Pierluigi Paganini
May 01, 2025
Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The financially-motivated group targeted organizations in the media, […]
Pierluigi Paganini
April 28, 2025
BreachForums, a major data leak marketplace, shut down on April 15 after a MyBB 0-day exploit allowed law enforcement infiltration. On April 15, BreachForums, one of the top marketplaces for stolen data, abruptly shut down, fueling widespread speculation. Rumors ranged from FBI raids and the arrest of the administrator. In the aftermath, several alternative forums […]
Pierluigi Paganini
April 27, 2025
Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers observed a threat actor, tracked as Storm-1977, using AzureChecker.exe to launch password spray attacks against cloud tenants in the education sector. AzureChecker.exe connected to sac-auth[.]nodefunction[.]vip to download AES-encrypted data, which, […]
Pierluigi Paganini
April 27, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation New Rust Botnet “RustoBot” […]
Pierluigi Paganini
April 27, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. African multinational telco giant MTN Group disclosed a data breach CEO of cybersecurity firm charged with installing malware […]
Pierluigi Paganini
April 26, 2025
Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma’s Computer Crimes Act. Jeffrey Bowie, CEO of the cybersecurity firm Veritaco, is facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly infecting employee computers at the Oklahoma City St. Anthony Hospital. The man is accused of having installed […]
Pierluigi Paganini
April 25, 2025
The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. DaVita Inc. provides kidney dialysis services through a network of 2,675 outpatient centers in the United States, serving 200,800 patients, and 367 outpatient centers in 11 other countries, serving 49,400 patients. DaVita specializes in treating end-stage renal […]
Pierluigi Paganini
April 24, 2025
Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack. Yale New Haven Health (YNHHS) disclosed a data breach that exposed personal information of 5.5 million patients following a cyberattack that occurred earlier this month. Yale New Haven Health System (YNHHS) is a nonprofit healthcare […]
Pierluigi Paganini
April 24, 2025
Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. After Pope Francis’ death, cybercriminals launched scams and malware attacks, exploiting public curiosity, grief, and confusion. Cybercriminals are ready to exploit any event of global interest, it has already happened in […]
Pierluigi Paganini
April 23, 2025
New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. The malware campaign targets Docker environments to deploy a malicious node connected to Teneo, a decentralized infrastructure network. […]
