Pierluigi Paganini Archives - Page 409 of 1062

Pierluigi Paganini May 18, 2022

Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift

Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers from the Jamf Threat Labs team have uncovered a new variant of the UpdateAgent macOS malware dropper. The new version is written in Swift and relies on the AWS infrastructure to host its malicious payloads. […]

Pierluigi Paganini May 17, 2022

Venezuelan cardiologist accused of operating and selling Thanos ransomware

The U.S. Justice Department accused a 55-year-old Venezuelan cardiologist of operating and selling the Thanos ransomware. The U.S. Justice Department accused Moises Luis Zagala Gonzalez, a 55-year-old cardiologist from Venezuela, of operating and selling the Thanos ransomware. Thanos ransomware (a.k.a. Hakbit ransomware) has been developed by Nosophoros (aka Aesculapius, and Nebuchadnezzar), a threat actor offering for sale the malware […]

Pierluigi Paganini May 17, 2022

Over 200 Apps on Play Store were distributing Facestealer info-stealer

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices. The malicious apps are able to steal credentials, Facebook cookies, and other personally identifiable information. Some […]

Pierluigi Paganini May 17, 2022

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency added the recently disclosed remote code execution bug, tracked as CVE-2022-30525, affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […]

Pierluigi Paganini May 17, 2022

A custom PowerShell RAT uses to target German users using Ukraine crisis as bait

Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis. Malwarebytes experts uncovered a campaign that targets German users with custom PowerShell RAT targeting. The threat actors attempt to trick victims into opening weaponized documents by using the current situation in Ukraine as bait. The […]

Pierluigi Paganini May 16, 2022

Apple fixes the sixth zero-day since the beginning of 2022

Apple released security updates to address a zero-day bug actively exploited in attacks against Macs and Apple Watch devices. Apple has addressed a zero-day vulnerability, tracked as CVE-2022-22675, actively exploited in attacks aimed at Macs and Apple Watch devices. The flaw is an out-of-bounds write issue that resides in the AppleAVD, it can lead to […]

Pierluigi Paganini May 16, 2022

Eternity Project: You can pay $260 for a stealer and $490 for a ransomware

Researchers from threat intelligence firm Cyble analyzed the Eternity Project Tor website which offers any kind of malicious code. Researchers at cybersecurity firm Cyble analyzed a Tor website named named ‘Eternity Project’ that offers for sale a broad range of malware, including stealers, miners, ransomware, and DDoS Bots. The experts discovered the marketplace during a […]

Pierluigi Paganini May 15, 2022

May 08 – May 14 Ukraine – Russia the silent cyber conflict

This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing Russia invasion that occurred in the previous weeks: May 14 – The LEGION collective calls to action to attack the final of the Eurovision song […]

Pierluigi Paganini May 15, 2022

Security Affairs newsletter Round 365 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. The LEGION collective calls to action to attack the final of the Eurovision song contest […]

Pierluigi Paganini May 15, 2022

Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT

Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign using messages with subject “On revenge in Kherson!” and containing the “Plan Kherson.htm” attachment. The HTM-file will decode and create an archive named “Herson.rar”, which contains a file-shortcut […]