LATEST NEWS

VIEW ALL
Location services, Google is tracking your every move you make
Pierluigi Paganini August 24, 2014

Location services are considered a serious threat to privacy because data managed by company like Google could be used for online surveillance. Many experts consider privacy a utopia, every activity ...

A new Side channel attack-how to steal encryption keys by touching PCs
Pierluigi Paganini August 24, 2014

Researchers demonstrated a new side channel attack which allow them to steal encryption keys by simply touching a laptop. Yesterday I published a post on an interesting research conducted by a the t ...

Hacking Gmail mobile app with 92 percent success and many other applications
Pierluigi Paganini August 22, 2014

Researchers have developed a malware which exploits "a newly discovered public side channel" which allows the access to the shared memory statistics of an app's process. Researchers have developed a ...

Foreign hackers stole Flight MH370 data from investigators
Pierluigi Paganini August 22, 2014

The day after the crash of Malaysia Airlines Flight MH370 hackers stole classified data from the computers of senior officials involved in the investigation. Just after the incident occurred to the M ...

recent articles

APT
Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. government and nonprofits. The Justice Department revealed the unsealing o ...

Pierluigi Paganini October 04, 2024
Hacking
Dutch police breached by a state actor

The Dutch government blames a "state actor" for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state acto ...

Pierluigi Paganini October 03, 2024
Cyber Crime
Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have explo ...

Pierluigi Paganini October 03, 2024
Digital ID
Telegram revealed it shared U.S. user data with law enforcement

Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed th ...

Pierluigi Paganini October 03, 2024
Security
U.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Endpoint Manager (EPM) vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini October 02, 2024
Security
14 New DrayTek routers' flaws impacts over 700,000 devices in 168 countries

Multiple flaws in DrayTek residential and enterprise routers can be exploited to fully compromise vulnerable devices. Forescout researchers discovered 14 new vulnerabilities in DrayTek routers, tw ...

Pierluigi Paganini October 02, 2024
Malware
Rhadamanthys information stealer introduces AI-driven capabilities

The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorde ...

Pierluigi Paganini October 02, 2024
Hacking
Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!

Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor's Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting ...

Pierluigi Paganini October 02, 2024
Cyber Crime
Police arrested four new individuals linked to the LockBit ransomware operation

An international police operation led to the arrest of four individuals linked to the LockBit ransomware group, including a developer. Europol, the UK, and the US law enforcement authorities annou ...

Pierluigi Paganini October 02, 2024
Cyber Crime
UMC Health System diverted patients following a ransomware attack

US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an ...

Pierluigi Paganini October 01, 2024
Hacking
U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabiliti ...

Pierluigi Paganini October 01, 2024
Hacking
News agency AFP hit by cyberattack, client services impacted

AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that ...

Pierluigi Paganini October 01, 2024
APT
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cybe ...

Pierluigi Paganini October 01, 2024
Cyber Crime
Patelco Credit Union data breach impacted over 1 million people

The ransomware attack on Patelco Credit Union this summer led to a data breach affecting over 1 million individuals, revealed the company. Patelco Credit Union is a member-owned, not-for-profit c ...

Pierluigi Paganini September 30, 2024
Data Breach
Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. In May, the Community Clinic of Maui experienced a major IT outage that impa ...

Pierluigi Paganini September 30, 2024
Cyber Crime
A British national has been charged for his execution of a hack-to-trade scheme

The Department of Justice charged a British national for hacking into the systems of five U.S. organizations. The Department of Justice charged the British national Robert Westbrook (39) for hacki ...

Pierluigi Paganini September 30, 2024
Uncategorized
Critical NVIDIA Container Toolkit flaw could allow access to the underlying host

A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host. Critical vulnerability CVE-2024-0132 (CVSS score 9.0) in the ...

Pierluigi Paganini September 30, 2024
Cyber warfare
Israel army hacked the communication network of the Beirut Airport control tower

Israel allegedly hacked Beirut airport 's control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of ...

Pierluigi Paganini September 29, 2024
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 13

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini September 29, 2024
Breaking News
Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini September 29, 2024
Social Networks
Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

The Irish Data Protection Commission (DPC) fined Meta €91 million for storing the passwords of hundreds of millions of users in plaintext. The Irish Data Protection Commission (DPC) has fined Me ...

