Pierluigi Paganini
April 18, 2020
TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. The analysis of Microsoft Office 365 ATP data revealed that TrickBot is, at the moment, the malware operation with the highest number of unique COVID-19-themed malicious emails and attachments. Microsoft experts revealed that this campaign […]
Pierluigi Paganini
April 17, 2020
Cisco released security patches to address numerous flaws in its products, including critical severity issues that affect IP Phones and UCS Director. The critical vulnerability fixed by Cisco affects IP Phones and resides on the webserver, the flaw could be exploited by a remote, unauthenticated attacker to execute code with root privileges. The flaw, tracked as CVE-2020-3161, […]
Pierluigi Paganini
April 17, 2020
Cybaze-Yoroy ZLab researchers spotted a new variant of Ursnif that is targeting organizations in Italy. Introduction Ursnif is one of the most and widespread threats, it is delivered through malspam campaigns aimed at multiple industries across Italy and Europe. Recently, we have identified a new variant that is targeting Italian organizations. The malspam messages use […]
Pierluigi Paganini
April 17, 2020
Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also […]
Pierluigi Paganini
April 17, 2020
by Boris Giannetto and Pierluigi Paganini Communication is key in intelligence activities. On the one hand, it is essential to transfer to a number of recipients the knowledge coming from information acquisition and analysis (“intelligence communication”); on the other hand, it is crucial to understand and control the communication connected with the activities carried out (“communication […]
Pierluigi Paganini
April 17, 2020
Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. The campaign aimed at users in Syria and surrounding regions was spotted by experts from mobile security firm […]
Pierluigi Paganini
April 16, 2020
The shipping giant Mediterranean Shipping Company (MSC) was victim of a malware-based attack that caused an outage recently. The shipping giant Mediterranean Shipping Company (MSC) discloses a malware-based attack that took place on April 10. The incident affected the company’s data center and took down its website, msc.com, and its myMSC customer and vendor portal. “The […]
Pierluigi Paganini
April 16, 2020
At the end of February, I analyzed major black marketplaces searching for anything related to the Coronavirus outbreak, a month later things are completely changed. At the end of February, I published the analysis of major black marketplaces searching for anything related to the Coronavirus outbreak. While the COVID19 pandemic was spreading a global scale, specific goods became victims […]
Pierluigi Paganini
April 16, 2020
Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks, in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites […]
Pierluigi Paganini
April 16, 2020
The United States agencies released a joint advisory warning of ‘significant cyber threat’ posed by North Korea-linked hackers to the global financial sector. The U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation released a joint advisory that is warning organizations worldwide about the ‘significant cyber threat’ posed by the North Korean nation-state […]
