Rilasciata una nuova versione del tool Hashr
Il CERT-AGID ha recentemente rilasciato una nuova versione del tool hashr come software libero e a codice aperto sotto licenza EUPL. Questo strumento, scaricabile gratuitamente dall'apposita pagina, è progettato per la ricerca di file malevoli all'interno di un filesystem confrontando i valori hash dei file riscontrati con una lista di [...]

by CERT-AgID - https://r.zerozone.it/post/GGTAbp3F0epJcvjdY

🏴‍☠️ Hunters has just published a new victim: Amourgis & Associates
Country : United States of America - Exfiltraded data : yes - Encrypted data : no

by Ransomware live - https://r.zerozone.it/post/qdZdgsXUGS4CnAxu5

🏴‍☠️ Ransomhub has just published a new victim: nynewspapers.com
[AI generated] "nynewspapers.com" is a digital platform that serves as a comprehensive directory and resource for newspapers in New York. It provides information on various publications across the state, catering to both local and regional audiences. The site is designed to help users find newspapers by location or type, offering [...]

by Ransomware live - https://r.zerozone.it/post/5CcbW2XBG6HH996J1

🏴‍☠️ Hunters has just published a new victim: Dietzgen Corporation
Country : United States of America - Exfiltraded data : yes - Encrypted data : no

by Ransomware live - https://r.zerozone.it/post/PXgHggtXknEpfnkrw

🏴‍☠️ Akira has just published a new victim: Followmont TransportPty Ltd
Followmont Transport can provide a complete transport, warehousin g and logistics solution or simply deliver a one-off parcel. We will upload 230Gb of data including NDAs, passports, lot’s of driver licenses, medical documents, detailed financial informati on.

by Ransomware live - https://r.zerozone.it/post/MhDCX3arRsKwP2HQ0

🏴‍☠️ Blacksuit has just published a new victim: dezinecorp.com
DezineCorp has been a trusted supplier of decorated promotional products in Canada since 2009, enabling businesses of all sizes to build their brand with top quality branded merchandise.

by Ransomware live - https://r.zerozone.it/post/5xaEpMzfGT60RXNgu

🏴‍☠️ Ransomhub has just published a new victim: potteau.be
[AI generated] Potteau.be is a Belgian company specializing in the design and manufacture of high-quality architectural elements, primarily focusing on facade cladding and sun protection solutions. They offer custom-made products tailored to the specific needs of their clients, combining aesthetic appeal with functionality. The company is known for its innovation, [...]

by Ransomware live - https://r.zerozone.it/post/2wZV3gB4PSREp16fv

🏴‍☠️ Lynx has just published a new victim: Future Metals
The Future Metals Company

by Ransomware live - https://r.zerozone.it/post/MJAd0byDuqWxNMvy4

🏴‍☠️ Blacksuit has just published a new victim: Supply Technologies
Supply Technologies, a subsidiary of ParkOhio(NASDAQ:PKOH), specializes in supplier selection and management, planning, implementing, managing the physical flow of product for world-class international manufacturing companies, and servicing customers in the various markets.

by Ransomware live - https://r.zerozone.it/post/dUuhau3jCTcdKrzJu

🏴‍☠️ Blacksuit has just published a new victim: Maxxis International
Founded in Taiwan, Maxxis got its start by making bicycle tires, and soon expanded its offerings to include tires for auto, light truck, ATV, motorcycle, trailer, and more. Today, Maxxis distributes its products in more than 180 countries and has operations in Asia, North America, South America, Europe, Africa, and [...]

by Ransomware live - https://r.zerozone.it/post/PY4vVYu4f4S810gne

🏴‍☠️ Lynx has just published a new victim: Plowman Craven
Integrated measurement and consultancy services to the property and infrastructure markets worldwide…we’re not just a Survey Company

by Ransomware live - https://r.zerozone.it/post/R5YSk8BANYrNrY4uc

🏴‍☠️ Killsec has just published a new victim: National Institute of Administration
N/A

by Ransomware live - https://r.zerozone.it/post/qBUxPGJRCKzC3Y8rK

🏴‍☠️ Lynx has just published a new victim: DSZ
DZS is a global leader of Network Edge, Connected Home/Enterprise and AI Cloud Software solutions that enable gigabit broadband everywhere.

