Pierluigi Paganini
August 28, 2020
A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. The new variant also exploits SMBGhost bug in Windows systems, and is also able to target servers running Redis […]
Pierluigi Paganini
August 27, 2020
Group-IB security researchers provide evidence linking three campaigns with the use of various JS-sniffer families. Singapore – Group-IB, a global threat hunting and intelligence company headquartered in Singapore, today released its analytical report “UltraRank: the unexpected twist of a JS-sniffer triple threat.” In its report, Group-IB Threat Intelligence experts provide evidence linking three campaigns with the use of various JavaScript-sniffer families […]
Pierluigi Paganini
August 27, 2020
REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. During ordinary monitoring activity of data leaks, the Cyble Research Team identified a leak disclosure post published by the REvil ransomware operators claiming to have breached a healthcare organization, the Valley Health Systems. Healthcare organizations are a privileged target of […]
Pierluigi Paganini
August 24, 2020
A ransomware attack hit TFI International’s four Canadian courier divisions last week, Canpar Express, ICS Courier, Loomis Express and TForce Integrated Solutions. A couple of days after the transportation and logistics TFI International company raised millions of dollars in a share offering, the news of a ransomware attack against its four Canadian courier divisions (Canpar Express, […]
Pierluigi Paganini
August 24, 2020
Group-IB has detected financially motivated attacks carried out in June by newbie threat actors from Iran. The attackers used Dharma ransomware and a mix of publicly available tools to target companies in Russia, Japan, China, and India. All the affected organizations had hosts with Internet-facing RDP and weak credentials. The hackers typically demanded a ransom between 1-5 […]
Pierluigi Paganini
August 24, 2020
Operators of Grandoreiro Latin American banking trojan have launched a new campaign using emails posing as the Agencia Tributaria in order to infect new victims. Operators behind the Grandoreiro banking trojan, which is popular in Latin America, have been using emails posing as the Agencia Tributaria to trick victims into installing the malware. The campaign began […]
Pierluigi Paganini
August 21, 2020
The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social […]
Pierluigi Paganini
August 16, 2020
A 31-year-old man from Dallas, Texas, was sentenced last week to 57 months in prison for crimes related to the hacking of a major tech firm in New York. Tyler C. King (31), from Dallas, Texas, was sentenced to 57 months in prison for crimes related to the hacking of an unnamed major tech company […]
Pierluigi Paganini
August 14, 2020
The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution […]
Pierluigi Paganini
August 14, 2020
A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. He claims the databases contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video […]
