Shamoon disk wiper attack on Saipem signals new affront against energy sector, Middle Eastern interests
The malware used to disrupt the global operations of Italian energy contractor Saipem S.p.A. earlier this week was none other than Shamoon, a disk wiper that's been used in two prior attacks against Saudi interests.
A global phishing campaign called Operation Sharpshooter was discovered using fake job recruitment documents to infect defence, government and critical infrastructure organisations with a malicious backdoor implant, presumably for cyber-espionage purposes.
Italian oil and gas industry contractor Saipem S.p.A. has reportedly confirmed that a Monday cyber-attack impacted its servers and infrastructure in the Middle East as well as in Scotland.
A cyber-criminal phishing operation designed to infect victims with a malicious backdoor was recently discovered using command-and-control domains that intentionally spoofed the real-life domains of various Russian critical infrastructure firms.
Over the last year and a half, attackers compromised more than 40,000 credentials for various global government websites and portals, using a combination of spyware tools and phishing tactics.
A two-month Monero cryptomining campaign targeted both Linux-based servers and Internet of Things devices with a newly discovered malware family called "Linux Rabbit," researchers have reported.
The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates.
A Russian company that claims to specialise in decrypting ransomware is actually just secretly brokering deals with the malware distributors and charging victims for this middle-man service, researchers say.
The DanaBot banking trojan is branching out into new territories, adding email address harvesting and spam distribution to its bag of tricks, while apparently partnering with the actors behind GootKit, another banking malware program.
Adobe Systems today issued an emergency security update for Flash Player following the discovery of a critical vulnerability that attackers were actively exploiting in a 29 November phishing operation targeting a Russian state health care institution.