Pierluigi Paganini
October 21, 2021
The United States Department of Justice sentenced two individuals that were providing bulletproof hosting to various malware operations. The United States Department of Justice sentenced to prison two individuals involved in providing bulletproof hosting to various malware operations, including Citadel, SpyEye, Zeus, and the Blackhole exploit kit. The two individuals, Aleksandr Skorodumov (33) of Lithuania, […]
Pierluigi Paganini
October 19, 2021
Sentinel Labs experts have analyzed the new Karma ransomware and speculate it represents an evolution of the Nemty ransomware operation. Karma ransomware is a new threat that was first spotted in June of 2021, it is important to distinguish it from a different threat with the same name that is active since 2016. Sentinel Labs […]
Pierluigi Paganini
October 19, 2021
FBI, CISA, NSA have published a joint advisory about the operation of the BlackMatter ransomware gang and provides defense recommendations. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have published an advisory that provides details about the BlackMatter ransomware operations and defense recommendations. This advisory provides […]
Pierluigi Paganini
October 19, 2021
Trustwaveâs SpiderLabs researchers have released a free decryptor for the BlackByte ransomware that can allow victims to recover their files. Researchers from Trustwaveâs SpiderLabs have released a decryptor that can allow victims of the BlackByte ransomware to restore their files for free. The experts spotted the BlackByte ransomware while investigating a recent malware incident. The […]
Pierluigi Paganini
October 18, 2021
The Uptycs Threat Research Team spotted a campaign in which the TeamTNT threat actors deployed a malicious container image on Docker hub. The Uptycs Threat Research Team recently identified a campaign in which the TeamTNT threat actors deployed a malicious container image (hosted on Docker Hub) with an embedded script to download Zgrab scanner and masscannerâpenetration testing tools […]
Pierluigi Paganini
October 18, 2021
A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group broadcast television company. TV stations owned by the Sinclair Broadcast Group went down over the weekend officially due to technical issues, but some media [1,2] reported that it was a victim of a ransomware attack. […]
Pierluigi Paganini
October 18, 2021
It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor hidden service. The REvil ransomware gang has shut down its operation once again after a threat actor has hijacked their Tor leak site and payment portal. The news of the hack was shared by the […]
Pierluigi Paganini
October 18, 2021
Researchers warn of an Ad-Blocking Chrome extension that was abused by threat actors to Injecting Ads in Google search pages. Researchers from Imperva have spotted a new deceptive ad injection campaign that is targeting users of some large websites leveraging an AD-blocking extension, named AllBlock, that is available on both Chrome and Opera browsers. Ad […]
Pierluigi Paganini
October 17, 2021
The customers of Banco Pichincha, the largest bank in Ecuador, are still experiencing service disruptions after a massive cyberattack hit the financial organization early this week. The cyberattack took place over the last weekend and forced the bank to shut down a large part of its computer network in response to the incident. Many services […]
Pierluigi Paganini
October 16, 2021
TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and […]
