Pierluigi Paganini
April 19, 2020
This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. April 14 – Crooks target Healthcare facilities involved […]
Pierluigi Paganini
April 19, 2020
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs A new e-skimmer found on WordPress site using the WooCommerce plugin Coronavirus-themed attacks April 05 – April 11, 2020 Thousands Zoom credentials available on a Dark Web forum 500,000+ Zoom accounts available for sale on the Dark Web […]
Pierluigi Paganini
April 18, 2020
Hacker claims to have breached the Aptoide app store users early this month and now leaked 20 million records out of 39 million Aptoide user records. A hacker has leaked this week details of 20 million users of the Aptoide app store, the claims to have breached the store early this months and to be […]
Pierluigi Paganini
April 18, 2020
Threat actors employed the previously-undetected PoetRAT Trojan in a Coronavirus-themed campaign aimed at government and energy sectors. Cisco Talos researchers have uncovered a new Coronavirus-themed campaign employing a previously-undiscovered RAT tracked as PoetRAT. The attacks targeted the Azerbaijan government and utility companies, the malicious code was designed to infect supervisory control and data acquisition (SCADA) systems, […]
Pierluigi Paganini
April 17, 2020
Security firm Guardicore released technical information on a critical VMware vCenter Server vulnerability recently disclosed by VMware. Earlier this month, VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that could be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. The CVE-2020-3952 vulnerability […]
Pierluigi Paganini
April 17, 2020
Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe. Recently, we have identified a new variant that is targeting Italian organizations. The malspam messages use […]
Pierluigi Paganini
April 17, 2020
Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also […]
Pierluigi Paganini
April 16, 2020
The shipping giant Mediterranean Shipping Company (MSC) was victim of a malware-based attack that caused an outage recently. The shipping giant Mediterranean Shipping Company (MSC) discloses a malware-based attack that took place on April 10. The incident affected the company’s data center and took down its website, msc.com, and its myMSC customer and vendor portal. “The […]
Pierluigi Paganini
April 16, 2020
At the end of February, I analyzed major black marketplaces searching for anything related to the Coronavirus outbreak, a month later things are completely changed. At the end of February, I published the analysis of major black marketplaces searching for anything related to the Coronavirus outbreak. While the COVID19 pandemic was spreading a global scale, specific goods became victims […]
Pierluigi Paganini
April 16, 2020
Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks, in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites […]
