Pierluigi Paganini
May 22, 2025
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 and it […]
Pierluigi Paganini
May 20, 2025
Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established within the Cybersecurity Observatory of the Unipegaso University, which I have the privilege […]
Pierluigi Paganini
April 22, 2025
SK Telecom warned that threat actors accessed customer Universal Subscriber Identity Module (USIM) info through a malware attack. SK Telecom is South Koreaās largest wireless telecom company, a major player in the countryās mobile and tech landscape. It holds about 48% of the market share for mobile services, meaning around 34 million subscribers use its […]
Pierluigi Paganini
October 18, 2024
U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S., Australia, and Canada, warn about a year-long campaign carried out by Iran-linked threat actors to break into critical infrastructure organizations via brute force and password spraying attacks. The attacks […]
Pierluigi Paganini
September 24, 2024
HP researchers detected a dropper that was generated by generative artificial intelligenceĀ services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligenceĀ services and used to deliver the AsyncRAT malware. The AI-generated malware was discovered in June 2024, the phishing message used an invoice-themed lure […]
Pierluigi Paganini
August 20, 2024
Blockchain analysis firm Chainalysis revealed that ransomware payments rose by approximately 2%, from $449.1 million to $459.8 million. Blockchain analysis firm Chainalysis revealed that while overall on-chain illicit activity has decreased by nearly 20% year-to-date, stolen funds and ransomware significantly increased. Stolen funds inflows almost doubled, rising from $857 million to $1.58 billion, and ransomware […]
Pierluigi Paganini
July 23, 2024
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ICS malware named FrostyGoop that interacts with Industrial Control Systems using the Modbus protocol. FrostyGoop is the ninth ICS malware that was discovered an that a nation-state […]
Pierluigi Paganini
July 10, 2024
Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope, TEMP.Jumper, Bronze Mohawk, Gingham Typhoon, ISLANDDREAMS, Kryptonite Panda, […]
Pierluigi Paganini
April 21, 2024
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. A joint advisory published by CISA, the FBI, Europol, and the Netherlandsā National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 […]
Pierluigi Paganini
April 08, 2024
The U.S. Department of Health and Human Services (HHS) warns of attacks against IT help desks across the Healthcare and Public Health (HPH) sector. The U.S. Department of Health and Human Services (HHS) reported that threat actors are carrying out attacks against IT help desks across the Healthcare and Public Health (HPH) sector. The Health […]
