COVID-19: Italian vaccination archive sold
Italian COVID-19 vaccination data offered for sale on underground markets: data scope, source hypotheses and implications for affected citizens.
Blog · research & analysis
Latest analysis
Read the analysis
Malware TrickBot – June 2021
An Italian malspam campaign has been identified with the objective of delivering TrickBot malware via an Excel attachment. The malware has been traced back to the sat1 botnet. TrickBot is a banking trojan developed to steal login credentials for victims’ banking sites through the use of webinjects. Since June 2018, TrickBot has been upgraded with … Read more
Avaddon shuts down — decryption keys released publicly
Avaddon ransomware operation closure with public release of decryption keys: recovery scope for past victims and post-shutdown affiliate movement signals.
Protected: Energy sector: theft of CEO private data
There is no excerpt because this is a protected post.
VMware vCenter vulnerability
VMware vCenter critical vulnerability: unauthenticated RCE primitives, exposure metrics, exploitation evidence and remediation steps for affected estates.
Ursnif/Cutwail Malware — June 2021
Ursnif/Cutwail malspam infrastructure update for June 2021: botnet-driven distribution, lure rotation and host indicators across affected estates.
Business Ransomware: ongoing reorganisation
Ransomware ecosystem reorganisation following law-enforcement pressure: rebrandings, splinter groups, affiliate movement and intelligence priorities for defenders.
Protected: AnyDesk Malvertising — malware for system access
There is no excerpt because this is a protected post.
Protected: Cyber Threat Intelligence: usefulness in a simulated case
There is no excerpt because this is a protected post.