Pierluigi Paganini September 28, 2024
Security
A cyberattack on Kuwait Health Ministry impacted hospitals in the country

The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple hospitals and disabled the Sahel healthcare app. Kuwait’s Health Ministry was the victim of a cyber ...

Pierluigi Paganini September 28, 2024
Digital ID
The Tor Project and Tails have merged operations

The Tor Project and Tails OS have joined forces and merged operations to counter a growing number of digital threats. The Tor Project and Tails have merged operations to enhance collaboration and ...

Pierluigi Paganini September 27, 2024
Hacking
Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on publi ...

Pierluigi Paganini September 27, 2024
Hacking
CUPS flaws allow remote code execution on Linux systems under certain conditions

A researcher has disclosed details of an unpatched Linux vulnerability, initially labeled as critical, that allows remote code execution. The popular cybersecurity researcher Simone Margaritelli ( ...

Pierluigi Paganini September 27, 2024
Cyber Crime
U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryp ...

Pierluigi Paganini September 27, 2024
Hacking
Hacking Kia cars made after 2013 using just their license plate

Researchers discovered critical flaws in Kia's dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts (Neiko Rivera, Sam Cu ...

Pierluigi Paganini September 26, 2024
ICS-SCADA
Critical RCE vulnerability found in OpenPLC

Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution. Cisco’s Talos threat intelligence unit has disclosed details of f ...

Pierluigi Paganini September 26, 2024
APT
China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. China-linked threat actors have breached several ...

Pierluigi Paganini September 26, 2024
Digital ID
Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature

Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a c ...

Pierluigi Paganini September 26, 2024
Deep Web
Data of 3,191 congressional staffers leaked in the dark web

The personal information of over 3,000 congressional staffers was leaked on the dark web following a major cyberattack on the U.S. Capitol. The personal information of approximately 3,191 congress ...

Pierluigi Paganini September 26, 2024
Malware
New variant of Necro Trojan infected more than 11 million devices

Experts warn of Necro Trojan found in Google Play, threat actors are spreading it through fake versions of legitimate Android apps. Researchers from Kaspersky discovered a new version of the Necro ...

Pierluigi Paganini September 25, 2024
Hacking
U.S. CISA adds Ivanti Virtual Traffic Manager flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Virtual Traffic Manager vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruc ...

Pierluigi Paganini September 25, 2024
Hacking
Arkansas City water treatment facility switched to manual operations following a cyberattack

Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations due to a cyberattack. Arkansas City, Kansas, had to switch its water tr ...

Pierluigi Paganini September 25, 2024
Malware
New Android banking trojan Octo2 targets European banks

A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices. ThreatFabric researchers discovered a new version of the Android ...

Pierluigi Paganini September 25, 2024
Malware
A generative artificial intelligence malware used in phishing attacks

HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers dis ...

Pierluigi Paganini September 24, 2024
Security
A cyberattack on MoneyGram caused its service outage

American peer-to-peer payments and money transfer company MoneyGram confirmed that a cyberattack caused its service outage. American interstate and international peer-to-peer payments and mo ...

Pierluigi Paganini September 24, 2024
Intelligence
Did Israel infiltrate Lebanese telecoms networks?

Israel has been sending text messages, recordings, and hacking radio networks to warn Lebanese citizens to evacuate certain areas. Israel has been sending text messages, recordings, and hacking ra ...

Pierluigi Paganini September 24, 2024
Mobile
Telegram will provide user data to law enforcement in response to legal requests

Telegram will provide user data to law enforcement agencies in response to valid legal requests, according to a recent policy update Telegram has updated its privacy policy informing users that it ...

Pierluigi Paganini September 24, 2024
Security
ESET fixed two privilege escalation flaws in its products

ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems. Cybersecurity firm ESET released security patches for two local privileg ...

Pierluigi Paganini September 23, 2024
APT
North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages

North Korea-linked APT group Gleaming Pisces is distributing a new malware called PondRAT through tainted Python packages. Unit 42 researchers uncovered an ongoing campaign distributing Linux and ...

Pierluigi Paganini September 23, 2024
APT
Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw

Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-link ...

Pierluigi Paganini September 23, 2024
Hacking
Hacktivist group Twelve is back and targets Russian entities

Hacktivist group Twelve is back and targets Russian entities to destroy critical assets and disrupt their operations. The hacktivist group Twelve has been active since at least April 2023, it was ...

