Pierluigi Paganini
April 17, 2023
China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization. Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control (GC2) in an attack against an unnamed Taiwanese media organization. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, […]
Pierluigi Paganini
April 17, 2023
Vice Society ransomware operators have been spotted using a PowerShell tool to exfiltrate data from compromised networks. Palo Alto Unit 42 team identified observed the Vice Society ransomware gang exfiltrating data from a victim network using a custom-built Microsoft PowerShell (PS) script. Threat actors are using the PowerShell tool to evade software and/or human-based security detection mechanisms. PS scripting […]
Pierluigi Paganini
April 17, 2023
Legion is an emerging Python-based credential harvester and hacking tool that allows operators to break into various online services. Cado Labs researchers recently discovered a new Python-based credential harvester and hacking tool, named Legion, which was sold via Telegram. At this time, the sample analyzed by Cado Labs has a low detection rate of 0 […]
Pierluigi Paganini
April 16, 2023
Researchers warn that the LockBit ransomware gang has developed encryptors to target macOS devices. The LockBit group is the first ransomware gang of all time that has created encryptors to target macOS systems, MalwareHunterTeam team warn. MalwareHunterTeam researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal. The discovery is disconcerting and demonstrates […]
Pierluigi Paganini
April 16, 2023
NCR was the victim of the BlackCat/ALPHV ransomware gang, the attack caused an outage on the company’s Aloha PoS platform. NCR Corporation, previously known as National Cash Register, is an American software, consulting and technology company providing several professional services and electronic products. It manufactures self-service kiosks, point-of-sale terminals, automated teller machines, check processing systems, […]
Pierluigi Paganini
April 16, 2023
Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Ahead of the U.S. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. The phishing attacks began in February 2023, the IT giant reported. Remcos is […]
Pierluigi Paganini
April 15, 2023
A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The third-party library can perform ad fraud by clicking advertisements […]
Pierluigi Paganini
April 15, 2023
Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. While metaverse is no longer a buzzword, amid the sudden popularity of ChatGPT and similar AI tools, those virtual worlds are still here, presenting […]
Pierluigi Paganini
April 15, 2023
US Cybersecurity and Infrastructure Security Agency (CISA) added Android and Novi Survey flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: Google addressed the vulnerability CVE-2023-20963 with the release of “The Android Security Bulletin—March 2023” security updates. The […]
Pierluigi Paganini
April 14, 2023
The Cornwall Community Hospital in Ontario, Canada, is under a cyber attack that is causing delays to scheduled and non-urgent care. A cyberattack on the Cornwall Community Hospital in Ontario, Canada, is causing delays to scheduled and non-urgent care. The cyber attack was discovered on Tuesday, April 11, 2023, it is investigating the incident with […]
