Pierluigi Paganini
October 07, 2021
Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers use stealthy ShellClient malware on aerospace, telco firms Cybereason Nocturnus and Incident Response Teams discovered a new threat actor that is targeting organizations in the aerospace and telecommunications sectors with the ShellClient malware as part […]
Pierluigi Paganini
October 06, 2021
Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data leakage. Agent Tesla, first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from […]
Pierluigi Paganini
October 05, 2021
An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server. Researchers from Sophos were investigating a ransomware attack when discovered that the attackers employed a Python script to encrypt virtual machines hosted on VMware ESXi servers. In the attack investigated by the […]
Pierluigi Paganini
October 04, 2021
Pottawatomie County restored operations that were suspended after a ransomware attack hit its systems on September 17, 2021. Officials at Pottawatomie County announced to have fully recovered their IT infrastructure that was hit by a ransomware attack on September 17, 2021. County Administrator Chad Kinsley announced that the county opted to pay the ransomware, they […]
Pierluigi Paganini
October 04, 2021
Two ransomware operators arrested in Kyiv, Ukraine, that are suspected to have attacked more than 100 companies causing more than $150M in damages. A joint international law enforcement operation led to the arrest of the ransomware operators in Kyiv, Ukraine on September 28. The operation was conducted by the Ukrainian National Police, with the support […]
Pierluigi Paganini
October 04, 2021
Israeli Aerospace & Defense firm E.M.I.T. Aviation Consulting Ltd. was hit by LockBit 2.0 ransomware, operators will leak files on 07 Oct, 2021. LockBit 2.0 ransomware operators hit the Israeli aerospace and defense firm E.M.I.T. Aviation Consulting Ltd, threat actors claim to have stolen data from the company and are threatening to leak them on […]
Pierluigi Paganini
October 03, 2021
Proofpoint researchers reported that TA544 threat actors are behind a new Ursnif campaign that is targeting Italian organizations. Proofpoint researchers have discovered a new Ursnif baking Trojan campaign carried out by a group tracked as TA544 that is targeting organizations in Italy. The experts observed nearly 20 notable campaigns distributing hundreds of thousands of malicious […]
Pierluigi Paganini
October 02, 2021
The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat actors behind the Flubot Android malware are now leveraging fake security updates to trick victims into installing the malicious code. The attackers use fake security warnings of Flubot infections and urging them to install the […]
Pierluigi Paganini
October 01, 2021
Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank.  Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. According to malware researchers from the MalwareHunterTeam and Cyble, the new campaign mainly impacted the customers of Commerzbank, Germany’s […]
Pierluigi Paganini
September 30, 2021
Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. Trend Micro researchers have spotted crypto-mining campaigns that are actively exploiting a recently disclosed critical remote code execution vulnerability in Atlassian Confluence deployments across Windows and Linux. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects […]
Hacking / September 25, 2025