Pierluigi Paganini September 23, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Protect Your Crypto: Understanding the Ongoing Global Malware ...

Pierluigi Paganini September 22, 2024
Breaking News
Security Affairs newsletter Round 490 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini September 22, 2024
Breaking News
Noise Storms: Mysterious massive waves of spoofed traffic observed since 2020

GreyNoise Intelligence firm warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms.  GreyNoise Intelligence has been tracking a mysteri ...

Pierluigi Paganini September 22, 2024
Cyber Crime
Hackers stole over $44 million from Asian crypto platform BingX

Cybercriminals stole more than $44 million worth of cryptocurrency from the Singaporean crypto platform BingX. Singaporean crypto platform BingX reported a cyberattack on Friday. Threat actors sto ...

Pierluigi Paganini September 21, 2024
Cyber Crime
OP KAERB: Europol dismantled phishing scheme targeting mobile users

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in ...

Pierluigi Paganini September 21, 2024
Cyber warfare
Ukraine bans Telegram for government agencies, military, and critical infrastructure

Ukraine's NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. Ukraine's National Coordination Centre for Cybersecurity ( ...

Pierluigi Paganini September 21, 2024
Security
Tor Project responded to claims that law enforcement can de-anonymize Tor users

The maintainers of the Tor Project have responded to claims that German police have devised a technique to deanonymize users. The maintainers of the Tor Project have responded to claims that Germa ...

Pierluigi Paganini September 20, 2024
APT
UNC1860 provides Iran-linked APTs with access to Middle Eastern networks

Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant researchers warn that an Iran-linked APT group, tracked ...

Pierluigi Paganini September 20, 2024
Cyber Crime
US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency

The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The U.S. DoJ arrested two people, Malone Lam (20) (aka "Greavys," "Anne ...

Pierluigi Paganini September 20, 2024
Uncategorized
The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. Microsoft Threat Intelligence team revealed th ...

Pierluigi Paganini September 20, 2024
Hacking
U.S. CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...

Pierluigi Paganini September 20, 2024
Security
Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appl ...

Pierluigi Paganini September 19, 2024
Cyber Crime
International law enforcement operation dismantled criminal communication platform Ghost

An international law enforcement operation infiltrated the encrypted messaging app Ghost, which was widely used by criminals, resulting in the arrest of dozens of individuals. An international law ...

Pierluigi Paganini September 19, 2024
Security
U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exp ...

Pierluigi Paganini September 19, 2024
Security
SIEM for Small and Medium-Sized Enterprises: What you need to know

Small and medium-sized enterprises (SMEs) are a frequent target for cybercriminals. How can SIEM help them improve their cybersecurity? Contrary to what they might believe, small and medium-sized ...

Pierluigi Paganini September 19, 2024
Hacking
Antivirus firm Dr.Web disconnected all servers following a cyberattack

Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend. This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had di ...

Pierluigi Paganini September 19, 2024
Malware
Experts warn of China-linked APT's Raptor Train IoT Botnet

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen's Black Lotus Labs discovered a new botnet, n ...

Pierluigi Paganini September 18, 2024
Cyber Crime
Credential Flusher, understanding the threat and how to protect your login data

Credential Flusher is a method that allows hackers to steal login credentials directly from the victim’s web browser. The cyber attacks have become increasingly sophisticated, putting our person ...

Pierluigi Paganini September 18, 2024
Security
U.S. Treasury issued fresh sanctions against entities linked to the Intellexa Consortium

The U.S. Department of Treasury issued new sanctions against five executives and one entity linked to the Intellexa Consortium. The Department of the Treasury’s Office of Foreign Assets Control ...

Pierluigi Paganini September 18, 2024
Security
Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812

Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulne ...

Pierluigi Paganini September 18, 2024
Intelligence
Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries

Remote attack on pagers used by Hezbollah in Lebanon and Syria caused their explosion; at least 8 nine people dead and more than 2,800 injured. At least nine eight individuals, including a child, ...

Pierluigi Paganini September 17, 2024
Cyber Crime
Chinese man charged for spear-phishing against NASA and US Government

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. Air Force, Navy, Army, and the FAA. The U.S. DoJ charged a Chinese national, Song Wu ( ...