by Ransomware live - https://r.zerozone.it/post/eeUd90z9VEQh4Xs7G

🏴‍☠️ Lynx has just published a new victim: TaxPros of Clermont
For over 25 years, Tax Preparation/Consulting firm owned by CPA's and Attorney's specializing in ALL types of tax return preparation/consulting/IRS Tax Defense.

by Ransomware live - https://r.zerozone.it/post/k0gQZmqKfKrhBHt46

🏴‍☠️ Lynx has just published a new victim: Banco de Fomento Internacional
Finance Organization.

by Ransomware live - https://r.zerozone.it/post/6H0PhNApZDwBKTKzk

SAP Security Patch Day
(AL02/241112/CSIRT-ITA)
SAP rilascia il Security Patch Day di novembre che risolve diverse vulnerabilità, di cui una con gravità “alta” che interessa il prodotto SAP Web Dispatcher, componente chiave per la gestione del traffico HTTP(S) verso i sistemi SAP. Tale vulnerabilità potrebbe permettere ad un utente malevolo la creazione di link opportunamente [...]

by CSIRT - https://r.zerozone.it/post/Yn0ZJJpYpDPuWYn49

Falsa notifica DocuSign: credenziali trasmesse a bot Telegram
Il CERT-AGID ha recentemente rilevato una campagna di phishing che si presenta come proveniente da DocuSign, una nota piattaforma per la firma elettronica e la gestione dei documenti. Queste email ingannevoli contengono allegati HTML progettati per rubare le credenziali degli utenti, consentendo ai malintenzionati di accedere ai loro account e [...]

by CERT-AgID - https://r.zerozone.it/post/BK1NsBWB1hH3EH9dF

Schneider Electric: sanate vulnerabilità in vari prodotti
(AL01/241112/CSIRT-ITA)
Sanate nuove vulnerabilità presenti in alcuni prodotti – integrabili anche in soluzioni SCADA - di Schneider Electric, di cui una con gravità “critica” e 5 con gravità “alta”.

by CSIRT - https://r.zerozone.it/post/H5Up2jkvTxmW0cG0G

Rilevate vulnerabilità nel prodotto DLink DSL6740C
(AL03/241112/CSIRT-ITA)
Rilevate 7 vulnerabilità di sicurezza, di cui una con gravità “critica” e 6 con gravità “alta”, nel prodotto D-Link DSL6740C. Tali vulnerabilità, qualora sfruttate, potrebbero permettere ad un utente malintenzionato remoto il bypass dei meccanismi di autenticazione e l’esecuzione di comandi arbitrari sui sistemi interessati.

by CSIRT - https://r.zerozone.it/post/TPCNt1actGeBUtdSf

🏴‍☠️ Ransomhub has just published a new victim: www.guymontigers.com
[AI generated] Guymon Tigers refers to the sports teams of Guymon High School, located in Guymon, Oklahoma. The school's athletic program includes a variety of sports such as football, basketball, soccer, and more, fostering school spirit and community involvement. The website likely offers information on game schedules, team rosters, and [...]

by Ransomware live - https://r.zerozone.it/post/m2QBKzHEkdjaxmJks

Studio di una nuova campagna Formbook attiva in Italia
È attualmente in corso una campagna di malspam, scritta in italiano corretto, diffusa su tutto il territorio nazionale, con l'intento di compromettere le vittime con il malware Formbook, noto per le sue capacità di Infostealer. L'e-mail si presenta come una comunicazione urgente riguardante fatture non pagate e induce le [...]

by CERT-AgID - https://r.zerozone.it/post/VXUkgbAFKN0NECsJD