MUST READ

Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware

 | 

Attackers stole member data from French Soccer Federation

 | 

Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

 | 

New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption

 | 

Asahi says crooks stole data of approximately 2M customers and employees

 | 

OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel

 | 

New ASUS firmware patches critical AiCloud vulnerability

 | 

For the first time, a RomCom payload has been observed being distributed via SocGholish

 | 

Multiple London councils faced a cyberattack

 | 

Emergency alerts go dark after cyberattack on OnSolve CodeRED

 | 

Dissecting a new malspam chain delivering Purelogs infostealer

 | 

FBI: bank impersonators fuel $262M surge in account takeover fraud

 | 

Morphisec warns StealC V2 malware spread through weaponized blender files

 | 

CISA: Spyware and RATs used to target WhatsApp and Signal Users

 | 

Harvard reports vishing breach exposing alumni and donor contact data

 | 

Delta Dental of Virginia data breach impacts 145,918 customers

 | 

Attackers deliver ShadowPad via newly patched WSUS RCE bug

 | 

AI attack agents are accelerators, not autonomous weapons: the Anthropic attack

 | 

Scattered Spider alleged members deny TfL charges

 | 

Iberia discloses security incident tied to supplier breach

 | 

ransomware

Pierluigi Paganini June 29, 2017
Notpetya – The Petya variant used in the massive attack is a wiper disguised by a ransomware

According to the researchers, the Petya variant (NotPetya) used in the massive attack is a wiper disguised by a ransomware. In these hours the massive global attack based on Petya variant made the headlines, computers in many countries were infected, including Russia, Ukraine, France, India and the US. A new analysis conducted on the ransomware […]

Pierluigi Paganini June 28, 2017
Petwrap Ransomware massive attack – 24 hours later

A new strain of the infamous Petya ransomware dubbed Petwrap, is infecting computers in different states, mostly in Ukraine and Russia. This is the second massive ransomware-based attack in a few weeks, like WannaCry, the Petwrap ransomware exploits the MS17-010 SMB Remote Code Execution, so-called Eternal Blue, that Microsoft patched in March 2017. Banks, financial institutions, businesses, […]

Pierluigi Paganini June 28, 2017
Shifr RaaS lets create a simple ransomware with just 3 steps

Over the weekend, security experts discovered a new Ransomware-as-a-Service dubbed Shifr RaaS that allows creating a ransomware compiling 3 form fields. Ransomware represents a profitable business for crooks, it is normal that the offer of Ransomware-as-a-Service (RaaS) will continue its success in the cyber criminal ecosystem. Over the weekend, several security experts discovered a new Ransomware-as-a-Service website […]

Pierluigi Paganini June 27, 2017
A new massive attack allegedly based on Petwrap ransomware hits organizations in several states

A new wave of cyber attacks is shocking the IT industry, a massive attack leveraging the Petwrap ransomware has infected systems across the world. A new wave of cyber attacks is shocking the IT industry, a few weeks after the WannaCry massive attack, security experts are facing a new threat that is rapidly spreading. Once […]

Pierluigi Paganini June 26, 2017
Reading the 2016 Internet Crime Complaint Center (IC3) report

According to 2106 Internet Crime Complaint Center (IC3) report, 298,728 complaints were received in 2016 totaling more than $1.3 billion in financial loss. According to the new edition of the Internet Crime Complaint Center (IC3) report, 298,728 complaints were received in 2016 totaling more than $1.3 billion in financial loss. The annual FBI’s Internet Crime Complaint […]

Pierluigi Paganini June 16, 2017
New Code-injecting SOREBRECT Fileless Ransomware detected in the wild

The number of fileless malware continues to increase, recently security researchers spotted a new Fileless Ransomware dubbed Sorebrect. Sorebrect is able to inject malicious code into a legitimate system process (svchost.exe) on a targeted system and it terminates its binary to evade detection. It also make hard forensics analysis by deleting the affected system’s event logs using […]

Pierluigi Paganini June 15, 2017
Victims of Jaff Ransomware now can decrypt their locked files for free thanks to Kaspersky

Victims of the Jaff ransomware can use an updated version of the Kaspersky Labs’s RakhniDecryptor tool to decrypt their encrypted files. Security researchers at Kaspersky Lab have discovered a weakness in the Jaff ransomware that allowed the researchers creating of decryption keys to unlock files encrypted by the malware. Once the victims were infected by the Jaff […]

Pierluigi Paganini June 12, 2017
MacRansom: The first Mac ransomware offered as a RaaS Service

Malware researchers at security firm Fortinet have spotted MacRansom, it is the first Mac ransomware offered as a RaaS Service. Malware researchers at security firm Fortinet have spotted a new strain of ransomware dubbed MacRansom that targets Mac machines. The malware is available with Ransomware-as-a-service (RaaS) model through a hidden service in the TOR network. Experts believe […]

Pierluigi Paganini May 08, 2017
Fatboy Ransomware as a Service sets the ransom based on the victims’ location

Recently discovered Fatboy ransomware implements a dynamic method of setting the ransom amount based on the geographic location of the victims. Ransomware continues to monopolize the threat landscape, recently security experts have observed numerous evolution of this specific family of malware. A newly discovered ransomware-as-a-service (RaaS), dubbed Fatboy, implements a dynamic method of setting the […]

Pierluigi Paganini April 18, 2017
Karmen Ransomware, a cheap RaaS service that implements anti-analysis features

Experts at Recorded Future have discovered a cheap RaaS, the Karmen Ransomware that deletes decryptor if detects a sandbox. Security experts from threat intelligence firm Recorded Future have spotted a new ransomware as a service (RaaS) called Karmen. The service allows customers to easy create their ransomware campaign in a few steps and without specific skills. Wannabe-crooks […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Contagious Interview campaign expands with 197 npm Ppackages spreading new OtterCookie malware

APT / November 30, 2025

Attackers stole member data from French Soccer Federation

Data Breach / November 28, 2025

Thousands of sensitive secrets published on JSONFormatter and CodeBeautify

Security / November 28, 2025

New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption

Malware / November 28, 2025

Asahi says crooks stole data of approximately 2M customers and employees

Data Breach / November 27, 2025