The WannaCry Ransomware attack

https://negativepid.blog/the-wannacry-ransomware-attack/

#wannaCry #ransomware #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

Agi: Allarme iPhone: scoperto “Coruna”, il kit che svuota i wallet. Come proteggersi

AGI - I vecchi iPhone sono nel mirino di un nuovo, letale exploit kit chiamato "Coruna". A portarlo alla luce, sono stati gli esperti del Google Threat Intelligence Group (GTIG). Si tratta di una "cassetta degli attrezzi" digitale composta da ben 23 exploit differenti, capace di penetrare le difese degli smartphone Apple e sottrarre non solo dati sensibili, ma anche asset digitali dai wallet di criptovalute.
Secondo le ricostruzioni fornite da Google e confermate dagli analisti di iVerify, la genesi di Coruna è inquietante. Il kit sarebbe stato sviluppato da un'azienda specializzata in software di sorveglianza per essere venduto al governo degli Stati Uniti. Tuttavia, per dinamiche ancora da chiarire, il software è "sfuggito" al controllo originario, finendo sul mercato di seconda mano del dark web. Le conseguenze non sono tardate ad arrivare. Tra il febbraio e la fine del 2025, Coruna è diventato lo strumento preferito di gruppi di cybercriminali russi e cinesi, utilizzati per campagne di spionaggio e furto finanziario su scala globale.
Come funziona Coruna
Il kit non è un unico virus, ma una raccolta modulare che sfrutta falle di sicurezza (vulnerabilità) presenti nelle versioni di iOS comprese tra la 13 e la 17.2.1. Questo significa che il bersaglio principale sono gli utenti che possiedono iPhone datati, modelli che non possono più essere aggiornati alle versioni più recenti del sistema operativo.
Analogie con EternalBlue
Il caso Coruna presenta analogie con quanto accaduto nel 2017 con EternalBlue. All'epoca, un exploit sviluppato dalla NSA per Windows fu rubato dal gruppo Shadow Brokers e reso pubblico. Quella fuga di dati portò alla nascita di WannaCry e NotPetya, i ransomware che misero in ginocchio ospedali, banche e aziende in tutto il mondo. Oggi, la storia sembra ripetersi: uno strumento nato per la sicurezza nazionale diventa un volano per il crimine informatico globale.
Le contromisure di Apple
La buona notizia è che Apple ha già rilasciato le contromisure necessarie. Tutte le vulnerabilità sfruttate da Coruna sono state risolte con il rilascio di iOS 26. La migliore soluzione, dunque, è aggiornare il sistema operativo alla versione più recente possibile. Attualmente, resterebbero fuori dall’aggiornamento gli iPhone precedenti ai 13/14.

iPhone Alert: “Coruna” discovered, the kit that drains wallets. How to protect yourself.

AGI - Old iPhones are the target of a new, lethal exploit kit called "Coruna." Google Threat Intelligence Group (GTIG) experts brought it to light. It’s a digital “tool kit” consisting of 23 different exploits, capable of penetrating Apple smartphones’ defenses and stealing not only sensitive data but also digital assets from cryptocurrency wallets.

According to Google’s reconstruction and confirmed by iVerify analysts, the genesis of Coruna is unsettling. The kit was reportedly developed by a company specializing in surveillance software to be sold to the United States government. However, due to still-unclear dynamics, the software “escaped” from its original control, ending up on the secondary market of the dark web. The consequences didn’t delay. Between February and the end of 2025, Coruna became the preferred tool of Russian and Chinese cybercriminal groups, used for global espionage and financial theft campaigns.

How Coruna Works

The kit is not a single virus, but a modular collection that exploits security vulnerabilities (vulnerabilities) present in iOS versions between 13 and 17.2.1. This means the main target are users who own outdated iPhones, models that can no longer be updated to the latest versions of the operating system.

