Pierluigi Paganini
August 10, 2021
Microsoft Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform used the Fusion machine learning model to detect ransomware attack. Microsoft Azure Sentinel cloud-native SIEM is using the Fusion machine learning model to analyze data across enterprise environments and detect the activity associated with potential threats, including ransomware attacks. When a potential ransomware attack […]
Pierluigi Paganini
August 10, 2021
Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021. Zimperium’s zLabs researchers spotted a new Android trojan, dubbed FlyTrap, that already compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021. The malware was spreading […]
Pierluigi Paganini
August 09, 2021
Taiwanese vendor Synology has warned customers that the StealthWorker botnet is targeting their NAS devices to deliver ransomware. Taiwan-based vendor Synology has warned customers that the StealthWorker botnet is conducting brute-force attacks in an attempt to implant ransomware. Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux […]
Pierluigi Paganini
August 09, 2021
A ransomware attack hit City of Joplin forcing the IT staff to shutdown the City computer. Finally the insurer for Joplin paid $320,000 to threat actors. A ransomware attack last month hit the City of Joplin forcing the IT staff to shut down the city’s government’s computer system to prevent the threat from spreading. While […]
Pierluigi Paganini
August 08, 2021
Group-IB detected an unconventional post on several carding forums containing links to a file containing 1 million compromised cards. On August 2, Group-IB Threat Intelligence & Attribution system detected an unconventional post on several carding forums. A user, nicknamed AW_cards posted links to a file containing 1 million pieces of stolen payment records. The file […]
Pierluigi Paganini
August 08, 2021
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia WordPress Download Manager Plugin was affected by two flaws […]
Pierluigi Paganini
August 07, 2021
Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090, impacting home routers with Arcadyan firmware to deploy a Mirai bot. “A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and […]
Pierluigi Paganini
August 07, 2021
Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang. RansomEXX ransomware gang hit the Taiwanese manufacturer and distributor of computer hardware GIGABYTE and claims to have stolen 112GB of data. At the time of this writing, the leak site of the RansomEXX gang dosn’t include the company name, […]
Pierluigi Paganini
August 06, 2021
Security expert provided leak indicators for Conti ransomware operations that were recently disclosed by a disgruntled affiliate. An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers of its RaaS, he also published the info about one of the operators. The Conti Ransomware operators offer their services to their […]
Pierluigi Paganini
August 06, 2021
BlackMatter gang rapidly evolves, the group has developed a Linux version that allows operators to targets VMware’s ESXi VM platform. The BlackMatter ransomware gang has implemented a Linux encryptor to targets VMware ESXi virtual machine platform. This is the last ransomware in order of time that is able to target VM platforms, some of the […]
APT / February 05, 2026
