Pierluigi Paganini
February 23, 2021
FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. “Starting in mid-December 2020, malicious actors that Mandiant […]
Pierluigi Paganini
February 22, 2021
Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. APOMacroSploit is a macro builder that was […]
Pierluigi Paganini
February 21, 2021
Experts warn of threat actors using Google Alerts to promote a fake Adobe Flash Player updater that delivers unwanted programs. Experts from BleepingComputer are warning of threat actors that are using Google Alerts to promote a fake Adobe Flash Player updater that delivers unwanted programs. Bad actors publish posts with titles containing popular keywords to […]
Pierluigi Paganini
February 21, 2021
The Federal Bureau of Investigation (FBI) has issued a warning about the risks of telephony denial-of-service (TDoS) attacks on call centers. The United States’ Federal Bureau of Investigation (FBI) is warning of the consequences of telephony denial-of-service (TDoS) attacks on call centers, which in some cases could threaten people’s lives. TDoS attacks could render telephone systems unavailable […]
Pierluigi Paganini
February 20, 2021
Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. Malware researchers at Red Canary uncovered a new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. According to data shared by Malwarebytes, as […]
Pierluigi Paganini
February 19, 2021
MassLogger Windows credential stealer infamous is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. MassLogger Windows credential stealer is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger apps. Cisco Talos experts uncovered attacks against users in Turkey, Latvia, and Italy, the […]
Pierluigi Paganini
February 19, 2021
Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development platform to steal payment card information from e-stores. Sansec researchers reported that threat actors are abusing Google’s Apps Script business application development platform to steal credit card data provided by customers of e-commerce websites. “Attackers use […]
Pierluigi Paganini
February 18, 2021
PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. WatchDog is one of the largest and longest-lasting Monero cryptojacking operations uncovered by security experts, […]
Pierluigi Paganini
February 17, 2021
Malvertising gang ScamClub has exploited an unpatched zero-day vulnerability in WebKit-based browsers in a campaign aimed at realizing online gift card scams. The Malvertising gang ScamClub has abused an unpatched zero-day vulnerability in WebKit-based browsers to bypass security measures and redirect users from legitimate sites to websites hosting online gift card scams. The malvertising campaign […]
Pierluigi Paganini
February 17, 2021
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware In the last few years, many banking trojans developed by Latin American criminals have increased in volume and sophistication. Although exists a strong adoption of technologies with the goal of protecting the final user such as plugins, tokens, e-tokens, two-factor-authentication mechanisms, CHIP, PIN […]