Pierluigi Paganini September 17, 2024
Security
U.S. CISA adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyberse ...

Pierluigi Paganini September 17, 2024
Digital ID
Taking Control Online: Ensuring Awareness of Data Usage and Consent

Why do consumers refuse to consent to their data being shared? Ensuring transparency on their usage and consent. In the digital world, trust is essential for the relationships between brands and c ...

Pierluigi Paganini September 17, 2024
Data Breach
Qilin ransomware attack on Synnovis impacted over 900,000 patients

The personal information of a million individuals was published online following a ransomware attack that in June disrupted NHS hospitals in London. In June, a ransomware attack on pathology and d ...

Pierluigi Paganini September 17, 2024
Security
D-Link addressed three critical RCE in wireless router models

D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link has addressed three critical vulnerabilities, ...

Pierluigi Paganini September 16, 2024
Hacking
Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Window ...

Pierluigi Paganini September 16, 2024
Security
SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. SolarWinds released security updates to address a critical-severity remote ...

Pierluigi Paganini September 16, 2024
Laws and regulations
Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of "threat intelligence" information exposure. Apple is seeking to drop its lawsuit against Israeli spyware com ...

Pierluigi Paganini September 16, 2024
Hacking
Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb

A hacker tricked ChatGPT into providing instructions to make homemade bombs demonstrating how to bypass the chatbot safety guidelines. A hacker and artist, who goes online as Amadon, tricked ChatG ...

Pierluigi Paganini September 16, 2024
Cyber Crime
Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack

Port of Seattle confirmed on Friday that the Rhysida ransomware group was behind the cyberattack that hit the agency in August. In August, a cyber attack hit the Port of Seattle, which also opera ...

Pierluigi Paganini September 15, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mythical Beasts and Where to Find Them: Mapping the Global Sp ...

Pierluigi Paganini September 15, 2024
Hacking
U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...

Pierluigi Paganini September 14, 2024
Hacking
Ivanti Cloud Service Appliance flaw is being actively exploited in the wild

Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild. Ivanti warned that a newly patched vulnerability, tracked as CVE-20 ...

Pierluigi Paganini September 14, 2024
Security
GitLab fixed a critical flaw in GitLab CE and GitLab EE

GitLab addressed multiple vulnerabilities impacting GitLab CE/EE, including a critical pipeline execution issue. GitLab released security patches for 17 vulnerabilities in GitLab CE (Community Ed ...

Pierluigi Paganini September 14, 2024
Malware
New Linux malware called Hadooken targets Oracle WebLogic servers

A new Linux malware called Hadooken targets Oracle WebLogic servers, it has been linked to several ransomware families. Aqua Security Nautilus researchers discovered a new Linux malware, called H ...

Pierluigi Paganini September 13, 2024
Data Breach
Lehigh Valley Health Network hospital network has agreed to a $65 million settlement after data breach

Lehigh Valley Health Network ’s (LVHN) hospital network has agreed to a $65 million settlement in a class action lawsuit related to a data breach. Lehigh Valley Health Network (LVHN) is a large ...

Pierluigi Paganini September 13, 2024
Malware
Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 million Android devices in 197 countries. Doctor Web researchers uncovered a malware, tracked as Vo1d, ...

Pierluigi Paganini September 13, 2024
Data Breach
Cybersecurity giant Fortinet discloses a data breach

Fortinet disclosed a data breach after a threat actor claimed the theft of 440GB of files from the company's Microsoft Sharepoint server. Today, Fortinet told Cyber Daily that a threat actor gaine ...

Pierluigi Paganini September 12, 2024
Cyber Crime
Singapore Police arrest six men allegedly involved in a cybercrime syndicate

The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The Singapore Police Force (SPF) arrested five Chinese nationals ...

Pierluigi Paganini September 12, 2024
Security
Adobe Patch Tuesday security updates fixed multiple critical issues in the company's products

Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multip ...

Pierluigi Paganini September 12, 2024
Cyber Crime
Highline Public Schools school district suspended its activities following a cyberattack

Highline Public Schools, a school district in Washington state, remains closed following a cyberattack that occurred two days ago. Two days ago Highline Public Schools (HPS), a school district in ...

Pierluigi Paganini September 11, 2024
Malware
RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR

Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool t ...

