Ransomware confirms to be one of the most pervasive threats of the last years. We saw during these last years the infamous phenomenon of Double Extorsion, where well-organized cyber-criminal groups perform highly sophisticated red team operations to achieve the highest level of privileges inside the perimeter of victim networks and, before releasing the ransomware, they steal all the […]

This post is also available in: 日本語 (Japanese) Executive Summary The recently discovered and patched Microsoft Exchange vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065) have garnered considerable attention due to their mass exploitation and the severity of impact each exploitation has on the affected organization. On March 6, 2021, an unknown […]

Cryptocurrency Fraud , Cybercrime , Cyberwarfare / Nation-State Attacks Magecart-Style Attacks Included Bitcoin-Grabbing Functionality, Group-IB Reports Mathew J. Schwartz (euroinfosec) • April 15, 2021     Fake payment form, which opens in an iFrame element, discovered in Magecart-style attacks attributed to Lazarus (Source: Group-IB) Hackers with apparent ties to North […]