malware

Pierluigi Paganini October 07, 2021
Operation GhostShell: MalKamak APT targets aerospace and telco firms

Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers use stealthy ShellClient malware on aerospace, telco firms Cybereason Nocturnus and Incident Response Teams discovered a new threat actor that is targeting organizations in the aerospace and telecommunications sectors with the ShellClient malware as part […]

Pierluigi Paganini October 06, 2021
Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data leakage. Agent Tesla, first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from […]

Pierluigi Paganini October 05, 2021
Dark web marketplace White House announces end to its operations

The dark web marketplace White House Market shuts down its operation, last week its operators announced that they were retiring. The dark web marketplace White House Market shuts down its operation, the announcement was published on a dread forum. The admin of White House Market, mr white, explained that it has decided to halt the […]

Pierluigi Paganini October 04, 2021
Two ransomware operators were arrested in Kyiv with EUROPOL’s support

Two ransomware operators arrested in Kyiv, Ukraine, that are suspected to have attacked more than 100 companies causing more than $150M in damages. A joint international law enforcement operation led to the arrest of the ransomware operators in Kyiv, Ukraine on September 28. The operation was conducted by the Ukrainian National Police, with the support […]

Pierluigi Paganini October 04, 2021
New APT ChamelGang Targets energy and aviation companies in Russia

ChamelGang APT is a new cyberespionage group that focuses on fuel and energy organizations and aviation industry in Russia ChamelGang is a new APT group that was first spotted in March by researchers at security firm Positive Technologies, it targets Russian companies in the energy and aviation industry. In March, the cyberespionage group was observed leveraging […]

Pierluigi Paganini October 04, 2021
LockBit 2.0 ransomware hit Israeli defense firm E.M.I.T. Aviation Consulting

Israeli Aerospace & Defense firm E.M.I.T. Aviation Consulting Ltd. was hit by LockBit 2.0 ransomware, operators will leak files on 07 Oct, 2021. LockBit 2.0 ransomware operators hit the Israeli aerospace and defense firm E.M.I.T. Aviation Consulting Ltd, threat actors claim to have stolen data from the company and are threatening to leak them on […]

Pierluigi Paganini October 03, 2021
TA544 group behind a spike in Ursnif malware campaigns targeting Italy

Proofpoint researchers reported that TA544 threat actors are behind a new Ursnif campaign that is targeting Italian organizations. Proofpoint researchers have discovered a new Ursnif baking Trojan campaign carried out by a group tracked as TA544 that is targeting organizations in Italy. The experts observed nearly 20 notable campaigns distributing hundreds of thousands of malicious […]

Pierluigi Paganini October 03, 2021
Security Affairs newsletter Round 334

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Threat actors exploit a flaw in Coinbase 2FA to steal user funds Flubot Android banking Trojan spreads […]

Pierluigi Paganini October 03, 2021
The Biden administration will work with 30 countries to curb global cybercrime

The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. U.S. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware gangs that are targeting organizations worldwide. “This month, the United States will bring together 30 countries […]

Pierluigi Paganini October 02, 2021
Flubot Android banking Trojan spreads via fake security updates

The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat actors behind the Flubot Android malware are now leveraging fake security updates to trick victims into installing the malicious code. The attackers use fake security warnings of Flubot infections and urging them to install the […]