Pierluigi Paganini September 11, 2024
Security
Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is ...

Pierluigi Paganini September 11, 2024
Security
Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for September 2024 addres ...

Pierluigi Paganini September 11, 2024
Malware
Quad7 botnet evolves to more stealthy tactics to evade detection

The Quad7 botnet evolves and targets new  SOHO devices, including Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. The Sekoia TDR team identified additional implants assoc ...

Pierluigi Paganini September 10, 2024
Cyber warfare
Poland thwarted cyberattacks that were carried out by Russia and Belarus

Poland 's security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. Poland security services announced they have thwarted a cyber opera ...

Pierluigi Paganini September 10, 2024
Security
U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and I ...

Pierluigi Paganini September 10, 2024
Data Breach
Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised. The electronic payment gateway Slim CD disclosed a data ...

Pierluigi Paganini September 10, 2024
Intelligence
Predator spyware operation is back with a new infrastructure

Researchers warn of a fresh cluster of activity associated with the Predator spyware using a new infrastructure, following the U.S. sanctions against the Intellexa Consortium. Recorded Future rese ...

Pierluigi Paganini September 09, 2024
APT
TIDRONE APT targets drone manufacturers in Taiwan

A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an allegedly China-linked threat actor, tracked TID ...

Pierluigi Paganini September 09, 2024
Malware
Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Researchers at Fortinet FortiGuard Labs reported that thr ...

Pierluigi Paganini September 09, 2024
Security
Progress Software fixed a maximum severity flaw in LoadMaster

Progress Software released an emergency to address a maximum severity vulnerability in its LoadMaster products. Progress Software released an emergency fix for a critical vulnerability, tracked as ...

Pierluigi Paganini September 09, 2024
Cyber Crime
Feds indicted two alleged administrators of WWH Club dark web marketplace

Russian And Kazakhstani men indicted for operating the Dark Web cybercriminals marketplace WWH Club and other crime forums and markets. Alex Khodyrev (35) from Kazakhstan) and Pavel Kublitskii (37 ...

Pierluigi Paganini September 08, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. BlackSuit Ransomware Dissecting the Cicada   &nb ...

Pierluigi Paganini September 08, 2024
Breaking News
Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini September 08, 2024
Security
U.S. CISA adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...

Pierluigi Paganini September 07, 2024
Security
A flaw in WordPress LiteSpeed Cache Plugin allows account takeover

A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for Word ...

Pierluigi Paganini September 07, 2024
Data Breach
Car rental company Avis discloses a data breach

Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers' personal information. Car rental company Avis notified customers impa ...

Pierluigi Paganini September 06, 2024
Hacking
SonicWall warns that SonicOS bug exploited in attacks

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access cont ...

Pierluigi Paganini September 06, 2024
Security
Apache fixed a new remote code execution flaw in Apache OFBiz

Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE ...

Pierluigi Paganini September 06, 2024
Cyber warfare
Russia-linked GRU Unit 29155 targeted critical infrastructure globally

The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from ...

Pierluigi Paganini September 06, 2024
Security
Veeam fixed a critical flaw in Veeam Backup & Replication software

Veeam addressed 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. Veeam security updates to address multiple vulnerabilities impacting its ...

Pierluigi Paganini September 05, 2024
Malware
Earth Lusca adds multiplatform malware KTLVdoor to its arsenal

The Chinese-speaking threat actor Earth Lusca used the new backdoor KTLVdoor in an attack against a trading company in China. Trend Micro Researchers spotted the Chinese-speaking threat actor Eart ...

Pierluigi Paganini September 05, 2024
APT
Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

A cyber attack hit the German air traffic control agency (DFS) disrupting its operations, experts attribute it to Russia-linked group APT28. A cyber attack targeted the German Air Traffic Control ...

Pierluigi Paganini September 05, 2024
Hacking
Quishing, an insidious threat to electric car owners

Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to ...

Pierluigi Paganini September 05, 2024
Security
Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them!

D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vul ...

Pierluigi Paganini September 04, 2024
Hacktivism
Head Mare hacktivist group targets Russia and Belarus

A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a h ...

Pierluigi Paganini September 04, 2024
Security
Zyxel fixed critical OS command injection flaw in multiple routers

Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerabili ...

