Pierluigi Paganini
May 09, 2022
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of attacks spreading info-stealing malware Jester Stealer. The Computer Emergency Response Team of Ukraine (CERT-UA) has detected malspam campaigns aimed at spreading an info-stealer called Jester Stealer. The malicious messages spotted by the Ukrainian CERT have the subject line “chemical attack” and contain a link to a […]
Pierluigi Paganini
May 09, 2022
A few days after F5 addressed the critical CVE-2022-1388 Remote Code execution flaw in its BIG-IP products, researchers created exploits for it. Last week security and application delivery solutions provider F5 released its security notification to inform customers that it has released security updates from tens of vulnerabilities in its products. The company addressed a total of 43 […]
Pierluigi Paganini
May 09, 2022
China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of attacks. In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. The attacks were also reported by Google’s TAG team, which confirmed they were for […]
Pierluigi Paganini
May 08, 2022
The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the most important agricultural machinery manufacturers, announced that a ransomware attack impacted some of its production facilities. The company was forced to shut down portions of its IT systems in response to the incident. AGCO did […]
Pierluigi Paganini
May 07, 2022
Researchers discovered a new Windows malware, dubbed Raspberry Robin, with worm-like capabilities that spreads via removable USB devices. Cybersecurity researchers from Red Canary have spotted a new Windows malware, dubbed Raspberry Robin, with worm-like capabilities that propagates through removable USB devices. “Raspberry Robin is Red Canary’s name for a cluster of activity we first observed […]
Pierluigi Paganini
May 07, 2022
Experts spotted a malware campaign that is the first one using a technique of hiding a shellcode into Windows event logs. In February 2022 researchers from Kaspersky spotted a malicious campaign using a novel technique that consists of hiding the shellcode in Windows event logs. The technique allows hiding a fileless Trojan, the experts also […]
Pierluigi Paganini
May 07, 2022
The U.S. Department of Treasury sanctioned cryptocurrency mixer Blender.io used by North Korea-linked Lazarus APT. The U.S. Department of Treasury sanctioned the cryptocurrency mixer Blender.io used by the North Korea-linked Lazarus APT to launder the funds stolen from Axie Infinity’s Ronin bridge. This is the first time ever, Treasury is sanctioning a virtual currency mixer. […]
Pierluigi Paganini
May 06, 2022
Experts investigate how stolen Facebook accounts are used as part of a well-established fraud industry inside Facebook. No eyebrows were raised in Quriums security operation center when the independent Philippine media outlet Bulatlat once again got DDoSed, as they are a frequent target of such digital attacks. However, when we noticed that the attack traffic came from […]
Pierluigi Paganini
May 06, 2022
The Anonymous collective and the volunteer group Ukraine IT Army continues to launch cyber attacks on Russian entities. The Anonymous collective continues its cyber war on Russian businesses and government organizations. Below is the list of the most recent organizations targeted by the collective that also leaked stolen data through the DDoSecrets platform: CorpMSP is […]
Pierluigi Paganini
May 06, 2022
Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API port 2375. The attacks are related to crypto miners and reverse shells on the vulnerable servers using base64-encoded commands in the cmdline, built […]
