malware

Pierluigi Paganini December 07, 2021
Nobelium continues to target organizations worldwide with custom malware

Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. Mandiant researchers have identified two distinct clusters of activity, tracked UNC3004 and UNC2652, that were associated with the Russia-linked Nobelium APT group (aka UNC2452). The NOBELIUM APT (APT29, Cozy Bear, and The Dukes) is the threat actor that conducted […]

Pierluigi Paganini December 06, 2021
DMEA Colorado electric utility hit by a disruptive cyberattack

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives. The company has discovered a security breach on November 7, the attack disrupted phone, email, billing, and customer account systems. The […]

Pierluigi Paganini December 06, 2021
Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers

Experts spotted a series of malvertising campaigns using fake installers of popular apps and games to deliver a backdoor and a malicious Chrome extension. Talos researchers spotted a series of malvertising campaigns using fake installers of popular apps and games as a lure to trick users into downloading a new backdoor and an undocumented malicious […]

Pierluigi Paganini December 05, 2021
Security Affairs newsletter Round 343

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency […]

Pierluigi Paganini December 04, 2021
Cuba ransomware gang hacked 49 US critical infrastructure organizations

The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. A flash alert published by the FBI has reported that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations. “The FBI has identified, as of early November 2021 that […]

Pierluigi Paganini December 03, 2021
NSO Group spyware used to compromise iPhones of 9 US State Dept officials

Apple warns that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s Pegasus spyware. The iPhones of at least nine US state department officials were compromised with the NSO Group’s spyware Pegasus. The US officials targeted by the surveillance software were either based in Uganda or focused […]

Pierluigi Paganini December 02, 2021
Russian internet watchdog Roskomnadzor bans six more VPN services

Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. The latest banned services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel. The total number of […]

Pierluigi Paganini December 02, 2021
NginRAT – A stealth malware targets e-store hiding on Nginx servers

Threat actors are targeting e-stores with remote access malware, dubbed NginRAT, that hides on Nginx servers bypassing security solutions. Researchers from security firm Sansec recently discovered a new Linux remote access trojan (RAT), tracked as CronRAT, that hides in the Linux task scheduling system (cron) on February 31st. CronRAT is employed in Magecart attacks against online stores […]

Pierluigi Paganini December 02, 2021
Europol arrested 1800 money mules as part of an anti-money-laundering operation

Europol identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7. Europol has identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7. The operation is the result of a joint effort of 27 countries, Eurojust, INTERPOL, […]

Pierluigi Paganini December 01, 2021
VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs)

VirusTotal announced VirusTotal Collections, a new service that allows security researchers to share sets of Indicators of Compromise (IoCs). VirusTotal announced VirusTotal Collections, a new service that allows threat researchers to share Indicators of Compromise (IoCs). A collection is a live report that includes IoCs associated with a specific threat and it is available for […]