Malware

Pierluigi Paganini January 01, 2024
Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies

CloudSEK researchers analyzed a zero-day exploit that can allow the generation of persistent Google cookies through token manipulation. In October 2023, a developer known as PRISMA first uncovered an exploit that allows the generation of persistent Google cookies through token manipulation. An attacker can use the exploit to access Google services, even after a user’s […]

Pierluigi Paganini January 01, 2024
Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. Coop is one of the largest retail and grocery providers in Sweden, with approximately 800 stores across the country. The stores are co-owned by 3.5 million members in 29 consumer associations. All surplus that is created […]

Pierluigi Paganini December 30, 2023
INC RANSOM ransomware gang claims to have breached Xerox Corp

The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. Xerox Corp provides document management solutions worldwide. The company’s Document Technology segment offers desktop monochrome and color printers, multifunction printers, copiers, digital printing presses, and light production devices; and production printing and publishing systems for the graphic communications marketplace and […]

Pierluigi Paganini December 29, 2023
New Version of Meduza Stealer Released in Dark Web

The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). One of the key significant improvements are support of more software clients (including browser-based […]

Pierluigi Paganini December 28, 2023
Operation Triangulation attacks relied on an undocumented hardware feature

Experts discovered that Operation Triangulation targeting Apple iOS devices leveraged an undocumented hardware feature. Researchers from the Russian cybersecurity firm Kaspersky discovered that threat actors behind the Operation Triangulation exploited an undocumented hardware feature to target Apple iOS devices. In early June, Kaspersky uncovered a previously unknown APT group that is targeting iOS devices with zero-click exploits as part […]

Pierluigi Paganini December 28, 2023
Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network

A Lockbit ransomware attack against the German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) caused service disruptions at three hospitals. German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) announced it has suffered service disruptions at three hospitals (Bielefeld, Rheda-WiedenbrĂŒck, and Herford) after a Lockbit ransomware attack. The security incident could have a serious impact on the local […]

Pierluigi Paganini December 27, 2023
Xamalicious Android malware distributed through the Play Store

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows […]

Pierluigi Paganini December 26, 2023
Rhysida ransomware group hacked Abdali Hospital in Jordan

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. Abdali Hospital is a multi-specialty hospital located in the modern development of Al-Abdali, Amman, Jordan. Abdali Hospital provides care to patients in numerous specialties. Apart from its general surgery section, it has specialists in orthopedics and rheumatology, gynecology, urology and endocrinology, neurology, nephrology, pulmonology, internal medicine, oncology, […]

Pierluigi Paganini December 26, 2023
Carbanak malware returned in ransomware attacks

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. The Carbanak gang was first discovered by Kaspersky Lab in 2015, the group has stolen at least $300 million […]

Pierluigi Paganini December 25, 2023
Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor

Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. Microsoft says the APT33 (aka Peach Sandstorm, Holmium, Elfin, and Magic Hound) Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack against organizations in the Defense Industrial Base (DIB) sector. “Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to […]