Pierluigi Paganini
September 03, 2023
The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM). The LockBit ransomware group continues to be one of the most active extortion gangs in the threat landscape. This week the gang claimed to have hacked the Commission des services electriques de Montréal (CSEM). The Commission des services électriques […]
Pierluigi Paganini
September 01, 2023
Cisco reported that multiple threat actors are customizing the SapphireStealer information stealer after the leak of its source code. Cisco Talos researchers reported that multiple threat actors have created their own version of the SapphireStealer after that the source code of the stealer was released on GitHub. SapphireStealer is an open-source information stealer written in […]
Pierluigi Paganini
September 01, 2023
Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom. The Key Group ransomware gang has been […]
Pierluigi Paganini
August 31, 2023
Multinational mass media conglomerate Paramount Global suffered a data breach after an unauthorized party accessed files from certain of its systems. Multinational mass media conglomerate Paramount Global disclosed a data breach. According to the data breach notification letter sent to the impacted individuals, an unauthorized party accessed files from certain systems of the company between […]
Pierluigi Paganini
August 30, 2023
FBI coordinated an international law enforcement operation, named Operation ‘Duck Hunt’, that dismantled the Qakbot botnet. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active […]
Pierluigi Paganini
August 29, 2023
A financially motivated actor linked to the FIN8 group exploits the CVE-2023-3519 RCE in attacks on Citrix NetScaler systems in massive attacks. Sophos X-Ops is tracking an ongoing campaign, which is targeting Citrix NetScaler systems, conducted by threat actors linked to the FIN8 group [BleepingComputer, SOCRadar]. The hackers are exploiting the remote code execution, tracked […]
Pierluigi Paganini
August 28, 2023
Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. KmsdBot is an evasive Golang-based malware that was first detected by […]
Pierluigi Paganini
August 28, 2023
The recent wave of MOVEit attacks conducted by the Cl0p ransomware gang impacted 1,000 organizations, experts say. Cybersecurity firm Emsisoft shared disconcerting details about the recent, massive hacking campaign conducted by the Cl0p ransomware group that targeted the MOVEit Transfer file transfer platform designed by Progress Software Corporation. According to the experts, the attacks impacted approximately 1,000 Organizations and […]
Pierluigi Paganini
August 27, 2023
The leak of the source code of the LockBit 3.0 ransomware builder in 2022 allowed threat actors to create new variants of the threat. Lockbit v3, aka Lockbit Black, was detected in June 2022, but in September 2022 a builder for this variant was leaked online. The availability of the builder allowed anyone to create their own […]
Pierluigi Paganini
August 27, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Cloud and hosting provider Leaseweb took down critical systems after a cyber attack French employment agency […]
