Reports

Pierluigi Paganini February 16, 2024
U.S. CISA: hackers breached a state government organization

U.S. CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a threat actor gained access to an unnamed state government organization’s network environment via an administrator account belonging to a former employee. CISA and […]

Pierluigi Paganini February 13, 2024
Ransomfeed – Third Quarter Report 2023 is out!

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. A comprehensive report delving into the intricate landscape of ransomware threats during the last four months of 2023 is out, with a meticulous focus on the monitoring activities conducted by the OSINT Ransomfeed platform (www.ransomfeed.it). Throughout this […]

Pierluigi Paganini January 25, 2024
Yearly Intel Trend Review: The 2023 RedSense report

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include references to case studies that were reported on by RedSense throughout the year. Trend Analysis Ghost Group Operations: A notable increase in covert ‘ghost groups’ like […]

Pierluigi Paganini January 19, 2024
Ransomware attacks break records in 2023: the number of victims rose by 128%

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of […]

Pierluigi Paganini January 17, 2024
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation

U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to warn of AndroxGh0st malware. The malware is spreading to create a botnet for victim identification and exploitation in target networks. […]

Pierluigi Paganini January 03, 2024
Don’t trust links with known domains: BMW affected by redirect vulnerability

Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge links leading to malicious sites through them. Cybernews researchers have discovered two BMW subdomains that were vulnerable to SAP redirect vulnerability. They were used to access […]

Pierluigi Paganini December 26, 2023
Resecurity Released a 2024 Cyber Threat Landscape Forecast

Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. These projections stem from an in-depth analysis of the underground economy’s evolution on […]

Pierluigi Paganini December 05, 2023
ENISA published the ENISA Threat Landscape for DoS Attacks Report

ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk for organizations. Over the past few years, threat actors have increasingly had access to cost-effective and efficient means and services to carry out such kinds of […]

Pierluigi Paganini November 16, 2023
FBI and CISA warn of attacks by Rhysida ransomware gang

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques, and […]

Pierluigi Paganini November 08, 2023
FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) to warn of ransomware initial access trends and provide recommendations to reduce the attack surface to ransomware attacks. As of July 2023, […]