Reports

Pierluigi Paganini May 09, 2021
CISA MAR report provides technical details of FiveHands Ransomware

U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. At the end of April, researchers […]

Pierluigi Paganini May 07, 2021
Russia-linked APT29 group changes TTPs following April advisories

The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka Cozy Bear). Today, UK NCSC and CISA-FBI-NSA cybersecurity agencies published a joint security advisory that warns organizations to patch systems immediately to mitigate the risk of attacks conducted by Russia-linked SVR group (aka APT29, Cozy Bear, and The Dukes)). The […]

Pierluigi Paganini May 03, 2021
Threat Report Portugal: Q1 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. Threat Report Portugal Q1 2021: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-InformĂĄtica. This feed is […]

Pierluigi Paganini April 27, 2021
CISA, NIST published an advisory on supply chain attacks

CISA and NIST published a report on software supply chain attacks that shed light on the associated risks and provide instructions on how to mitigate them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) released a joint advisory that provides trends and best practices related to […]

Pierluigi Paganini April 19, 2021
Experts demonstrated how to hack a utility and take over a smart meter

Researchers from the FireEye’s Mandiant team have breached the network of a North American utility and turn off one of its smart meters. Over the years, the number of attacks against ICS/SCADA systems used by industrial organizations worldwide has rapidly increased. Many security firms highlighted the risks related to attacks targeting OT networks used in […]

Pierluigi Paganini April 14, 2021
FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […]

Pierluigi Paganini April 13, 2021
Millions of devices impacted by NAME:WRECK flaws

Security experts disclosed nine flaws, collectively tracked as NAME:WRECK, affecting implementations of the DNS protocol in popular TCP/IP network communication stacks. Security researchers disclosed nine vulnerabilities, collectively tracked as NAME:WRECK, that affect implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. The flaws were […]

Pierluigi Paganini April 06, 2021
SAP systems are targeted within 72 hours after updates are released

On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis and SAP, on-premises SAP systems are targeted by threat actors within 72 hours after security patches are released. Threat actors perform reverse-engineering of the SAP […]

Pierluigi Paganini April 05, 2021
Firmware attacks, a grey area in cybersecurity of organizations

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently published a report that states, titled “March 2021 Security Signals report,” that revealed that more than 80% of enterprises were victims of at least one firmware attack in the past two years. The study pointed out that […]

Pierluigi Paganini March 26, 2021
FBI published a flash alert on Mamba Ransomware attacks

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. The Federal Bureau of Investigation (FBI) published an alert to warn that the Mamba ransomware is abusing the DiskCryptor open-source tool (aka HDDCryptor, HDD Cryptor) to encrypt entire drives. […]