Pierluigi Paganini
December 31, 2021
The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. The service now includes credentials for 441K accounts stolen by […]
Pierluigi Paganini
December 30, 2021
A previously unknown rootkit, dubbed iLOBleed, was used in attacks aimed at HP Enterprise servers that wiped data off the infected systems. iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out (iLO) server management technology to tamper with the firmware modules and wipe data off the infected systems. The […]
Pierluigi Paganini
December 30, 2021
The AvosLocker ransomware operators released a free decryptor after they accidentally encrypted the system of US Government entity. The AvosLocker ransomware operation provided a free decryptor after they encrypted the systems of a US government agency. According to BleepingComputer, the gang hit a police department but fearing the reaction of US law enforcement opted to […]
Pierluigi Paganini
December 28, 2021
Experts warn of malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised systems. Security expert from Morphus Labs recently observed several malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines. MSBuild is a free and open-source build toolset for managed code as well […]
Pierluigi Paganini
December 28, 2021
Shutterfly, an online platform for photography and personalized products, has been affected by a ransomware attack. Shutterfly, is American photography, photography products, and image sharing company that owns multiple brands such as BorrowLenses, GrooveBook, Lifetouch, Shutterfly, Snapfish, Spoonflower, and Tiny Prints. The service allows users to create personalized photo gifts such as smartphone cases, photo books, wall art, and […]
Pierluigi Paganini
December 27, 2021
A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. Users reported numerous compromises of their devices a few days before Christmas. According to BleepingComputer, forum users reported an intensification of the attacks since December 20, the […]
Pierluigi Paganini
December 27, 2021
Researchers analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco that spreads through fake Google Play Store pages. Researchers from threat intelligence firm Cyble analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco trying to perform fraudulent financial transactions on the legitimate Itaú Unibanco applications without the victim’s knowledge. Threat actors spread the malware using fake Google Play Store […]
Pierluigi Paganini
December 26, 2021
Apple recently addressed fixed a flaw in the macOS that could be potentially exploited by an attacker to bypass Gatekeeper security feature. Apple recently addressed a vulnerability in the macOS operating system, tracked as CVE-2021-30853, that could be potentially exploited by an attacker to bypass the Gatekeeper security feature and run arbitrary code. The vulnerability […]
Pierluigi Paganini
December 25, 2021
A gang behind a recent Dridex Omicron campaign is moking the victims taunting them with a COVID-19 funeral assistance helpline number. Crooks behind a recent Dridex campaign is moking the researchers and victims taunting them with a COVID-19 funeral assistance helpline number The phishing messages use weaponized Word or Excel attachments to install the Dridex […]
Pierluigi Paganini
December 24, 2021
Security researchers spotted a campaign that is employing a new stealthy malware tracked as BLISTER that targets windows systems. Elastic Security researchers uncovered a malware campaign that leverages a new malware and a stealthy loader tracked as BLISTER, that uses a valid code signing certificate issued by Sectigo to evade detection. BLISTER loads second-stage payloads […]
APT / February 05, 2026
