Hacking

Pierluigi Paganini September 16, 2022
Uber hacked, internal systems and confidential documents were allegedly compromised

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports. According to the New York Times, the threat actors hacked an employee’s Slack account and […]

Pierluigi Paganini September 15, 2022
Akamai mitigated a new record-breaking DDoS attack against a Europen customer

Akamai announced to have recently blocked a new record-breaking distributed denial-of-service (DDoS) attack. On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked […]

Pierluigi Paganini September 15, 2022
Russia-linked Gamaredon APT target Ukraine with a new info-stealer

Russia-linked Gamaredon APT targets employees of the Ukrainian government, defense, and law enforcement agencies with a custom information-stealing malware. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) is targeting employees of the Ukrainian government, defense, and law enforcement agencies with a piece of a custom-made information stealer implant. The malicious code was designed to […]

Pierluigi Paganini September 15, 2022
FBI: Millions in Losses resulted from attacks against Healthcare payment processors

The FBI has issued an alert about threat actors targeting healthcare payment processors in an attempt to hijack the payments. The Federal Bureau of Investigation (FBI) has issued an alert about cyber attacks against healthcare payment processors to redirect victim payments. Threat actors used employees’ publicly-available Personally Identifiable Information (PII) and social engineering techniques to […]

Pierluigi Paganini September 15, 2022
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks

Threat actors are exploiting the death of Queen Elizabeth II as bait in phishing attacks to steal Microsoft account credentials from victims. Researchers from Proofpoint are warning of threat actors that are using the death of Queen Elizabeth II as bait in phishing attacks. The attackers aim at tricking recipients into visiting sites designed to […]

Pierluigi Paganini September 14, 2022
SparklingGoblin APT adds a new Linux variant of SideWalk implant to its arsenal

China-linked SparklingGoblin APT was spotted using a Linux variant of a backdoor known as SideWalk against a Hong Kong university. Researchers from ESET discovered a Linux variant of the SideWalk backdoor, which is a custom implant used by the China-linked SparklingGoblin APT group. The SparklingGoblin APT is believed to be a group that operated under […]

Pierluigi Paganini September 14, 2022
Threat actors are actively exploiting a zero-day in WPGateway WordPress plugin

Threat actors are actively exploiting a zero-day vulnerability in the WPGateway premium plugin to target WordPress websites. The Wordfence Threat Intelligence team reported that threat actors are actively exploiting a zero-day vulnerability (CVE-2022-3180) in the WPGateway premium plugin in attacks aimed at WordPress sites. The WPGateway plugin is a premium plugin that allows users of […]

Pierluigi Paganini September 13, 2022
Cyber espionage campaign targets Asian countries since 2021

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. “A distinct group of espionage attackers who were formerly associated with the […]

Pierluigi Paganini September 13, 2022
Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks

Iran-linked threat actors target individuals specializing in Middle Eastern affairs, nuclear security and genome research. In mid-2022, Proofpoint researchers uncovered a cyberespionage campaign conducted by Iran-linked TA453 threat actors. The campaign aimed at individuals specializing in Middle Eastern affairs, nuclear security and genome research. Threat actors used at least two actor-controlled personas on a single […]

Pierluigi Paganini September 13, 2022
Montenegro and its allies are working to recover from the massive cyber attack

A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow. A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical […]