Pierluigi Paganini
April 19, 2020
The FBI announced that the number of cybercrime reports is spiked since the beginning of the Coronavirus (COVID-19) pandemic. Speaking at the Aspen Institute, FBI Deputy Assistant Director Tonya Ugoretz, announced that the bureau has observed a spike in cybercrime reports since the beginning of the Coronavirus pandemic. The FBI official explained that the number […]
Pierluigi Paganini
April 19, 2020
This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. April 14 – Crooks target Healthcare facilities involved […]
Pierluigi Paganini
April 19, 2020
IT services giant Cognizant suffered a ransomware attack on Friday, according to BleepingComputer company was hit by the Maze Ransomware crew. Information technologies services giant Cognizant is the last victim of a ransomware attack, according to BleepingComputer the attack was launched by the Maze Ransomware gang. Cognizant is an American multinational corporation that provides IT services, it is […]
Pierluigi Paganini
April 18, 2020
Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. Cisco Talos researchers have uncovered a new Coronavirus-themed campaign employing a previously-undiscovered RAT tracked as PoetRAT. The attacks targeted the Azerbaijan government and utility companies, the malicious code was designed to infect supervisory control and data acquisition (SCADA) systems, […]
Pierluigi Paganini
April 17, 2020
Security firm Guardicore released technical information on a critical VMware vCenter Server vulnerability recently disclosed by VMware. Earlier this month, VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that could be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. The CVE-2020-3952 vulnerability […]
Pierluigi Paganini
April 17, 2020
Cisco released security patches to address numerous flaws in its products, including critical severity issues that affect IP Phones and UCS Director. The critical vulnerability fixed by Cisco affects IP Phones and resides on the webserver, the flaw could be exploited by a remote, unauthenticated attacker to execute code with root privileges. The flaw, tracked as CVE-2020-3161, […]
Pierluigi Paganini
April 17, 2020
Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe. Recently, we have identified a new variant that is targeting Italian organizations. The malspam messages use […]
Pierluigi Paganini
April 17, 2020
Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. The campaign aimed at users in Syria and surrounding regions was spotted by experts from mobile security firm […]
Pierluigi Paganini
April 16, 2020
At the end of February, I analyzed major black marketplaces searching for anything related to the Coronavirus outbreak, a month later things are completely changed. At the end of February, I published the analysis of major black marketplaces searching for anything related to the Coronavirus outbreak. While the COVID19 pandemic was spreading a global scale, specific goods became victims […]
Pierluigi Paganini
April 16, 2020
Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks, in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites […]
