Pierluigi Paganini
June 30, 2022
North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. Harmony’s […]
Pierluigi Paganini
June 30, 2022
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement with the Russian cybercrime group NetWalker. In March, the man was extradited to the United States to face charges […]
Pierluigi Paganini
June 30, 2022
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. The malware is highly likely available as a service on the Dark Web. Upon executing the malware, it performs some environment […]
Pierluigi Paganini
June 28, 2022
A new RAT dubbed ZuoRAT was employed in a campaign aimed at small office/home office (SOHO) routers in North American and Europe. Researchers from Black Lotus Labs, the threat intelligence division of Lumen Technologies, have discovered a new remote access trojan (RAT) called ZuoRAT, which targets small office/home office (SOHO) devices of remote workers during COVID-19 […]
Pierluigi Paganini
June 28, 2022
The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments. The Lockbit ransomware operation has released LockBit 3.0, which has important novelties such as a bug bounty program, Zcash payment, and new extortion tactics. The gang has been active since at least 2019 and today it is […]
Pierluigi Paganini
June 27, 2022
Matanbuchus malware-as-a-service (Maas) has been observed spreading through phishing campaigns, dropping Cobalt Strike beacons. Threat intelligence firm Cyble has observed a malware-as-a-service (Maas), named Matanbuchus, involved in malspam attacks dropping Cobalt Strike beacons. Matanbuchus is a malware loader that first appeared on the threat landscape in February 2021, when it was offered for rent on Russian-speaking […]
Pierluigi Paganini
June 27, 2022
The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. The malspam messages have the topic “Free primary legal aid” use a password-protected attachment “Algorithm of actions of […]
Pierluigi Paganini
June 25, 2022
Experts warn threat actors have exploited a zero-day vulnerability in a Mitel VoIP appliance in a ransomware attack. CrowdStrike researchers recently investigated the compromise of a Mitel VOIP appliance as an entry point in a ransomware attack against the network of an organization. The attackers exploited a remote code execution zero-day vulnerability on the Mitel […]
Pierluigi Paganini
June 24, 2022
The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), published a joint advisory to warn of hacking attempts exploiting the Log4Shell flaw in VMware Horizon servers to […]
Pierluigi Paganini
June 24, 2022
Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with […]
Uncategorized / February 28, 2026