Pierluigi Paganini September 04, 2024
Security
VMware fixed a code execution flaw in Fusion hypervisor

VMware released a patch to address a high-severity code execution flaw in its Fusion hypervisor, users are urged to apply it. VMware addressed a high-severity code execution vulnerability, tracke ...

Pierluigi Paganini September 03, 2024
Hacking
Vulnerabilities in Microsoft apps for macOS allow stealing permissions

Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. Cisco Talos researchers discovered eight vulnerabilities in Microsoft apps for mac ...

Pierluigi Paganini September 03, 2024
Cyber Crime
Three men plead guilty to running MFA bypass service OTP.Agency

Three men have pleaded guilty to operating OTP.Agency, an online service that allowed crooks to bypass Multi-Factor authentication (MFA). Three men, Callum Picari (22), Vijayasidhurshan Vijayanath ...

Pierluigi Paganini September 03, 2024
Hacking
Transport for London (TfL) is dealing with an ongoing cyberattack

Transport for London (TfL) is investigating an ongoing cyberattack, however, customer information was compromised. Transport for London (TfL) is investigating an ongoing cyberattack. However, the ...

Pierluigi Paganini September 02, 2024
Cyber Crime
Lockbit gang claims the attack on the Toronto District School Board (TDSB)

The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students' ...

Pierluigi Paganini September 02, 2024
Cyber Crime
A new variant of Cicada ransomware targets VMware ESXi systems

A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) oper ...

Pierluigi Paganini September 02, 2024
Hacking
An air transport security system flaw allowed to bypass airport security screenings

A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) pro ...

Pierluigi Paganini September 01, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev ...

Pierluigi Paganini September 01, 2024
Breaking News
Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini September 01, 2024
Security
Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw

Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra release ...

Pierluigi Paganini August 30, 2024
Hacking
South Korea-linked group APT-C-60 exploited a WPS Office zero-day

South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE� ...

Pierluigi Paganini August 30, 2024
Cyber Crime
Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527   ...

Pierluigi Paganini August 30, 2024
APT
Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa

Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. Google TAG (Threat Analysis Group) researchers observed th ...

Pierluigi Paganini August 30, 2024
Security
Cisco addressed a high-severity flaw in NX-OS software

Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent. Cisco released security updates for NX-OS software that address multipl ...

Pierluigi Paganini August 29, 2024
Malware
Corona Mirai botnet spreads via AVTECH CCTV zero-day 

An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai's Security Intelligence and Response Team (SIRT) has detected a botne ...

Pierluigi Paganini August 29, 2024
Security
Telegram CEO Pavel Durov charged in France for facilitating criminal activities

French prosecutors charged CEO Telegram Pavel Durov with facilitating various criminal activities on the messaging platform. French prosecutors have formally charged Telegram CEO Pavel Durov with ...

Pierluigi Paganini August 29, 2024
APT
Iran-linked group APT33 adds new Tickler malware to its arsenal

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked cy ...

Pierluigi Paganini August 29, 2024
Security
U.S. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...

Pierluigi Paganini August 28, 2024
Data Breach
Young Consulting data breach impacts 954,177 individuals

A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breac ...

Pierluigi Paganini August 28, 2024
Malware
BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recentl ...

Pierluigi Paganini August 28, 2024
Cyber Crime
US offers $2.5M reward for Belarusian man involved in mass malware distribution

The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State an ...

Pierluigi Paganini August 28, 2024
Uncategorized
U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)� ...

Pierluigi Paganini August 28, 2024
APT
China-linked APT Volt Typhoon exploited a zero-day in Versa Director

China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt Typhoon exploited a zero-day vulnerability, tr ...

Pierluigi Paganini August 27, 2024
Cyber Crime
Researchers unmasked the notorious threat actor USDoD

CrowdStrike researchers have identified the notorious hacker USDoD who is behind several high-profile data leaks. The notorious hacker USDoD (aka EquationCorp), who is known for high-profile data ...

Pierluigi Paganini August 27, 2024
Digital ID
The Dutch Data Protection Authority (DPA) has fined Uber a record €290M

The Dutch Data Protection Authority (DPA) has fined Uber a record €290M for violating the EU data protection regulation while sending sensitive driver data to the U.S. The Dutch Data Protection ...

