Malware

Pierluigi Paganini October 27, 2020
Enel Group suffered the second ransomware attack this year

Multinational energy company Enel Group has been hit by Netwalker ransomware operators that are asking a $14 million ransom. Systems at the multinational energy company Enel Group has been infected with Netwalker ransomware, it is the second ransomware attack suffered by the energy giant this year. Netwalker ransomware operators are asking a $14 million ransom […]

Pierluigi Paganini October 27, 2020
Google removes a set of 21 malicious apps from the Play Store

Google has removed 21 malicious apps from the official Play Store because they were found to serve intrusive and annoying ads. Google has removed 21 new malicious apps from the official Play Store because they were found displaying intrusive ads. The following malicious apps were spotted by researchers from cybersecurity firm Avast: Shoot Them Crush […]

Pierluigi Paganini October 26, 2020
KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. Security experts from Imperva have spotted a new sophisticated botnet, tracked as KashmirBlack is believed to have already infected hundreds of thousands of websites by exploiting vulnerabilities in their content management system (CMS) platforms. […]

Pierluigi Paganini October 26, 2020
Ransomware attack disabled Georgia County Election database

A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures. A ransomware attack hit a Georgia county government early this month and disabled a database used to verify voter signatures in the authentication of absentee ballots. It is a common process to validate absentee ballots sent by […]

Pierluigi Paganini October 25, 2020
Is the Abaddon RAT the first malware using Discord as C&C?

Abaddon is the first RAT that uses the freeware instant messaging and VoIP app and digital distribution platform Discord as a command & control server. Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The […]

Pierluigi Paganini October 25, 2020
New Emotet attacks use a new template urging recipients to upgrade Microsoft Word

Emotet operators have started using a new template this week that pretends to be a Microsoft Office message urging a Microsoft Word update. Researchers this week observed Emotet attacks employing a new template that pretends to be a Microsoft Office message urging the recipient to update their Microsoft Word to add a new feature. Emotet […]

Pierluigi Paganini October 24, 2020
Boyne Resorts ski and golf resort operator hit with WastedLocker ransomware

The systems at the US-based ski and golf resort operator were infected with the WastedLocker ransomware, the incident impacted reservation systems. Boyne Resorts is a collection of mountain and lakeside resorts, ski areas, and attractions spanning from British Columbia to Maine.  The company owns and operates eleven properties and an outdoor lifestyle equipment/apparel retail division […]

Pierluigi Paganini October 24, 2020
US Treasury imposes sanctions on a Russian research institute behind Triton malware

US Treasury Department announced sanctions against Russia’s Central Scientific Research Institute of Chemistry and Mechanics behind Triton malware. The US Treasury Department announced sanctions against a Russian research institute for its alleged role in the development of the Triton malware. “Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated, pursuant to […]

Pierluigi Paganini October 23, 2020
Sopra Steria hit by the Ryuk ransomware gang

French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected French IT outsourcer Sopra Steria has been hit by a ransomware attack, while the company did not reveal the family of malware that infected its systems, local media speculate the involvement of the Ryuk ransomware. “A cyber attack was detected on the Sopra Steria […]

Pierluigi Paganini October 23, 2020
Iran-Linked Seedworm APT target orgs in the Middle East

The Iran-linked cyber espionage group tracked as Seedworm started using a new downloader and is conducting destructive attacks. The Iran-linked cyber-espionage group Seedworm (aka MuddyWater MERCURY, and Static Kitten) was observed using a new downloader in a new wave of attacks. Security experts pointed out that the threat actor started conducting destructive attacks. Also referred to […]