Malware

Pierluigi Paganini December 20, 2023
Sophisticated JaskaGO info stealer targets macOS and Windows

JaskaGO is a new Go-based information stealer malware that targets both Windows and Apple macOS systems, experts warn. Researchers from AT&T Alien Labs uncovered a previously undetected Go-based information stealer dubbed JaskaGO that targets Windows and macOS systems. JaskaGO is a sophisticated malware that supports an extensive array of commands and can maintain persistence in different ways. The […]

Pierluigi Paganini December 18, 2023
Info stealers and how to protect against them

Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. So, how do you protect against them? Info stealers, also known as information stealers, are a type of malicious software (malware) designed to covertly collect sensitive and personal information from a victim’s computer or network. These […]

Pierluigi Paganini December 18, 2023
Qakbot is back and targets the Hospitality industry

Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The […]

Pierluigi Paganini December 16, 2023
Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). The ransomware gang has added the organization to its dark web leak site and is threatening […]

Pierluigi Paganini December 16, 2023
New NKAbuse malware abuses NKN decentralized P2P network protocol

Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team (GERT) and GReAT uncovered a new multiplatform malware dubbed NKAbuse. The malicious code is written in Go language, it is the first malware that relies on the NKN technology for data exchange […]

Pierluigi Paganini December 15, 2023
Snatch ransomware gang claims the hack of the food giant Kraft Heinz

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. Kraft Heinz produces a wide range of popular food products, including condiments, sauces, cheese, snacks, and ready-to-eat meals. […]

Pierluigi Paganini December 15, 2023
BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Based on a recent Digital Forensics & Incident Response (DFIR) engagement with a law enforcement agency (LEA) and one of the leading investment organizations in Singapore (and other victims), Resecurity (USA) has uncovered a meaningful link between three […]

Pierluigi Paganini December 14, 2023
Russia-linked APT29 spotted targeting JetBrains TeamCity servers

Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. Experts warn that the Russia-linked APT29 group has been observed targeting JetBrains TeamCity servers to gain initial access to the targets’ networks. The APT29 group (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) exploited the flaw CVE-2023-42793 in TeamCity to carry out […]

Pierluigi Paganini December 14, 2023
French authorities arrested a Russian national for his role in the Hive ransomware operation

French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. “A Russian, suspected of having recovered in cryptocurrencies the money taken from […]

Pierluigi Paganini December 14, 2023
China-linked APT Volt Typhoon linked to KV-Botnet

Researchers linked a sophisticated botnet, tracked as KV-Botnet, to the operation of the China-linked threat actor Volt Typhoon. The Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon. The botnet is comprised of two complementary activity clusters, […]