Pierluigi Paganini
June 30, 2023
North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government. The […]
Pierluigi Paganini
June 29, 2023
A new Windows information stealer dubbed ThirdEye appeared in the threat landscape, it has been active since April. Fortinet FortiGuard Labs discovered a previously undetected information stealer named ThirdEye. The malicious code is not sophisticated and can allow operators to steal various information from the infected machines. Fortinet started investigating the threat after the discovery of an […]
Pierluigi Paganini
June 28, 2023
Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. The experts observed a massive spike in activity associated with this threat actor between May and June 2023. […]
Pierluigi Paganini
June 27, 2023
Mockingjay is a new process injection technique that can be exploited to bypass security solutions to execute malware on compromised systems. A new process injection technique dubbed Mockingjay can be exploited by attackers to bypass security controls and gain unauthorized access to compromised systems. The term process injection is used to refer to a method […]
Pierluigi Paganini
June 27, 2023
Clop ransomware group added five new victims of MOVEit attacks to its dark web leak site, including Schneider Electric and Siemens Energy. The Clop ransomware group added five new victims of MOVEit attacks to its dark web leak site, including the industrial giants Schneider Electric and Siemens Energy. Both Schneider Electric and Siemens Energy provide […]
Pierluigi Paganini
June 27, 2023
An unnamed Japanese cryptocurrency exchange was the victim of a cyber attack aimed at deploying an Apple macOS backdoor named JokerSpy. Elastic Security Labs researchers provided details about a recently discovered intrusion at an unnamed cryptocurrency exchange, aimed at deploying an Apple macOS backdoor named JokerSpy. The researchers tracked the intrusion as REF9134, the threat […]
Pierluigi Paganini
June 26, 2023
Milomir Desnica, a citizen of Croatia and Serbia, has been charged with running the Monopoly Market drug darknet marketplace. Milomir Desnica (33), a citizen of Croatia and Serbia, has been extradited from Austria to the United States to face charges of running the darknet drug marketplace Monopoly Market. According to the indictment, in late 2019, […]
Pierluigi Paganini
June 26, 2023
China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon, using a novel tradecraft to gain initial access to target networks. The Volt Typhoon group has been active since at least mid-2021 […]
Pierluigi Paganini
June 26, 2023
Researchers observed threat actors spreading a trojanized Super Mario Bros game installer to deliver multiple malware. Researchers from Cyble Research and Intelligence Labs (CRIL) discovered a trojanized Super Mario Bros game installer for Windows that was used to deliver multiple malware, including an XMR miner, SupremeBot mining client, and the Open-source Umbral stealer. The threat actors […]
Pierluigi Paganini
June 25, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix […]
APT / February 05, 2026
