Pierluigi Paganini
May 27, 2025
Nova Scotia Power confirms it was hit by a ransomware attack but hasn’t paid the ransom, nearly a month after first disclosing the cyberattack. Nova Scotia Power confirmed it was hit by a ransomware attack nearly a month after disclosing a cyber incident. The company revealed it hasn’t paid the ransom. Nova Scotia Power Inc. is […]
Pierluigi Paganini
May 25, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack – How a Trusted IT Tool Became a Malware Delivery Vector Malicious ‘Checker’ Packages on PyPI Probe TikTok and Instagram for Valid Accounts […]
Pierluigi Paganini
May 25, 2025
Operation ENDGAME dismantled key ransomware infrastructure, taking down 300 servers, 650 domains, and seizing €21.2M in crypto. From May 19 to 22, 2025, Operation ENDGAME, coordinated by Europol and Eurojust, disrupted global ransomware infrastructure. Law enforcement took down down 300 servers and 650 domains, and issuing 20 international arrest warrants. “A Command Post was set […]
Pierluigi Paganini
May 24, 2025
FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback phishing and social engineering extortion tactics. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously […]
Pierluigi Paganini
May 24, 2025
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks. The U.S. authorities have indicted Russian national Rustam Gallyamov, the leader of the Qakbot operation, which infected over 700,000 computers and facilitated ransomware attacks. Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an […]
Pierluigi Paganini
May 22, 2025
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included global manufacturers. A US court order, with Europol and Japan’s JC3 dismantled the Lumma Stealer malware operation, seizing 2,300 domains used for command-and-control and blocking dark web markets offering the infostealer. A US court order, with Europol and Japan’s JC3, […]
Pierluigi Paganini
May 21, 2025
South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player in the country’s mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its […]
Pierluigi Paganini
May 20, 2025
China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBooker, targeted an international organization in Saudi Arabia using a new backdoor called MarsSnake. The experts uncovered the attacks in March 2023 and again in 2024, noting that the group used […]
Pierluigi Paganini
May 20, 2025
Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established within the Cybersecurity Observatory of the Unipegaso University, which I have the privilege […]
Pierluigi Paganini
May 18, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer Interlock ransomware evolving under the radar Technical Analysis of TransferLoader Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2 Horabot Unleashed: A Stealthy Phishing Threat High Risk Warning for Windows […]
