Pierluigi Paganini
December 30, 2022
The website for the Port of Lisbon is still down days after it was the target of a ransomware attack claimed by Lockbit group. The Port of Lisbon is the third-largest port in Portugal and one of the main European ports due to its strategic location. The website of the port was hit by a cyber attack on […]
Pierluigi Paganini
December 29, 2022
The Lake Charles Memorial Health System (LCMHS) suffered a ransomware attack that impacted 270,000 patients. The Lake Charles Memorial Health System (LCMHS) disclosed a data breach that affected almost 270,000 patients at its medical centers. The Lake Charles Memorial Health System is the largest not-for-profit community healthcare system in Southwest Louisiana. LCMHS reported the incident to the secretary of the U.S. […]
Pierluigi Paganini
December 28, 2022
Decentralized multi-chain crypto wallet BitKeep lost over $9 Million worth of digital currencies after a cyber attack. BitKeep was the victim of a supply chain attack that resulted in the theft of over $9 Million worth of digital currencies from its customers. The attack took place on December 26, threat actors were able to distribute […]
Pierluigi Paganini
December 27, 2022
The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the RisePro info-stealing malware. The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the information-stealing malware dubbed RisePro, Flashpoint warns. Threat actors can pay the Pay-per-install PrivateLoader service to download malicious payloads onto infected systems. Pay-per-install services are not a novel business model […]
Pierluigi Paganini
December 27, 2022
The FBI warns of cybercriminals using search engine advertisement services to impersonate brands and defraud users The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. The sites host ransomware and are used to steal login credentials and other […]
Pierluigi Paganini
December 26, 2022
Cybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented by an advanced malware downloader called GuLoader (aka CloudEyE). GuLoader uses a polymorphic shellcode loader to avoid traditional security solutions, the experts mapped all embedded DJB2 hash values for every API used by the […]
Pierluigi Paganini
December 25, 2022
A threat actor is claiming they have obtained data of 400,000,000 Twitter users and is offering it for sale. A threat actor claims they have obtained data of 400,000,000 Twitter users and is attempting to sell it. The seller claims the database is private, he provided a sample of 1,000 accounts as proof of claims […]
Pierluigi Paganini
December 24, 2022
The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in […]
Pierluigi Paganini
December 23, 2022
Online sports betting company BetMGM suffered a data breach and threat actors offered for sale a database containing the data of 1.5 million customers. On December 21, the online sports betting company BetMGM disclosed a data breach while threat actors offered for sale a database containing the information of 1,569,310 million BetMGM customers. “We breached BetMGM’s […]
Pierluigi Paganini
December 22, 2022
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms. Vice Society ransomware has been active since June 2021, it is considered […]
