Malware

Pierluigi Paganini December 29, 2023
New Version of Meduza Stealer Released in Dark Web

The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). One of the key significant improvements are support of more software clients (including browser-based […]

Pierluigi Paganini December 28, 2023
Operation Triangulation attacks relied on an undocumented hardware feature

Experts discovered that Operation Triangulation targeting Apple iOS devices leveraged an undocumented hardware feature. Researchers from the Russian cybersecurity firm Kaspersky discovered that threat actors behind the Operation Triangulation exploited an undocumented hardware feature to target Apple iOS devices. In early June, Kaspersky uncovered a previously unknown APT group that is targeting iOS devices with zero-click exploits as part […]

Pierluigi Paganini December 28, 2023
Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network

A Lockbit ransomware attack against the German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) caused service disruptions at three hospitals. German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) announced it has suffered service disruptions at three hospitals (Bielefeld, Rheda-Wiedenbrück, and Herford) after a Lockbit ransomware attack. The security incident could have a serious impact on the local […]

Pierluigi Paganini December 27, 2023
Xamalicious Android malware distributed through the Play Store

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows […]

Pierluigi Paganini December 26, 2023
Rhysida ransomware group hacked Abdali Hospital in Jordan

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. Abdali Hospital is a multi-specialty hospital located in the modern development of Al-Abdali, Amman, Jordan. Abdali Hospital provides care to patients in numerous specialties. Apart from its general surgery section, it has specialists in orthopedics and rheumatology, gynecology, urology and endocrinology, neurology, nephrology, pulmonology, internal medicine, oncology, […]

Pierluigi Paganini December 26, 2023
Carbanak malware returned in ransomware attacks

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. The Carbanak gang was first discovered by Kaspersky Lab in 2015, the group has stolen at least $300 million […]

Pierluigi Paganini December 25, 2023
Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. Microsoft says the APT33 (aka Peach Sandstorm, Holmium, Elfin, and Magic Hound) Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack against organizations in the Defense Industrial Base (DIB) sector. “Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to […]

Pierluigi Paganini December 23, 2023
LockBit ransomware gang claims to have breached accountancy firm Xeinadin

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Xeinadin has over 60,000 clients across the UK and Ireland. In 2021, a significant endorsement came from Exponent, one […]

Pierluigi Paganini December 22, 2023
Akira ransomware gang claims the theft of sensitive data from Nissan Australia

The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Australia and to have stolen around 100GB of files from the carmaker giant. The company refused to pay the ransom and the ransomware gang threatened […]

Pierluigi Paganini December 21, 2023
Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware. Agent Tesla is a spyware that is used to spy on the […]