Pierluigi Paganini
August 21, 2021
A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows […]
Pierluigi Paganini
August 21, 2021
Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner, the largest Brazilian department stores clothing company, announced to have suffered a ransomware attack that impacted its IT infrastructure. According to Brazilian news outlets, the company was forced to shut down all its physical stores […]
Pierluigi Paganini
August 20, 2021
Mozi botnet continues to evolve, its authors implemented new capabilities to target Netgear, Huawei, and ZTE network gateways. Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware, it appeared […]
Pierluigi Paganini
August 19, 2021
Japanese cryptocurrency exchange Liquid was hit by a cyber attack, threat actors stole $97 Million worth of crypto-currency assets from the company. Japan-based cryptocurrency exchange Liquid was hit by a cyber attack that resulted in the theft of $97 Million worth of crypto-currency assets from its warm wallets. Liquid confirmed that crooks stole various crypto-currency […]
Pierluigi Paganini
August 18, 2021
Researchers conducted a new analysis of the Diavol ransomware and found new evidence of the link with the gang behind the TrickBot botnet. In July, researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider, the cybercrime gang behind the TrickBot botnet. The Trickbot botnet was used by […]
Pierluigi Paganini
August 16, 2021
The recent attacks that targeted Iran’s transport ministry and national train system were conducted by a threat actor dubbed Indra. In July, Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, the Fars news agency reported. The […]
Pierluigi Paganini
August 16, 2021
The US FINRA warns US brokerage firms and brokers of an ongoing phishing campaign impersonating its representatives to steal sensitive info. The US Financial Industry Regulatory Authority (FINRA) is warning US brokerage firms and brokers of an ongoing phishing campaign. Threat actors are impersonating FINRA officials and are using the threat of penalties to trick victims recipients into providing […]
Pierluigi Paganini
August 16, 2021
T-Mobile is investigating a possible data breach after a threat actor published a post on a forum claiming to be selling the personal data of its customers. New problems for T-Mobile, the company is investigating a possible data breach after that a threat actor has published a post on a hacking forum claiming to be […]
Pierluigi Paganini
August 14, 2021
The popular black marketplace AlphaBay is back, four years after law enforcement agencies took down the popular hidden service. The darknet marketplace AlphaBay resurfaced four years after an international operation conducted by law enforcement agencies took down it. AlphaBay was active between 2014 and June 2017, law enforcement seized the marketplace and arrested the administrator Alexandre Cazes (aka “Alpha02/Admin”), […]
Pierluigi Paganini
August 13, 2021
Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice Society ransomware operators are actively exploiting Windows print spooler PrintNightmare vulnerability in their attacks against Windows servers. The PrintNightmare flaws (tracked as  (CVE-2021-1675, CVE-2021-34527, and CVE-2021-36958) reside in the Windows Print Spooler service, print drivers, and the Windows Point and […]
