Malware

Pierluigi Paganini June 18, 2020
Cognizant admitted data breach in April Ransomware Attack

In April the information technologies services giant Cognizant Technology suffered a ransomware attack, now it has confirmed also a data breach. In April the information technologies services giant Cognizant Technology was hit by Maze Ransomware operators. Cognizant is an American multinational corporation that provides IT services, it is one of the largest IT managed services company in the […]

Pierluigi Paganini June 18, 2020
InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. […]

Pierluigi Paganini June 18, 2020
An ongoing Qbot campaign targeted customers of tens of US banks

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot, aka Qakbot, is a data stealer worm with backdoor capabilities that […]

Pierluigi Paganini June 17, 2020
Maze Ransomware gang breached the US chipmaker MaxLinear

U.S. system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May. U.S. system-on-chip maker MaxLinear is the last victim of the Maze ransomware operators, the company revealed that the systems were infected last month, but the threat actors first compromised the company on April 15. MaxLinear is […]

Pierluigi Paganini June 17, 2020
Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Experts uncovered a new cyber-espionage campaign, dubbed “Operation In(ter)reception,” aimed at aerospace and military organizations in Europe and the Middle East. Security experts from ESET uncovered a new sophisticated cyber-espionage campaign, dubbed “Operation In(ter)reception,” aimed at aerospace and military organizations in Europe and the Middle East. The attackers were attempting to spy on key employees […]

Pierluigi Paganini June 15, 2020
Black Kingdom ransomware operators exploit Pulse VPN flaws

Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. Researchers from security firm REDTEAM reported that operators behind the Black Kingdom ransomware are targeting enterprises exploiting the CVE-2019-11510 flaw in Pulse Secure VPN software to gain access to the network. Black Kingdom ransomware was first spotted in […]

Pierluigi Paganini June 15, 2020
Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Hackers breached the websites of the U.S. accessory giant Claire’s, and its subsidiary Icing, and gained access to customer’s credit card data. Threat actors have hacked the websites of the U.S. based jewelry and accessory giant Claire’s, and its subsidiary Icing, the security breach took place in April and attackers may have gained access to customer’s credit cards. Claire’s […]

Pierluigi Paganini June 15, 2020
Earth Empusa targets minority group with Android ActionSpy spyware

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Researchers warn that the Earth Empusa (aka POISON CARP/Evil Eye) threat group is targeting the Uyghurs, a Turkic minority ethnic group originating from and culturally affiliated with the general region of Central and East […]

Pierluigi Paganini June 14, 2020
Ransomware attack disrupts operations at Australian beverage company Lion

Systems at Australian beverages company Lion were infected with a ransomware that disrupted to manufacturing processes and customer service. Systems at Australian beverages company Lion were infected with a ransomware, the security breach caused the disruption of manufacturing processes and customer service. Lion is a beverage and food company that operates in Australia and New Zealand, […]

Pierluigi Paganini June 14, 2020
Coronavirus-themed attacks May 31 – June 13, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected between May 31 and June 13, 2020. June 4, 2020 […]