Pierluigi Paganini
November 23, 2022
The gang behind Quantum Locker used a particular modus operandi to target large enterprises relying on cloud services in the NACE region. Executive Summary Incident Insights During the latest weeks, the Belgian company Computerland shared insights with the European threat intelligence community about Quantum TTPs adopted in recent attacks. The shared information revealed Quantum gang […]
Pierluigi Paganini
November 22, 2022
A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. An anonymous researcher publicly disclosed a series of techniques to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. The researcher pointed out […]
Pierluigi Paganini
November 22, 2022
Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire. It is a multi-purpose botnet with data stealing […]
Pierluigi Paganini
November 22, 2022
The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint researchers warn of the return of the Emotet malware, in early November the experts observed a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. The Emotet banking trojan has been active at least since 2014, the botnet is […]
Pierluigi Paganini
November 21, 2022
A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła (@_r3ggi) of SecuRing published technical details and proof-of-concept (PoC) code for a macOS sandbox escape vulnerability tracked as CVE-2022-26696 (CVSS score of 7.8). In a wrap-up published by Regula, the researcher observed that the problem is caused […]
Pierluigi Paganini
November 21, 2022
Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine. The Beacon includes a wealth of functionality for the attacker, including, but not limited to […]
Pierluigi Paganini
November 20, 2022
Proof-of-concept exploit code for two actively exploited Microsoft Exchange ProxyNotShell flaws released online. Proof-of-concept exploit code has been released online for two actively exploited vulnerabilities in Microsoft Exchange, known as ProxyNotShell. The two flaws are: they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell […]
Pierluigi Paganini
November 19, 2022
Microsoft warns that a threat actor, tracked as DEV-0569, is using Google Ads to distribute the recently discovered Royal ransomware. Researchers from the Microsoft Security Threat Intelligence team warned that a threat actor, tracked as DEV-0569, is using Google Ads to distribute various payloads, including the recently discovered Royal ransomware. The DEV-0569 group carries out […]
Pierluigi Paganini
November 19, 2022
Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema. Researchers at Bitdefender Antispam Lab have analyzed during the last weeks the fraudulent activities associated with Black Friday and Cyber Monday. The experts noticed that between October 26 and November 6, the rate of unsolicited […]
Pierluigi Paganini
November 18, 2022
Hive ransomware operators have extorted over $100 million in ransom payments from over 1,300 companies worldwide as of November 2022. The threat actors behind the Hive ransomware-as-a-service (RaaS) have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. cybersecurity and intelligence authorities. “As of November 2022, […]
