MUST READ

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Australian man jailed for 7+ years over airport and in-flight Wi-Fi attacks

 | 

Emerging Android threat ‘Albiriox’ enables full On‑Device Fraud

 | 

U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 73

 | 

Security Affairs newsletter Round 552 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware

 | 

Attackers stole member data from French Soccer Federation

 | 

Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

 | 

New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption

 | 

Asahi says crooks stole data of approximately 2M customers and employees

 | 

OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel

 | 

New ASUS firmware patches critical AiCloud vulnerability

 | 

For the first time, a RomCom payload has been observed being distributed via SocGholish

 | 

Multiple London councils faced a cyberattack

 | 

Emergency alerts go dark after cyberattack on OnSolve CodeRED

 | 

MuddyWater

Pierluigi Paganini May 21, 2019
MuddyWater BlackWater campaign used new anti-detection techniques

A recent MuddyWater campaign tracked as BlackWater shows that the APT group added new anti-detection techniques to its arsenal. Security experts at Cisco Talos attributed the recently spotted campaign tracked as “BlackWater” to the MuddyWater APT group (aka SeedWorm and TEMP.Zagros).  The researchers also pointed out that the cyber espionage group has been updating its tactics, techniques, […]

Pierluigi Paganini December 07, 2018
Experts at Yoroi – Cybaze Z-Lab analyzed MuddyWater Infection Chain

Malware researchers at Yoroi – Cybaze Z-Lab analyzed the MuddyWater Infection Chain observed in a last wave of cyber attacks. Introduction At the end of November, some Middle East countries have been targeted by a new wave of attacks related to the Iranian APT group known as “MuddyWater“: their first campaign was observed back in […]

Pierluigi Paganini November 30, 2018
New PowerShell-based Backdoor points to MuddyWater

Security researchers at Trend Micro recently discovered PowerShell-based backdoor that resembles a malware used by MuddyWater threat actor. Malware researchers at Trend Micro have discovered a Powershell-based backdoor that is very similar to a malware used by MuddyWater APT group. The first MuddyWater campaign was observed in late 2017, then researchers from Palo Alto Networks were investigating a mysterious wave […]

Pierluigi Paganini June 15, 2018
A new MuddyWater Campaign spreads Powershell-based PRB-Backdoor

Trend Micro spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater APT. Security experts at Trend Micro have spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater cyber-espionage campaign. The first MuddyWater campaign was observed in late 2017, then researchers from […]

Pierluigi Paganini March 19, 2018
Iran-linked group TEMP.Zagros now targets Asia and Middle East regions

Experts at FireEye uncovered a new massive phishing campaign conducted by TEMP.Zagros group targeting Asia and Middle East regions from January 2018 to March 2018. Iranian hackers are one of the most active in this period, researchers at FireEye uncovered a new massive phishing campaign targeting Asia and Middle East regions from January 2018 to March 2018. […]

Pierluigi Paganini November 17, 2017
Who is behind MuddyWater in the Middle East? Likely a politically-motivated actor

Researchers are investigating a mysterious wave of attacks in the Middle East that was dubbed MuddyWater due to the confusion in attributing the. Security experts at Palo Alto Networks are monitoring long-lasting targeted attacks aimed at entities in the Middle East and that are difficult to attribute. The experts called the campaign ‘MuddyWater’ due to the […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

Security / December 02, 2025

MuddyWater strikes Israel with advanced MuddyViper malware

APT / December 02, 2025

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

Data Breach / December 02, 2025

Google’s latest Android security update fixes two actively exploited flaws

Security / December 02, 2025

Law enforcement shuts down Cryptomixer in major crypto crime takedown

Cyber Crime / December 02, 2025