TRU Security

Palermo, a city of 1.3 million people and a popular tourist destination in Southern Italy, has become the latest victim of a Vice Society ransomware attack.

First appearing on the scene as a banking trojan in 2007, Qbot has since expanded to become a powerful botnet threat that frequently works with ransomware gangs. Now the group can count Black Basta as their latest partner.

A new Windows vulnerability, dubbed CVE-2022 30190 (or "Follina"), allows attackers to create a Word document that will execute malicious code through the MSDT protocol when a user opens the file in Preview mode.

In two years time, the APT known as SideWinder has attacked as many as 1,000 victims. While the group behind SideWinder has focused on aviation, defense, IT, legal, and military targets in central Asian countries, it appears to be expanding its geography.

Carinthia, the southernmost state in Austria, has had their computer systems encrypted by BlackCat (ALPHV) ransomware, causing a severe disruption of government services.

The 2022 Verizon Data Breach Investigation Report is out, and it covers investigations into 23,896 cybersecurity incidents that occurred in 2021.

A new malware distribution campaign is embedding malicious Microsoft Word documents inside PDF files, prompting victims to launch the Word document as soon as the PDF is opened.