Pierluigi Paganini
November 13, 2021
Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. GravityRAT was first spotted by Cisco Talos researchers in 2017 who speculate it remained under the radar for at least a […]
Pierluigi Paganini
November 13, 2021
Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, tracked as Abcbot, that targets Linux systems to launch distributed denial-of-service (DDoS) attacks. The security firm analyzed a total of six versions of the botnet […]
Pierluigi Paganini
November 12, 2021
Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features. The malicious payloads are delivered via encoded […]
Pierluigi Paganini
November 12, 2021
Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. Below is the list of exploits used by the bot: Vulnerability Affected devices […]
Pierluigi Paganini
November 11, 2021
Threat actors compromised a server managing customer data for a Queensland water supplier and remained undetected for nine months. A served used by the SunWater statutory Queensland (Australia) Government-owned water supplier was compromised and threat actors remained undetected for nine longs, the annual financial audit report published by the Queensland Audit Office revealed. The water supplier […]
Pierluigi Paganini
November 11, 2021
The US DoJ sentenced a Russian man for operating a large-scale digital advertising fraud scheme called Methbot (‘3ve’). The US DoJ sentenced the Russian nation Aleksandr Zhukov, aka the ‘King of Fraud,’ for operating a large-scale digital advertising fraud scheme called Methbot (‘3ve‘) that stole at least $7 million from US organizations. DoJ sentenced Zhukov […]
Pierluigi Paganini
November 10, 2021
TeamTNT hackers are targeting poorly configured Docker servers as part of an ongoing campaign that started in October. Trend Micro researchers reported that TeamTNT hackers are targeting poorly configured Docker servers exposing Docker REST APIs as part of an ongoing campaign that started in October. Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, […]
Pierluigi Paganini
November 09, 2021
Romanian police arrested two alleged Sodinokibi/REvil ransomware affiliates accused to have orchestrated attacks against thousands of victims. Romanian law enforcement agencies have arrested two alleged Sodinokibi/REvil ransomware affiliates on November 4, that are accused of having conducted attacks against thousands of victims. The arrests are the result of an international operation carried out in cooperation […]
Pierluigi Paganini
November 09, 2021
The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department of State offers up to $10 million for information that can lead to the identification or location of individuals in key leadership positions in the REvil/Sodinokibi ransomware operation. The US government also offers $5 million […]
Pierluigi Paganini
November 09, 2021
The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP platform in July. The US Department of Justice has charged a REvil ransomware affiliate for orchestrating the ransomware attacks on Kaseya MSP platform that took place in July 4. The suspect is 22-year old Ukrainian national Yaroslav […]
APT / February 05, 2026
