Pierluigi Paganini
March 25, 2022
Ukraine CERT (CERT-UA) released details about a campaign that SentinelLabs linked with the suspected Chinese threat actor tracked as Scarab. Ukraine CERT (CERT-UA) published technical details about a malicious activity tracked as UAC-0026, which SentinelLabs associated with China-linked Scarab APT. Scarab APT was first spotted in 2015, but experts believe it has been active since […]
Pierluigi Paganini
March 25, 2022
The U.S. has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. The U.S. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “The Department of Justice unsealed two indictments today charging […]
Pierluigi Paganini
March 24, 2022
Anonymous launches its offensive against Wester companies still operating in Russia, it ‘DDoSed’ Auchan, Leroy Merlin e Decathlon websites. Since the start of the Russian invasion of Ukraine on February 24, Anonymous has declared war on Russia and launched multiple cyber-attacks against Russian entities, including Russian government sites, state-run media websites, and energy firms. Anonymous recently declared war on all companies that […]
Pierluigi Paganini
March 24, 2022
VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform. VMware released this week, software updates to address two critical security vulnerabilities, CVE-2022-22951 and CVE-2022-22952 (both received a CVSS score of 10), affecting its Carbon Black App Control platform that could be exploited by a threat actor to execute arbitrary […]
Pierluigi Paganini
March 24, 2022
The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues to target Russian government organizations and private businesses, now it is claiming to have hacked the Central Bank of Russia. The popular hacker collective claims to have compromised the systems of the Central Bank of […]
Pierluigi Paganini
March 24, 2022
The provider of access management systems Okta confirmed the data breach and revealed that 2.5% of its customers were impacted. This week Lapsus$ extortion group claimed to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots […]
Pierluigi Paganini
March 23, 2022
Ukraine CERT-UA warns of cyberattack aimed at Ukrainian enterprises using the a wiper dubbed DoubleZero. Ukraine CERT-UA continues to observe malware based attacks aimed at Ukrainian organizations, in a recent alert it warned of attacks employing a wiper dubbed DoubleZero. The government CERT started observing this campaign on March 17, 2022, threat actors launched spear-phishing […]
Pierluigi Paganini
March 23, 2022
The FBI is warning of risks related to cyber attacks aimed at energy companies of Russia-linked threat actors. The FBI is warning energy companies of the risks of cyber attacks carried out by Russia-linked threat actors, reported The Associated Press. The Associated Press has access to a security advisory issued by the FBI that reports […]
Pierluigi Paganini
March 23, 2022
Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked […]
Pierluigi Paganini
March 23, 2022
Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Yesterday the cybercrime gang leaked 37GB of source code stolen from […]
