Pierluigi Paganini
February 29, 2024
A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously unknown threat actor dubbed SPIKEDWINE has been observed targeting European officials. The cyberspies used a bait PDF document masqueraded as an invitation letter from the Ambassador of India, inviting diplomats to a wine-tasting […]
Pierluigi Paganini
February 29, 2024
Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully recovered its operations following the recent law enforcement initiative, code-named Operation Cronos, which aimed to disrupt its activities. Researchers from Zscaler first observed the ransomware group […]
Pierluigi Paganini
February 28, 2024
Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Cencora, Inc., formerly known as AmerisourceBergen, is an American drug wholesale company and a contract research organization that was formed by the merger of Bergen Brunswig and AmeriSource in 2001. […]
Pierluigi Paganini
February 28, 2024
The FBI, CISA, and the Department of HHS warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. A cybersecurity alert published by the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The US agencies released a report containing IOCs and […]
Pierluigi Paganini
February 28, 2024
Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber […]
Pierluigi Paganini
February 27, 2024
New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recently disclosed vulnerabilities, tracked as CVE-2024-1709 (CVSS score of 10) and CVE-2024-1708 (CVSS score of 8.4), in the ConnectWise ScreenConnect software. ConnectWise recently warned of the following two critical vulnerabilities in […]
Pierluigi Paganini
February 27, 2024
A new malware campaign is targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader. Morphisec Threat Labs researchers observed a new malware campaign targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader. The Computer Emergency Response Team of Ukraine (CERT-UA) linked […]
Pierluigi Paganini
February 27, 2024
A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. Optum Solutions […]
Pierluigi Paganini
February 26, 2024
The LockBit gang is back and set up a new infrastructure after the recent attempt by law enforcement to disrupt their operation. Last week, a joint law enforcement action, code-named Operation Cronos, conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. The operation led to the arrest of two members of the ransomware gang […]
Pierluigi Paganini
February 25, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Apple created post-quantum cryptographic protocol PQ3 for iMessage Russian hacker is set to face trial for […]
