Pierluigi Paganini
August 02, 2022
Gootkit access-as-a-service (AaaS) malware is back with tactics and fileless delivery of Cobalt Strike beacons. Gootkit runs on an access-a-as-a-service model, it is used by different groups to drop additional malicious payloads on the compromised systems. Gootkit has been known to use fileless techniques to deliver threats such as the SunCrypt, and REvil (Sodinokibi) ransomware, Kronos trojans, […]
Pierluigi Paganini
August 01, 2022
The ALPHV/BlackCat ransomware gang claims to have breached the European gas pipeline Creos Luxembourg S.A. The ALPHV/BlackCat ransomware gang claims to have hacked the European gas pipeline Creos Luxembourg S.A. Creos Luxembourg S.A. owns and manages electricity networks and natural gas pipelines in the Grand Duchy of Luxembourg. In this capacity, the company plans, constructs […]
Pierluigi Paganini
August 01, 2022
A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The issue affects Dahua’s implementation of the Open Network Video Interface Forum (ONVIF). ONVIF provides and promotes standardized interfaces for effective […]
Pierluigi Paganini
July 31, 2022
Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. MBDA is a European multinational developer and manufacturer of missiles that was the result of the merger of the main French, British and Italian missile systems companies (Aérospatiale–Matra, BAE Systems, and Finmeccanica (now Leonardo). The name MBDA comes from the initialism of the names missile companies: Matra, BAe Dynamics and Alenia. A threat actor […]
Pierluigi Paganini
July 31, 2022
The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. Trend Micro researchers uncovered a malicious campaign that leveraged 17 seemingly harmless Android dropper apps, collectively tracked as DawDropper, on the Google Play Store to distribute banking malware. The DawDropper apps are masqueraded as productivity and utility apps such […]
Pierluigi Paganini
July 31, 2022
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report CISA orders to patch an actively exploited […]
Pierluigi Paganini
July 30, 2022
I’m proud to announce the release of the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report, Enjoy it! Ransomware has become one of the most dangerous threats for organizations worldwide. Cybercriminal organizations and ransomware gangs have devised new business models that are attracting a broad range of advanced threat actors. It is quite easy today for […]
Pierluigi Paganini
July 29, 2022
Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft researchers discovered that the FakeUpdates malware was being distributed via Raspberry Robin malware. Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code […]
Pierluigi Paganini
July 28, 2022
Threat actors are devising new attack tactics in response to Microsoft’s decision to block Macros by default. In response to Microsoft’s decision steps to block Excel 4.0 (XLM or XL4) and Visual Basic for Applications (VBA) macros by default in Microsoft Office applications, threat actors are adopting new attack techniques. Researchers from Proofpoint reported that […]
Pierluigi Paganini
July 27, 2022
Researchers found similarities between LockBit 3.0 ransomware and BlackMatter, which is a rebranded variant of the DarkSide ransomware. Cybersecurity researchers have found similarities between the latest version of the LockBit ransomware, LockBit 3.0, and the BlackMatter ransomware. The Lockbit 3.0 ransomware was released in June with important novelties such as a bug bounty program, Zcash payment, and new extortion […]
Security / February 10, 2026
