Pierluigi Paganini
November 01, 2022
Ransomware activity report: Threat actors are selling access to hundreds of organizations, with a cumulative requested price of around $4M. Research published by threat intelligence firm KELA related to ransomware activity in Q3 reveals a stable activity in the sector of initial access sales, but experts observed a rise in the value of the offerings. […]
Pierluigi Paganini
October 22, 2022
US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. Healthcare and Public Health sector with ransomware. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. businesses, mainly in the Healthcare and Public Health (HPH) Sector, […]
Pierluigi Paganini
October 12, 2022
Lockbit ransomware affiliates are compromising Microsoft Exchange servers to deploy their ransomware, experts warn. South-Korean cybersecurity firm AhnLab reported that Lockbit ransomware affiliates are distributing their malware via compromised Microsoft Exchange servers. In July 2022, two servers operated by a customer of the security firm were infected with LockBit 3.0 ransomware. Threat actors initially deployed […]
Pierluigi Paganini
October 10, 2022
Threat actors got to a database with over 152,000 customer records before its owner, the Turkish branch of Harvard Business Review, closed it. Crooks left a ransom note, threatening to leak the data and inform authorities of the EU’s General Data Protection Regulation (GDPR) violations. Original Post published on CyberNews A recent discovery by the […]
Pierluigi Paganini
October 09, 2022
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. In March 2022, the Everest ransomware operators published a notice announcing the sale of “South Africa Electricity company’s root access” for $125,000. Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more […]
Pierluigi Paganini
October 09, 2022
CommonSpirit, one of the largest hospital chains in the US, suffered a ransomware cyberattack that impacted its operations. Common Spirit, one of the largest hospital chains in the US, this week suffered a ransomware cyberattack that caused severe inconvenience to the facilities and to patients The alleged security breach led to delayed surgeries, hold-ups in […]
Pierluigi Paganini
October 04, 2022
Researchers link recently discovered Linux ransomware Cheerscrypt to the China-linked cyberespionage group DEV-0401. Researchers at cybersecurity firm Sygnia attributed the recently discovered Linux ransomware Cheerscrypt to the China-linked cyber espionage group Bronze Starlight (aka DEV-0401, APT10) Bronze Starlight, has been active since mid-2021, in June researchers from Secureworks reported that the APT group is deploying […]
Pierluigi Paganini
September 28, 2022
The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild. The Bl00Dy Ransomware gang is the first group that started using the recently leaked LockBit ransomware builder in attacks in the wild. Last week, an alleged disgruntled developer leaked the builder for the latest encryptor […]
Pierluigi Paganini
September 02, 2022
Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team recently observed an Executable and Linkable Format (ELF) ransomware which encrypts the files inside Linux systems based on the given folder path. We observed that the dropped README note matches exactly with the DarkAngels ransomware […]
Pierluigi Paganini
August 31, 2022
Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor. Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected. “The internal […]
APT / February 05, 2026
