Pierluigi Paganini
September 02, 2022
The information-stealing malware Prynt Stealer contains a backdoor that allows stealing the data it has infiltrated from victims. Zscaler researchers discovered Telegram channel-based backdoor in the information stealing malware, Prynt Stealer, which allows to secretly steal a copy of the data exfiltrated from the victims. “Zscaler ThreatLabz researchers have uncovered the Prynt Stealer builder, also […]
Pierluigi Paganini
September 02, 2022
Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team recently observed an Executable and Linkable Format (ELF) ransomware which encrypts the files inside Linux systems based on the given folder path. We observed that the dropped README note matches exactly with the DarkAngels ransomware […]
Pierluigi Paganini
September 02, 2022
Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp. Raspberry Robin is a Windows worm discovered […]
Pierluigi Paganini
September 02, 2022
Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm. Researchers from cybersecurity firm eSentire discovered that the attack infrastructure used in recent Cisco hack was also used to attack a top Workforce Management corporation in in April 2022. The experts also speculate that the […]
Pierluigi Paganini
September 01, 2022
Researchers from Cyble analyzed a new, highly evasive JavaScript skimmer used by Magecart threat actors. Cyble Research & Intelligence Labs started its investigation after seeing a post on Twitter a new JavaScript skimmer developed by the Magecart threat group used to target Magento e-commerce websites. In Magecart attacks against Magento e-stores, attackers attempt to exploit vulnerabilities […]
Pierluigi Paganini
September 01, 2022
The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen customers’ data. The Ragnar Locker ransomware added the Portuguese state-owned flag carrier airline TAP Air Portugal to its leak site and claims to have stolen customers’ data. On August 26, the Portugues company announced via […]
Pierluigi Paganini
August 31, 2022
A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure. Securonix Threat researchers uncovered a persistent Golang-based malware campaign tracked as GO#WEBBFUSCATOR that leveraged the deep field image taken from the James Webb telescope. The phishing emails contain a Microsoft Office attachment that includes an external reference […]
Pierluigi Paganini
August 30, 2022
Researchers spotted three campaigns delivering multiple malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners Cisco Talos researchers observed three separate, but related, campaigns between March and June 2022 that were delivering multiple malware, including the ModernLoader bot (aka Avatar bot), RedLine info-stealer and cryptocurrency miners to victims. ModernLoader is a .NET remote access trojan that […]
Pierluigi Paganini
August 30, 2022
Baker & Taylor, one of the world’s largest distributors of books, revealed that it was hit by a ransomware attack. Baker & Taylor, one of the world’s largest distributors of books worldwide, suffered a ransomware attack on August 23. The incident impacted the company’s phone systems, offices, and service centers. On August 24, the company […]
Pierluigi Paganini
August 30, 2022
The U.S. FBI warns investors that crooks are increasingly exploiting security issues in Decentralized Finance (DeFi) platforms to steal cryptocurrency. The U.S. Federal Bureau of Investigation (FBI) published a Public Service Announcement (PSA) to warn investors that cybercriminals are increasingly exploiting security flaws in Decentralized Finance (DeFi) platforms to steal cryptocurrency. Threat actors are exploiting […]
