Pierluigi Paganini
June 08, 2020
A researcher is warning that Google is indexing the phone numbers of WhatsApp users raising serious privacy concerns. Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities. Even if Google Search only revealed the phone numbers and not the identities of associated users, ill-intentioned attackers […]
Pierluigi Paganini
June 08, 2020
Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including (i.e. cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, […]
Pierluigi Paganini
June 07, 2020
This infographic includes interesting data related to the Covid-19 themed attacks observed by security researchers and law enforcement in the past months. [adrotate banner=”9″] [adrotate banner=”12″] Pierluigi Paganini (SecurityAffairs â COVID-19, hacking) [adrotate banner=”5″] [adrotate banner=”13″]
Pierluigi Paganini
June 06, 2020
Hackers have stolen confidential documents from the US military contractor Westech, which provides critical support for US Minuteman III nuclear deterrent. MAZE ransomware operators have stolen sensitive data from Westech, a company that supports the US Minuteman III nuclear deterrent. The LGM-30 Minuteman is a U.S. land-based intercontinental ballistic missile (ICBM), in service with the […]
Pierluigi Paganini
June 06, 2020
eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer […]
Pierluigi Paganini
June 05, 2020
ST Engineering is the last victim of the Maze Ransomware operators that published their data on their leak website. ST Engineering is one of the leading engineering groups worldwide, it specializes in the aerospace, electronics, land systems, and marine sectors. The group operates in more than 100 countries and reported revenue of $7.86b in FY2019. The Maze ransomware operators […]
Pierluigi Paganini
June 05, 2020
ZLab malware researchers analyzed the attack chain used to infect Italian speaking victims with the Netwire malware. Introduction Info stealer malware confirms to be one of the most adopted weapons of cyber actors. One of them is Netwire (MITRE S0198), a multiplatform remote administration tool (RAT) that has been used by criminals and espionage groups […]
Pierluigi Paganini
June 05, 2020
Experts recently discovered a multi-platform ransomware, dubbed Tycoon Ransomware, that uses a Java image file (JIMAGE) to evade detection. Experts from BlackBerry Threat Intelligence and KPMG recently discovered a new strain of multi-platform ransomware dubbed Tycoon ransomware. The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and […]
Pierluigi Paganini
June 04, 2020
Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Then the attackers used the hijacked domain to launch spear-phishing attacks against […]
Pierluigi Paganini
June 03, 2020
REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. Sodinokibi ransomware operators are very active in this period, a few days after the gang has leaked the files allegedly stolen from the UK power grid middleman Elexon it has announced to launch […]
