Pierluigi Paganini
December 01, 2021
Nation-state actors from China, India, and Russia, were spotted using a novel RTF template injection technique in recent attacks. APT groups from China, India, and Russia have used a new RTF (rich text format) template injection technique in recent phishing attacks. The technique was first reported by the security firm Proofpoint spotted which observed phishing […]
Pierluigi Paganini
November 30, 2021
360 Netlab experts spotted a new botnet dubbed EwDoor that infects unpatched AT&T enterprise network edge devices. Experts from Qihoo 360’s Network Security Research Lab discovered a new botnet, dubbed EwDoor, that targets AT&T customers using EdgeMarc Enterprise Session Border Controller (ESBC) edge devices that are publicly exposed to the Internet. The attackers are targeting Edgewater Networks’ […]
Pierluigi Paganini
November 30, 2021
A threat actor named WIRTE targets government, diplomatic entities, military organizations, law firms, and financial institutions in Middle East. Cybersecurity researchers from Kaspersky have detailed the activity of a threat actor named WIRTE that is targeting government, diplomatic entities, military organizations, law firms, and financial institutions in Middle East since early 2019. The activity of […]
Pierluigi Paganini
November 30, 2021
Experts found four Android banking trojans that were available on the official Google Play Store and that infected +300,000 devices. Researchers from ThreatFabric discovered four distinct Android banking trojans that were spread via the official Google Play Store between August and November 2021. According to the experts, the malware infected more than 300,000 devices through […]
Pierluigi Paganini
November 29, 2021
Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. The Company states that the security breach did not impact its operations, it notified […]
Pierluigi Paganini
November 28, 2021
RATDispenser is a new stealthy JavaScript loader that is being used to spread multiple remote access trojans (RATs) into the wild. Researchers from the HP Threat Research team have discovered a new stealthy JavaScript loader dubbed RATDispenser that is being used to spread a variety of remote access trojans (RATs) in attacks into the wild. Experts […]
Pierluigi Paganini
November 28, 2021
North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported. According to the Google Threat Horizons report, the state-sponsored […]
Pierluigi Paganini
November 27, 2021
HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. Interpol has coordinated an international operation, code-named Operation HAEICHI-II, that led to the arrest of 1,003 individuals linked to various cyber-crimes such as romance scams, investment frauds, online money laundering, and illegal online gambling. The INTERPOL published […]
Pierluigi Paganini
November 27, 2021
Threat actors are targeting IKEA employees in an internal phishing campaign leveraging stolen reply-chain emails. According to BleepingComputer, threat actors are targeting IKEA employees in phishing attacks using stolen reply-chain emails. Once compromised the mail servers, threat actors use the access to reply to the company’s internal emails in reply-chain attacks. Sending the messages from […]
Pierluigi Paganini
November 26, 2021
Marine services provider Swire Pacific Offshore (SPO) has suffered a Clop ransomware attack that resulted in the theft of company data. Clop ransomware hit Marine services provider Swire Pacific Offshore (SPO) and stole company data, but did not affected global operations. “Swire Pacific Offshore (SPO) has discovered that it was the target of a cyberattack […]