Analogies with EternalBlue

The Coruna case presents analogies with what happened in 2017 with EternalBlue. At the time, an exploit developed by the NSA for Windows was stolen by the Shadow Brokers and made public. That data leak led to the birth of WannaCry and NotPetya, the ransomware that brought hospitals, banks and companies around the world to their knees. Today, the story seems to repeat itself: a tool born for national security becomes a catalyst for global cybercrime.

Apple’s Countermeasures

The good news is that Apple has already released the necessary countermeasures. All the vulnerabilities exploited by Coruna have been resolved with the release of iOS 26. The best solution, therefore, is to update the operating system to the latest possible version. Currently, iPhones prior to the 13/14 would remain outside the update.

#Apple #Google #Coruna #UnitedStates #Russian #Chinese #EternalBlue #WannaCry #NotPetya

https://www.agi.it/estero/news/2026-03-05/iphone-coruna-35953925/

Кибератаки на медицинскую инфраструктуру: реальные угрозы и последствия

Сегодня медицина невозможна без цифровых систем, которые хранят наши данные и обеспечивают работу больниц. В этой статье я предлагаю обсудить вопрос кибербезопасности в сфере здравоохранения.

https://habr.com/ru/companies/beget/articles/980956/

#защита_персональных_данных #ransomware #программывымогатели #утечки_данных #кии #aptатаки #wannacry #IoMT #raas

When the NSA built the first ransomware worm, they didn't imagine that it would ever be leaked and start a global outbreak. The Wannacry ransomware attack quickly became the most destructive and fast-moving cyberattack in history. It was stopped in its tracks by the accidental discovery of a kill switch. This is how the wave of ransomware attacks started.

#wannacry #ethernalblue #ransomware #cyberattacks

https://negativepid.blog/the-wannacry-ransomware-attack/
https://negativepid.blog/the-wannacry-ransomware-attack/

When the NSA built the first ransomware worm, they didn't imagine that it would ever be leaked and start a global outbreak. The Wannacry ransomware attack quickly became the most destructive and fast-moving cyberattack in history. It was stopped in its tracks by the accidental discovery of a kill switch. This is how the wave of ransomware attacks started.

#wannacry #ethernalblue #ransomware #cyberattacks

https://negativepid.blog/the-wannacry-ransomware-attack/
https://negativepid.blog/the-wannacry-ransomware-attack/

When the NSA built the first ransomware worm, they didn't imagine that it would ever be leaked and start a global outbreak. The Wannacry ransomware attack quickly became the most destructive and fast-moving cyberattack in history. It was stopped in its tracks by the accidental discovery of a kill switch. This is how the wave of ransomware attacks started.

#wannacry #ethernalblue #ransomware #cyberattacks

https://negativepid.blog/the-wannacry-ransomware-attack/
https://negativepid.blog/the-wannacry-ransomware-attack/

When the NSA built the first ransomware worm, they didn't imagine that it would ever be leaked and start a global outbreak. The Wannacry ransomware attack quickly became the most destructive and fast-moving cyberattack in history. It was stopped in its tracks by the accidental discovery of a kill switch. This is how the wave of ransomware attacks started.

#wannacry #ethernalblue #ransomware #cyberattacks

https://negativepid.blog/the-wannacry-ransomware-attack/
https://negativepid.blog/the-wannacry-ransomware-attack/

When the NSA built the first ransomware worm, they didn't imagine that it would ever be leaked and start a global outbreak. The Wannacry ransomware attack quickly became the most destructive and fast-moving cyberattack in history. It was stopped in its tracks by the accidental discovery of a kill switch. This is how the wave of ransomware attacks started.

#wannacry #ethernalblue #ransomware #cyberattacks

https://negativepid.blog/the-wannacry-ransomware-attack/
https://negativepid.blog/the-wannacry-ransomware-attack/

"In an example of egregious planned obsolescence, as many as 400 million computers will soon hit the waste stream."

#EWaste #Windows10 #Recycling #PlannedObsolescence #Ransomware #WannaCry