Categorie
Uncategorized

Conti ransomware gang exploits Log4Shell bug in its operations (Pierluigi Paganini, Security Affairs)

Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected. Conti ransomware gang exploits Log4Shell bug in its operationsSecurity Affairs

Categorie
Uncategorized

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets (Pierluigi Paganini, Security Affairs)

Experts at Check Point Research have monitored the resurgence of the Phorpiex botnet, an old threat that was involved in sextortion spam campaigns, crypto-jacking, cryptocurrency clipping (substituting the original wallet address saved in the clipboard with the attacker’s wallet address during a transaction) and ransomware attacks in the past. Phorpiex botnet is back, in 2021 it […]

Categorie
Uncategorized

PseudoManuscrypt, a mysterious massive cyber espionage campaign (Pierluigi Paganini, Security Affairs)

Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. PseudoManuscrypt, a mysterious massive cyber espionage campaignSecurity Affairs  

Categorie
Uncategorized

Multiple Nation-State actors are exploiting Log4Shell flaw (Pierluigi Paganini, Security Affairs)

Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. Some of the groups exploiting the vulnerability are China-linked Hafnium and Iran-linked Phosphorus, the former group is using the flaw to attack virtualization infrastructure, the latter to deploy ransomware. Multiple Nation-State actors are exploiting […]

Categorie
Uncategorized

Volvo Cars suffers a data breach. Is it a ransomware attack? (Pierluigi Paganini, Security Affairs)

Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. Volvo Cars suffers a data breach. Is it a ransomware attack?Security Affairs

Categorie
Uncategorized

Australian ACSC warns of Conti ransomware attacks against local orgs (Pierluigi Paganini, Security Affairs)

The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November. Australian ACSC warns of Conti ransomware attacks against local orgsSecurity Affairs

Categorie
Uncategorized

BlackCat ransomware, a very sophisticated malware written in Rust (Pierluigi Paganini, Security Affairs)

Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language BlackCat ransomware, a very sophisticated malware written in RustSecurity Affairs

Categorie
Uncategorized

NSO Group spyware used to compromise iPhones of 9 US State Dept officials (Pierluigi Paganini, Security Affairs)

The iPhones of at least nine US state department officials were compromised with the NSO Group’s spyware Pegasus. NSO Group spyware used to compromise iPhones of 9 US officials

Categorie
Uncategorized

KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relays (Pierluigi Paganini, Security Affairs)

A mysterious threat actor, tracked as KAX17, has run thousands of malicious Tor relay servers since 2017 in an attempt to deanonymize Tor users. KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relaysSecurity Affairs

Categorie
Uncategorized

Threat actors stole $120 M in crypto from BadgerDAO DeFi platform (Pierluigi Paganini, Security Affairs)

Threat actors this week have hacked the decentralized finance platform BadgerDAO and have stolen $120.3 million in crypto funds, blockchain security firm PeckShield reported. Most of the stolen funds, over $117 million, were Bitcoin, while the rest of the stolen assets were stored in the form of interest-bearing Bitcoin, a form of tokenised Bitcoin, and […]

Categorie
Uncategorized

Watch out for Omicron COVID-19-themed phishing messages! (Pierluigi Paganini, Security Affairs)

Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. Watch out for Omicron COVID-19-themed phishing messages!Security Affairs

Categorie
Uncategorized

CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues (Pierluigi Paganini, Security Affairs)

U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines. CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issuesSecurity Affairs