Google Threat Intelligence Group (GTIG) ha pubblicato l’analisi di STOCKSTAY, una backdoor modulare in .NET sviluppata dal gruppo russo Turla almeno dal dicembre 2022 e impiegata in operazioni dal 2023 per attività di spionaggio contro organizzazioni governative e militari in Ucraina. Il dettaglio che rende la ricerca rilevante per il pubblico italiano è esplicito nel ..
Tag : Cybercrime
Il data breach Trenitalia, comunicato il 26 giugno, espone i dati di contatto e di viaggio di una parte dei passeggeri. La principale compagnia ferroviaria italiana ha inviato ai clienti interessati una email con oggetto “Comunicazione di violazione dei dati personali ai sensi dell’art. 34 del Regolamento UE 679/2016”, attribuendo l’accesso non autorizzato ai database ..
Microsoft, law enforcement, and several cybersecurity companies have collaborated to take down infrastructure shared by two widely used malware families: Amadey and StealC. The action, part of the long-running Operation Endgame, involved the use of AI, legal action, and the exploitation of a vulnerability in a malware control panel, and resulted in hundreds of domains ..
A third man charged for his role in a 2022 hacking attack on the sports and betting website DraftKings has been sentenced to prison, the Justice Department announced on Tuesday. The DOJ has not named the targeted site, describing it as a fantasy sports and betting website, but its description of the attack matches the ..
An initial access broker (IAB) linked to multiple ransomware families has been using a new remote access trojan (RAT) in recent attacks, Broadcom’s Symantec and Carbon Black threat hunter team reports. The threat actor, tracked as Woodgnat and KongTuke, and active since at least May 2024, is known to have ties to ransomware groups such ..
The latest wave of breaches attributed to the ShinyHunters cybercrime collective (e.g., University of Nottingham, DentaQuest, 7-Eleven, Medtronic, and Wynn Resorts), reinforces a hard truth security leaders can no longer ignore: attackers are increasingly bypassing traditional perimeter defenses and targeting identities, authentication workflows, SaaS integrations, and trusted access paths instead of exploiting software vulnerabilities directly. ..
Per secoli si è creduto che le pestilenze viaggiassero nell’aria: un miasma, un alito corrotto che si insinuava nei polmoni senza volto né origine, e contaminava prima ancora di farsi vedere. Un’idea sbagliata sulla medicina, ma un’intuizione perfetta sul contagio. Chi ha battezzato l’ultima variante del worm Shai-Hulud lo sapeva: i repository che il malware ..
One of the most dangerous outcomes of the rise of AI in cybersecurity is the rise of the zero-knowledge threat actor. A threat actor who has negligible technical expertise but enough malicious intent. This actor can leverage AI, turn limited skills into usable offensive capability via generating malicious code, exploiting vulnerabilities, shaping attack steps and ..
Password management and credential security solutions provider Dashlane revealed on Monday that it has been targeted in a brute-force attack campaign that resulted in a limited number of encrypted vaults being downloaded by the attackers. According to Dashlane, the attack began on May 31, with attackers attempting to brute-force 2FA to register their own devices ..
SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of ..


