Pierluigi Paganini
July 13, 2022
A large-scale phishing campaign used adversary-in-the-middle (AiTM) phishing sites to hit more than 10,000 organizations Microsoft observed a large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and bypass the authentication process even when the victim has enabled the MFA. In AiTM phishing, threat actors set up a proxy […]
Pierluigi Paganini
July 11, 2022
Threat actors used a fake job offer on LinkedIn to target an employee at Axie Infinity that resulted in the theft of $540 Million. In March, threat actors stole almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from Axie Infinity’s Ronin network bridge. The attack took place on March 23rd, but […]
Pierluigi Paganini
July 11, 2022
A large-scale phishing campaign leveraging the Anubis Network is targeting Brazil and Portugal since March 2022. A large-scale phishing campaign is targeting Internet-end users in Brazil and Portugal since March 2022. Anubis Network is a C2 portal developed to control fake portals and aims to steal credentials to fully access the real systems. This C2 […]
Pierluigi Paganini
July 11, 2022
BlackCat (aka ALPHV) Ransomware gang introduced an advanced search by stolen victim’s passwords, and confidential documents. The notorious cybercriminal syndicate BlackCat competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked in the TOR network Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, […]
Pierluigi Paganini
July 11, 2022
BleepingComputer reported a new ransomware operation named 0mega that is targeting organizations worldwide. 0mega is a new ransomware operation that is targeting organizations worldwide using a double-extortion model, BleepingComputer reported. The ransomware operation has been active at least since May 2022 and already claimed to have breached multiple organizations. Victims of the ransomware reported that […]
Pierluigi Paganini
July 10, 2022
French virtual mobile telephone operator La Poste Mobile was hit by a ransomware attack that impacted administrative and management services. The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services. The company pointed out that threat actors may have accessed data of its customers, […]
Pierluigi Paganini
July 09, 2022
Cybereason researchers are warning of a wave of attacks spreading the wormable Windows malware Raspberry Robin. Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code uses Windows Installer to reach out to QNAP-associated domains and download a malicious DLL. The malware uses […]
Pierluigi Paganini
July 09, 2022
Experts documented the evolution of the LockBit ransomware that leverages multiple techniques to infect targets and evade detection. The Cybereason Global Security Operations Center (GSOC) Team published the Cybereason Threat Analysis Reports that investigates the threat landscape and provides recommendations to mitigate their attacks. The researchers focused on the evolution of the Lockbit ransomware, they detailed two infections occurring […]
Pierluigi Paganini
July 08, 2022
Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts […]
Pierluigi Paganini
July 06, 2022
Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn. “The upgrades in the latest variant are effectively […]
