines because the REvil ransomware gang, aka Sodinokibi, claims to have hacked its systems and threatens to release before-and-after pictures of celebrity […]
Pierluigi Paganini
December 25, 2020
CrowdStrike released a free Azure security tool after it was notified by Microsoft of a failed attack leveraging compromised Azure credentials. While investigating the impact of the recent SolarWind hack, on December 15th Microsoft reported to CrowdStrike that threat actors attempted to read CrowdStrike’s emails by using a compromised Microsoft Azure reseller’s account. “Specifically, they […]
Pierluigi Paganini
December 25, 2020
The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID-19 research. The North Korea-linked APT group Lazarus has recently launched cyberattacks against two entities involved in COVID-19 research. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. […]
Pierluigi Paganini
December 25, 2020
Russian cryptocurrency exchange Livecoin was compromised on Christmas Eve, hackers breached its network and gained control of some of its servers. The Russian cryptocurrency exchange was hacked on Christmas Eve, it published a message on its website warning customers to stop using its services. “Dear clients, we ask you to stop using our service in […]
