Pierluigi Paganini
May 02, 2022
Russia-linked APT29 (Cozy Bear or Nobelium) launched a spear-phishing campaign targeting diplomats and government entities. In mid-January 2022, security researchers from Mandiant have spotted a spear-phishing campaign, launched by the Russia-linked APT29 group, on targeting diplomats and government entities. The Russia-linked APT29 group (aka SVR, Cozy Bear, and The Dukes) has been active since at least 2014, […]
Pierluigi Paganini
May 01, 2022
Synology warns customers that some of its NAS devices are affected by multiple critical Netatalk vulnerabilities. Synology has warned customers that multiple critical Netatalk vulnerabilities affect some of its network-attached storage (NAS) devices. Netatalk is a free, open-source implementation of the Apple Filing Protocol that allows Unix-like operating systems to serve as a file server for macOS computers. QNAP NAS devices support the AFP protocol to […]
Pierluigi Paganini
May 01, 2022
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion that occurred in the previous weeks: April 30 – Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites A series of DDoS […]
Pierluigi Paganini
April 30, 2022
Emotet operators are testing new attack techniques in response to Microsoft’s move to disable Visual Basic for Applications (VBA) macros by default. The operators of the infamous Emotet botnet are testing new attack techniques in response to Microsoft’s move to disable Visual Basic for Applications (VBA) macros by default. The threat actors are adopting the […]
Pierluigi Paganini
April 29, 2022
OpRussia continues, less than a week after my last update Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the collective claims to have published more than 6 TB of Russian data via DDoSecrets. This is my update […]
Pierluigi Paganini
April 29, 2022
Cybercrime gang FIN7’s badUSB attacks serve as a reminder of two key vulnerabilities present among all organizations. The criminal group had been mailing malware-ridden USBs to various entities in the transport, insurance, and defense industries under the guise that they originated from a trusted source, such as Amazon and the US Department of Health and […]
Pierluigi Paganini
April 28, 2022
Threat actors have replaced the BazaLoader and IcedID malware with a new loader called Bumblebee in their campaigns. Cybercriminal groups that were previously using the BazaLoader and IcedID as part of their malware campaigns seem to have adopted a new loader called Bumblebee. The loader appears to be under development and is a highly sophisticated […]
Pierluigi Paganini
April 28, 2022
Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity agencies of the United States, Australia, Canada, New Zealand, and the United […]
Pierluigi Paganini
April 28, 2022
Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second (RPS). Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second (RPS), which is one of the largest HTTPS DDoS attacks blocked by the company. The company blocked the attack earlier this month, the experts […]
Pierluigi Paganini
April 28, 2022
Microsoft revealed that Russia launched hundreds of cyberattacks against Ukraine since the beginning of the invasion. Microsoft states that at least six separate Russia-linked threat actors launched more than 237 operations against Ukraine starting just before the invasion. The cyber attacks included destructive wipers that were used to target critical infrastructure in a hybrid war […]
Uncategorized / February 08, 2026
