Pierluigi Paganini
January 28, 2021
Clearsky researchers linked the Lebanese Cedar APT group to a cyber espionage campaign that targeted companies around the world. Clearsky researchers linked the Lebanese Cedar group (aka Volatile Cedar) to a cyber espionage campaign that targeted companies around the world. The APT group has been active since 2012, experts linked the group to the Hezbollah […]
Pierluigi Paganini
January 26, 2021
Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is warning that North Korea-linked hackers targeting security researchers through social media. According to the Google team that focuses on nation-state attacks, a North Korea-linked APT group has targeted experts that are working on the research […]
Pierluigi Paganini
January 20, 2021
Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. The experts explained how the UNC2452 and other threat actors breached […]
Pierluigi Paganini
January 12, 2021
Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered a watering hole […]
Pierluigi Paganini
January 11, 2021
Experts have found some similarities between the Sunburst backdoor used in the SolarWinds supply chain attack and Turla’s backdoor Kazuar. Security experts from Kaspersky have identified multiple similarities between the Sunburst malware used in the SolarWinds supply chain attack and the Kazuar backdoor that has been employed in cyber espionage campaigns conducted by Russia-linked APT group Turla. The discovery […]
Pierluigi Paganini
January 04, 2021
Security expert spotted a new piece of malware that leverages weaponized Word documents to download a PowerShell script from GitHub. Security expert discovered a new piece of malware uses weaponized Word documents to download a PowerShell script from GitHub. This PowerShell script is also used by threat actors to download a legitimate image file from image hosting […]
Pierluigi Paganini
January 03, 2021
This post includes the details of the COVID-19 themed attacks launched from December 19, 2020– January 02, 2021. 25 December, 2020 – North Korea-linked Lazarus APT targets the COVID-19 research The North Korea-linked Lazarus APT group has recently launched cyberattacks against at least two organizations involved in COVID19 research. 30 December, 2020 – US Treasury […]
Pierluigi Paganini
December 27, 2020
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A massive fraud operation used mobile device emulators to steal millions from online bank accounts SolarWinds hackers also breached the US NNSA nuclear agency Clop ransomware gang paralyzed flavor and […]
Pierluigi Paganini
December 17, 2020
Microsoft, FireEye, and GoDaddy have partnered to create a kill switch for the Sunburst backdoor that was employed in the recent SolarWinds hack. Microsoft, FireEye, and GoDaddy have created a kill switch for the Sunburst backdoor that was used in SolarWinds supply chain attack. Last week, Russia-linked hackers breached SolarWinds, the attackers had used a trojanized […]
Pierluigi Paganini
December 16, 2020
Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing. Microsoft partnered with other cybersecurity firms to seize the primary domain used in the SolarWinds attack (avsvmcloud[.]com) in an attempt to identify all victims and prevent other systems from being served malicious software. The domain […]
Security / December 19, 2025
