Pierluigi Paganini
June 17, 2021
UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang, tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. UNC2465 is considered one of the main affiliated of the […]
Pierluigi Paganini
June 15, 2021
The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. The news of the availability of the source […]
Pierluigi Paganini
April 03, 2021
The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware family first appeared in the threat landscape in February 2020, and its authors started offering it with a Ransomware-as-a-Service (RaaS) model in June, 2020. In August 2020, cybersecurity intelligence firm Kela was the first to report that […]
Pierluigi Paganini
January 27, 2021
A joint operation of U.S. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. Law enforcement authorities in the U.S. and Europe have seized the dark web sites used by NetWalker ransomware operators. The authorities also charged a Canadian national involved in the NetWalker ransomware operations. “The […]
Pierluigi Paganini
October 11, 2020
FONIX is a new Ransomware as a Service available in the threat landscape that was analyzed by SentinelLabs researchers. FONIX is a relatively new Ransomware as a Service (RaaS) analyzed by researchers from Sentinel Labs, its operators were previously specialized in the developers of binary crypters/packers. The actors behind FONIX RaaS advertised several products on […]
Pierluigi Paganini
July 03, 2020
Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to aĀ local newspaper confirming the attack, Light S.A. admitted the intrusion to […]
Pierluigi Paganini
November 12, 2019
The recently discovered ransomware-as-a-service (RaaS) Buran attempts to gain popularity by offering discounted licenses. In May, researchers from McAfeeās Advanced Threat Research Team discovered a new piece of ransomware named āBuran.ā Buran is offered as a RaaS model, but unlike other ransomware families such as REVil, GandCrab the authors take 25% of the income earned […]
Pierluigi Paganini
July 19, 2019
Dutch authorities announced the arrest of a 20-year old man for allegedly developing Dryad and Rubella Macro Builders. Dutch authorities announced have arrested a 20-year old man that is accused to be the author of Dryad and Rubella Macro Builders. The man lives in Utrecht, it created and distributed Rubella, Cetan and Dryad toolkits. “Recently […]
Pierluigi Paganini
June 17, 2019
Good news for the victims of the latest variants of the GandCrab ransomware, NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the theĀ NoMoreRansomĀ website. The tool works with versions 5 to 5.2 of the ransomware, […]
Pierluigi Paganini
November 04, 2018
The author of the infamous Kraken ransomware has released a new version of the malicious code and launched a RaaS distribution program on the Dark Web. Researchers fromĀ Recorded Futureās Insikt Group andĀ McAfeeās Advanced Threat Research team have discoveredĀ a new version of the malware that is offered through a RaaS distribution program on the Dark Web. […]
