IT Information Security

Pierluigi Paganini January 20, 2022
New BHUNT Stealer targets cryptocurrency wallets

Researchers spotted a new evasive cryptocurrency stealer named BHUNT that targets a list of wallets and implements multiple data-stealing capabilities. Bitdefender discovered a new evasive cryptocurrency stealer stealer dubbed BHUNT that is able to exfiltrate wallet (Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, Litecoin wallets) contents, passwords stored in the browser, and data from the clipboard. BHUNT is […]

Pierluigi Paganini January 20, 2022
Threat actors attempted to exploit SolarWinds Serv-U bug in attacks in the wild, Microsoft warns

Security vendor SolarWinds has fixed a Serv-U vulnerability that threat actors attempted to exploit in attacks in the wild. SolarWinds has addressed a vulnerability in Serv-U products that threat actors are actively exploited in the wild. The company pointed out that all the attack attempts failed. The vulnerability, tracked as CVE-2021-35247, was discovered by Microsoft security […]

Pierluigi Paganini January 19, 2022
UK NCSC shares guidance for organizations to secure their communications with customers

UK NCSC has published new guidance for organizations to secure their communications with customers via SMS or phone calls. UK’s National Cyber Security Center (NCSC) has published new guidance for organizations for combatting telephone and SMS fraud. This guide aims at protecting their customers from fraudulent activities, while also ensuring that their SMS and telephone […]

Pierluigi Paganini January 19, 2022
CISA warns of potential critical threats following attacks against Ukraine

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned organizations about “potential critical threats” following the recent cyberattacks that hit Ukraine. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an “insights” document that warned organizations about “potential critical threats” following the recent cyberattacks aimed at Ukraine. The document starts from most recent attacks targeting […]

Pierluigi Paganini January 19, 2022
Box flaw allowed to bypass MFA and takeover accounts

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported. Box develops and markets cloud-based content management, collaboration, and file-sharing tools for businesses. […]

Pierluigi Paganini January 19, 2022
Is White Rabbit ransomware linked to FIN8 financially motivated group?

A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8 hacking group. A new ransomware gang called ‘White Rabbit’ launched its operations and according to the experts, it is likely linked to the FIN8 financially motivated group. In December the popular malware researcher Michael Gillespie, […]

Pierluigi Paganini January 18, 2022
Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. “This week, law enforcement authorities took action against the criminal misuse […]

Pierluigi Paganini January 18, 2022
Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Microsoft released Windows emergency out-of-band (OOB) updates to fix multiple issues caused by January 2021 Patch Tuesday updates. Microsoft has released emergency out-of-band (OOB) updates for Windows to address multiple issues caused by security updates issued as part of the January 2021 Patch Tuesday. The Windows Server updates for January were causing a series of issues […]

Pierluigi Paganini January 17, 2022
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites

Researchers discovered a high-severity vulnerability in three different WordPress plugins that impact over 84,000 websites. Researchers from WordPress security company Wordfence discovered a high-severity vulnerability that affects three different WordPress plugins that impact over 84,000 websites. The vulnerability tracked as CVE-2022-0215 is a cross-site request forgery (CSRF) issue that received a CVSS score of 8.8. […]

Pierluigi Paganini January 17, 2022
Experts warn of attacks using a new Linux variant of SFile ransomware

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. […]