IT

Pierluigi Paganini March 03, 2020
Experts warn of mass scans for Apache Tomcat Ghostcat flaw

Experts warn of ongoing scans for Apache Tomcat servers affected by the Ghostcat flaw that could allow attackers to take over servers. Security experts are warning of ongoing scans for Apache Tomcat servers affected by the recently disclosed Ghostcat vulnerability CVE-2020-1938. The flaw affects all versions of Apache Tomcat, it could be exploited by attackers […]

Pierluigi Paganini February 27, 2020
Hunting the coronavirus in the dark web

Let me share with you the result of a one-night long analysis of major black marketplaces searching for anything related to the coronavirus epidemic. Recently I have received many questions from journalists and colleagues about the activity in the dark web related to the coronavirus epidemic, here you are what I have found digging in […]

Pierluigi Paganini February 24, 2020
Raccoon Malware, a success case in the cybercrime ecosystem

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware, Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data […]

Pierluigi Paganini February 20, 2020
UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia

Britain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that hit Georgia during 2019. In October 2019, a wave of cyber attacks hit 2,000 websites […]

Pierluigi Paganini February 19, 2020
US CISA warns of Ransomware attacks impacting pipeline operations

The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S. infrastructure sectors about a recent infection at a natural gas compression facility. “The Cybersecurity and Infrastructure Security Agency (CISA) […]