Pierluigi Paganini
June 08, 2022
0patch researchers released an unofficial security patch for a Windows zero-day vulnerability dubbed DogWalk. 0patch released an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) dubbed DogWalk. The issue impacts all Windows versions, starting from Windows 7 and Server Server 2008, including the latest releases. The flaw […]
Pierluigi Paganini
June 08, 2022
An international operation led by the US authorities dismantled and seized the infrastructure of the online marketplace SSNDOB. US DoJ announced the seizure of the SSNDOB Marketplace, a series of websites offering personal information, including the names, dates of birth, and Social Security numbers belonging to individuals in the United States. According to the authorities, the […]
Pierluigi Paganini
June 08, 2022
China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers. The nation-state actors exploit publicly known vulnerabilities to compromise the target […]
Pierluigi Paganini
June 08, 2022
Black Basta ransomware gang implemented a new feature to encrypt VMware ESXi virtual machines (VMs) running on Linux servers. The Black Basta ransomware gang now supports encryption of VMware ESXi virtual machines (VMs) running on Linux servers. Researchers from Uptycs first reported the discovery of the new Black Basta ransomware variant that supports encryption of […]
Pierluigi Paganini
June 07, 2022
Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks that have been attributed to the financially motivated threat actor UNC2165. The researchers also noticed that the group shares numerous overlaps with the cybercrime gang Evil Corp. The UNC2165 group has been active since at […]
Pierluigi Paganini
June 07, 2022
The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted a new partnership in the threat landscape between the Black Basta ransomware group and the QBot malware operation. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack […]
Pierluigi Paganini
June 06, 2022
LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the LockBit ransomware gang has added the cybersecurity firm Mandiant to the list of victims published on its darkweb leak site. Mandiant is investigating the claims of the ransomware gang, the cybercrime group declared to have […]
Pierluigi Paganini
June 06, 2022
Microsoft’s Digital Crimes Unit (DCU) announced the seizure of domains used by Iran-linked APT Bohrium in spear-phishing campaigns. Microsoft’s Digital Crimes Unit (DCU) announced to have taken legal action to disrupt a spear-phishing operation linked to Iran-linked APT Bohrium. The IT giant has seized the domains used by the threat actors employed in its attacks aimed […]
Pierluigi Paganini
June 06, 2022
During the bug hunting activity, Red Team Research (RTR) detected 2 zero-day bugs on GEMINI-NET, a RESI Informatica solution. It’s been detected an OS Command Injection, which has been identified from NIST as a Critical one, its score is 9,8. This vulnerability comes from a failure to check the parameters sent as inputs into the […]
Pierluigi Paganini
June 06, 2022
Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”. Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups, they’re leveraging current geopolitical tensions between the Ukraine and Russia to perform cyber-attacks. Following the attacks of the Killnet Collective, the group responsible […]
