Pierluigi Paganini
January 20, 2022
The Federal Bureau of Investigation (FBI) officially linked the Diavol ransomware operation to the infamous TrickBot gang. The FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang, the group that is behind the TrickBot banking trojan. “The FBI first learned of Diavol ransomware in October 2021. Diavol is associated with developers from […]
Pierluigi Paganini
January 20, 2022
Cisco addressed a critical RCE flaw in the Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software. Cisco has addressed a critical remote code execution vulnerability, tracked as CVE-2022-20649, discovered in the Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software. The flaw, discovered by the company experts during internal security testing, can be exploited by […]
Pierluigi Paganini
January 20, 2022
Crypto.com confirmed that a cyber attack compromised around 400 of its customer accounts leading in the theft of $33 million. Crypto.com is a cryptocurrency exchange app based in Singapore, the app currently has 10 million users and 3,000 employees. Recently, several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite their accounts […]
Pierluigi Paganini
January 20, 2022
Researchers spotted a new evasive cryptocurrency stealer named BHUNT that targets a list of wallets and implements multiple data-stealing capabilities. Bitdefender discovered a new evasive cryptocurrency stealer stealer dubbed BHUNT that is able to exfiltrate wallet (Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, Litecoin wallets) contents, passwords stored in the browser, and data from the clipboard. BHUNT is […]
Pierluigi Paganini
January 20, 2022
Security vendor SolarWinds has fixed a Serv-U vulnerability that threat actors attempted to exploit in attacks in the wild. SolarWinds has addressed a vulnerability in Serv-U products that threat actors are actively exploited in the wild. The company pointed out that all the attack attempts failed. The vulnerability, tracked as CVE-2021-35247, was discovered by Microsoft security […]
Pierluigi Paganini
January 19, 2022
UK NCSC has published new guidance for organizations to secure their communications with customers via SMS or phone calls. UK’s National Cyber Security Center (NCSC) has published new guidance for organizations for combatting telephone and SMS fraud. This guide aims at protecting their customers from fraudulent activities, while also ensuring that their SMS and telephone […]
Pierluigi Paganini
January 19, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned organizations about “potential critical threats” following the recent cyberattacks that hit Ukraine. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an “insights” document that warned organizations about “potential critical threats” following the recent cyberattacks aimed at Ukraine. The document starts from most recent attacks targeting […]
Pierluigi Paganini
January 19, 2022
A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported. Box develops and markets cloud-based content management, collaboration, and file-sharing tools for businesses. […]
Pierluigi Paganini
January 19, 2022
A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8 hacking group. A new ransomware gang called ‘White Rabbit’ launched its operations and according to the experts, it is likely linked to the FIN8 financially motivated group. In December the popular malware researcher Michael Gillespie, […]
Pierluigi Paganini
January 18, 2022
Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. “This week, law enforcement authorities took action against the criminal misuse […]
