Pierluigi Paganini
June 05, 2023
Microsoft attributes the recent campaign exploiting a zero-day in the MOVEit Transfer platform to the Clop ransomware gang. The Clop ransomware gang (aka Lace Tempest) is credited by Microsoft for the recent campaign that exploits a zero-day vulnerability, tracked as CVE-2023-34362, in the MOVEit Transfer platform. Microsoft is attributing attacks exploiting the CVE-2023-34362 MOVEit Transfer […]
Pierluigi Paganini
June 05, 2023
Last week two eastern Idaho hospitals and their clinics were hit by a cyberattack that temporarily impacted their operations. Last week the Idaho Falls Community Hospital was hit by a cyber attack that impacted its operations. Officials at the hospital confirmed that some clinics closed due to the cyber attack and some ambulances have been […]
Pierluigi Paganini
June 05, 2023
VMware’s Carbon Black Managed Detection and Response (MDR) team observed a surge of TrueBot activity in May 2023. Researchers at VMware’s Carbon Black Managed Detection and Response (MDR) team warn of a surge of TrueBot activity in May 2023. Truebot has been active since 2017 and some researchers linked it to the Silence Group, while a […]
Pierluigi Paganini
June 05, 2023
A new ongoing Magecart web skimmer campaign abuse legitimate websites to act as makeshift command and control (C2) servers. Akamai researchers discovered a new ongoing Magecart web skimmer campaign aimed at stealing personally identifiable information (PII) and credit card information from users in North America, Latin America, and Europe. Magecart attacks target e-commerce websites, the […]
Pierluigi Paganini
June 05, 2023
Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients. Globalcaja was the victim of […]
Pierluigi Paganini
June 04, 2023
Several Swiss cantonal police, the army, customs and the Federal Office of Police (Fedpol) were impacted by the attack against IT firm Xplain. Swiss police launched an investigation into the cyber attack that hit the Bernese IT company Xplain, which provides its services to several federal and cantonal government departments, the army, customs, and the Federal […]
Pierluigi Paganini
June 03, 2023
North Korea-linked APT group Kimsuky is posing as journalists to gather intelligence, a joint advisory from NSA and FBI warns. A joint advisory from the FBI, the U.S. Department of State, the National Security Agency (NSA), South Korea’s National Intelligence Service (NIS), National Police Agency (NPA), and the Ministry of Foreign Affairs (MOFA), warns that North-Korea-linked Kimsuky APT […]
Pierluigi Paganini
June 02, 2023
A new botnet malware dubbed Horabot is targeting Spanish-speaking users in Latin America since at least November 2020. Cisco Talos researchers were observed deploying a previously unidentified botnet, dubbed Horabot, that is targeting Spanish-speaking users in the Americas. The botnet is used to deliver a banking trojan and spam tool to the infected systems, Horabot has been […]
Pierluigi Paganini
June 02, 2023
Threat actors are exploiting a zero-day flaw in Progress Software’s MOVEit Transfer product to steal data from organizations. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product to steal data from organizations. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files […]
Pierluigi Paganini
June 02, 2023
Russia’s intelligence Federal Security Service (FSB) said that the recent attacks against iPhones with a zero-click iOS exploit as part of Operation Triangulation were carried out by US intelligence. Researchers from the Russian firm Kaspersky have uncovered a previously unknown APT group that is targeting iOS devices with zero-click exploits as part of a long-running […]
