Malware

Pierluigi Paganini June 05, 2021
DoJ: Investigations into ransomware attacks must have similar priority as terrorism

The U.S. Department of Justice was to assign investigation on ransomware attacks the same priority as terrorism in the wake of the Colonial Pipeline hack. The U.S. Department of Justice plans to equate investigations into ransomware attacks with investigations into terrorism in the wake of the Colonial Pipeline hack. Colonial Pipeline before, and recently the […]

Pierluigi Paganini June 04, 2021
Necro Python bot now enhanced with new VMWare, server exploits

Operators behind the Necro Python botnet have added new features to their bot, including VMWare and server exploits. Experts from Cisco Talos have recently observed a new Necro Python bot campaign and noticed that its developers have improved its capabilities. The Necro Python bot, aka FreakOut, has been in development since 2015 and early this […]

Pierluigi Paganini June 04, 2021
The dark web index 2021, report

PrivacyAffairs released the Dark Web Index 2021, the document provides the prices for illegal services/products available in the black marketplaces. Over the last couple of years, we’ve all had our attention fixed on one of two things: the global pandemic and the previous year’s presidential elections. Both issues are essential, and the pandemic has changed […]

Pierluigi Paganini June 03, 2021
FBI confirmed that JBS was hit by the REvil ransomware gang

The US FBI announced that REvil ransomware gang (also known as Sodinokibi) is behind the attack that hit JBS Foods. On May 30, the American food processing giant JBS Foods, the world’s largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack. The cyberattack impacted multiple production plants of […]

Pierluigi Paganini June 01, 2021
JBS attack has likely a Russian origin

White House spokeswoman speculates threat actors behind the JBS ransomware attack have a Russian origin. The American food processing giant JBS Foods, the world’s largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack. The cyberattack impacted multiple production plants of the company worldwide, including facilities located […]

Pierluigi Paganini June 01, 2021
New Epsilon Red Ransomware appears in the threat landscape

Researchers spotted a new piece of ransomware named Epsilon Red that was employed at least in an attack against a US company. Researchers from Sophos spotted a new piece of ransomware, named Epsilon Red, that infected at least one organization in the hospitality sector in the United States. The name Epsilon Red comes from an […]

Pierluigi Paganini June 01, 2021
Russian hacker Pavel Sitnikov arrested for distributing malware via Telegram

The popular Russian hacker Pavel Sitnikov was arrested by Russian authorities on charges of distributing malware via his Telegram channel. Pavel Sitnikov, a prominent figure of the hacking underground, was arrested earlier this month by Russian authorities on charges of distributing malware via his Freedom F0x Telegram channel. The Russian hacker is a member of […]

Pierluigi Paganini June 01, 2021
Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.

“Prometheus” and “Grief” – a multi-billion dollar ransomware market obtained two new emerging players. In today’s world, information and data means money and the people that are stealing the information have now reached new levels of sophistication. The number of cases reported has exploded in the last few years and continue to grow rapidly.   Prometheus […]

Pierluigi Paganini May 30, 2021
Facefish Backdoor delivers rootkits to Linux x64 systems

Qihoo 360 NETLAB spotted a new backdoor dubbed Facefish that could allow attackers to take over Linux systems and steal sensitive data. Cybersecurity experts from Qihoo 360 NETLAB published details about a new backdoor, dubbed Facefish, which can be used by threat actors to steal login credentials and executing arbitrary commands on Linux systems. The […]

Pierluigi Paganini May 28, 2021
China-linked APT groups targets orgs via Pulse Secure VPN devices

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information. FireEye monitored the activities of two […]