Pierluigi Paganini
September 13, 2021
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Criminals are constantly creating variants of popular banking trojans, keeping in mind the same modus operandi but […]
Pierluigi Paganini
September 13, 2021
The Department of Justice and Constitutional Development of South Africa was hit by a ransomware attack that crippled bail services. A ransomware attack hit the Department of Justice and Constitutional Development of South Africa, multiple services, including email and bail services have been impacted. The incident did not affect child maintenance payments for the month […]
Pierluigi Paganini
September 12, 2021
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me too. The […]
Pierluigi Paganini
September 11, 2021
SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. Researchers from cybersecurity firm ThreatFabric have spotted in the beginning of August a new Android banking trojan, dubbed SOVA, that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain. The […]
Pierluigi Paganini
September 10, 2021
A Canadian man, who helped North Korean threat actors to launder stolen funds, plead guilty to laundering tens of millions of dollars stolen in bank fraud schemes. A Canadian man who conspired to launder tens of millions of dollars stolen bank fraud schemes has been sentenced to 140 months in prison. The man is Ghaleb […]
Pierluigi Paganini
September 09, 2021
The massive DDoS attack that has been targeting the internet giant Yandex was powered b a completely new botnet tracked as Mēris. The Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the […]
Pierluigi Paganini
September 09, 2021
The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Researchers from AT&T Alien Labs uncovered a new campaign, tracked as Chimaera, conducted by the TeamTNT group, aimed at organizations worldwide. Evidence collected by the experts suggests that the campaign began on July 25, 2021, threat actors […]
Pierluigi Paganini
September 08, 2021
Groove gang leaked online Fortinet credentials that could be used to breach networks of organizations using the compromised devices. The financially motivated threat actor Groove has leaked online compromised credentials belonging to many organizations. The ransomware group has been active since August 2021 and implement a double extortion model like other gangs. The threat actor leaked a […]
Pierluigi Paganini
September 07, 2021
The leak site of the popular REvil ransomware gang is online again, it is not clear if the group resumed operations or the FBI turned on its servers. Today the servers of the REvil ransomware gang were back online after around two months since their shutdown. The circumstance was immediately noted by many researchers, me […]
Pierluigi Paganini
September 07, 2021
The Ragnar Locker ransomware operators threaten to leak stolen data if the victims attempt to contact law enforcement agencies. The Ragnar Locker ransomware gang is adopting a new technique to force victims to pay the ransom, the operators threaten to leak stolen data if the victims contact law enforcement agencies. The group announced its new […]
