cybersecurity news

Pierluigi Paganini June 06, 2021
Chinese SharpPanda APT developed a new backdoor in the last 3 years

Check Point Research (CPR) said that the Chinese APT group SharpPanda spent three years developing a new backdoor to spy on Asian governments.   Researchers from Check Point Research (CPR) discovered a new backdoor while investigating a cyber espionage campaign conducted by Chinese APT group SharpPanda and aimed at Southeast Asian government’s Ministry of Foreign […]

Pierluigi Paganini June 06, 2021
REvil Ransomware spokesman releases an interview on recent attacks

The REvil ransomware operators said in an interview on the “Russian OSINT” Telegram channel that they accidentally targeted United States-based firms. The recent attack against JBS Foods conducted by REvil ransomware gang (aka Sodinokibi) triggered the response of US authorities, US DoJ announced its decision to equate investigations into ransomware attacks with investigations into terrorism in […]

Pierluigi Paganini June 05, 2021
US arrested Latvian woman who developed part of Trickbot malware

The US Department of Justice (DOJ) announced the arrest of a Latvian woman for her alleged role in the development of the Trickbot malware. The US Department of Justice (DOJ) announced the arrest of Alla Witte (aka Max), a Latvian woman that was charged for her alleged role in the development of the Trickbot malware. […]

Pierluigi Paganini June 05, 2021
BlackCocaine Ransomware, a new malware in the threat landscape

Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang.   Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. The company reported the security breach to the Bombay Stock Exchange (BSE) and the National Stock Exchange of […]

Pierluigi Paganini June 05, 2021
DoJ: Investigations into ransomware attacks must have similar priority as terrorism

The U.S. Department of Justice was to assign investigation on ransomware attacks the same priority as terrorism in the wake of the Colonial Pipeline hack. The U.S. Department of Justice plans to equate investigations into ransomware attacks with investigations into terrorism in the wake of the Colonial Pipeline hack. Colonial Pipeline before, and recently the […]

Pierluigi Paganini June 05, 2021
US CISA published a guide to better use the MITRE ATT&CK framework

The U.S. CISA announced the availability of a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released a new guide for cyber threat intelligence experts on the use of the MITRE ATT&CK framework. In 2018, MITRE announced the […]

Pierluigi Paganini June 04, 2021
Hackers scan for VMware vCenter servers vulnerable to CVE-2021-21985 RCE

Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware. Threat actors are actively scanning the Internet for VMware vCenter servers affected by a critical remote code execution (RCE) vulnerability tracked as CVE-2021-21985. The CVE-2021-21985 flaw is caused by the lack of input validation in […]

Pierluigi Paganini June 04, 2021
Necro Python bot now enhanced with new VMWare, server exploits

Operators behind the Necro Python botnet have added new features to their bot, including VMWare and server exploits. Experts from Cisco Talos have recently observed a new Necro Python bot campaign and noticed that its developers have improved its capabilities. The Necro Python bot, aka FreakOut, has been in development since 2015 and early this […]

Pierluigi Paganini June 04, 2021
China-linked attackers breached Metropolitan Transportation Authority (MTA) using Pulse Secure zero-day

China-linked APT breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. China-linked threat actors breached the network of the New York City’s Metropolitan Transportation Authority (MTA) network exploiting a Pulse Secure zero-day. The intrusion took place in April, but attackers did not cause any damage because they were […]

Pierluigi Paganini June 04, 2021
The dark web index 2021, report

PrivacyAffairs released the Dark Web Index 2021, the document provides the prices for illegal services/products available in the black marketplaces. Over the last couple of years, we’ve all had our attention fixed on one of two things: the global pandemic and the previous year’s presidential elections. Both issues are essential, and the pandemic has changed […]