Pierluigi Paganini August 27, 2024
Hacking
Google addressed the tenth actively exploited Chrome zero-day this year

Google released emergency security updates to fix the tenth actively exploited Chrome zero-day vulnerability this year. Google released a security update to address a new Chrome zero-day vulnerabi ...

Pierluigi Paganini August 26, 2024
Security
SonicWall addressed an improper access control issue in its firewalls

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnera ...

Pierluigi Paganini August 26, 2024
Hacking
A cyberattack impacted operations at the Port of Seattle and Sea-Tac Airport

A cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted. Media reported that the Port of Seattle, which also ...

Pierluigi Paganini August 26, 2024
Malware
Linux malware sedexp uses udev rules for persistence and evasion

Researchers spotted a new stealthy Linux malware named sedexp that uses Linux udev rules to achieve persistence and evade detection. Aon’s Cyber Solutions spotted a new malware family, called se ...

Pierluigi Paganini August 26, 2024
Cyber Crime
France police arrested Telegram CEO Pavel Durov

French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity. Pavel Durov, the founder and CEO of Teleg ...

Pierluigi Paganini August 25, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer ...

Pierluigi Paganini August 25, 2024
Breaking News
Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini August 25, 2024
Hacking
U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Versa Director bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...

Pierluigi Paganini August 25, 2024
Hacking
Hackers can take over Ecovacs home robots to spy on their owners

Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. During the recent Def Con hacking conference, security r ...

Pierluigi Paganini August 24, 2024
Cyber Crime
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT

A Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the Argentine Federal Police (PFA) arrested a Russi ...

Pierluigi Paganini August 24, 2024
Cyber Crime
Qilin ransomware steals credentials stored in Google Chrome

Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack wh ...

Pierluigi Paganini August 23, 2024
Cyber Crime
Phishing attacks target mobile users via progressive web applications (PWA)

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that ...

Pierluigi Paganini August 23, 2024
Uncategorized
Member of cybercrime group Karakurt charged in the US

The Russian national Deniss Zolotarjovs has been charged in a U.S. court for his role in the Karakurt cybercrime gang. Deniss Zolotarjovs (33), a Russian cybercriminal, has been charged in a U.S. ...

Pierluigi Paganini August 23, 2024
Malware
New malware Cthulhu Stealer targets Apple macOS users

Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (M ...

Pierluigi Paganini August 23, 2024
APT
China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches

China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cybersecurity firm Sygnia reported that the China-lin ...

Pierluigi Paganini August 23, 2024
Hacking
A cyberattack hit US oil giant Halliburton

US oil giant Halliburton announced that it was hit by a cyberattack that is affecting operations at its Houston, Texas offices. Halliburton, a major U.S. oil company, announced that a cyberattack ...

Pierluigi Paganini August 22, 2024
Hacking
U.S. CISA adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersec ...

Pierluigi Paganini August 22, 2024
Hacking
SolarWinds fixed a hardcoded credential issue in Web Help Desk

SolarWinds fixed a hardcoded credential flaw in its Web Help Desk (WHD) software that could allow attackers to gain unauthorized access to vulnerable instances. SolarWinds has addressed a new secu ...

Pierluigi Paganini August 22, 2024
Hacking
A cyberattack disrupted operations of US chipmaker Microchip Technology

Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. U.S. chipmaker Microchip Technology suffered a cyberattack that disrupted operations ...

Pierluigi Paganini August 22, 2024
Hacking
Google addressed the ninth actively exploited Chrome zero-day this year

Google released emergency security updates to fix the ninth actively exploited Chrome zero-day vulnerability this year. ​​Google released an emergency security update to address a Chrome zero- ...

Pierluigi Paganini August 22, 2024
Security
GitHub fixed a new critical flaw in the GitHub Enterprise Server 

GitHub addressed three vulnerabilities in its GitHub Enterprise Server product, including a critical authentication flaw. GitHub addressed three security vulnerabilities impacting the GitHub Enter ...

Pierluigi Paganini August 22, 2024
Security
Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio

Researchers have disclosed a critical security vulnerability in Microsoft's Copilot Studio that could lead to the exposure of sensitive information. Researchers disclosed a critical security vulne ...

Pierluigi Paganini August 21, 2024
Malware
North Korea-linked APT used a new RAT called MoonPeak

North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Talos researchers uncovered the infrastructure us ...

Pierluigi Paganini August 21, 2024
APT
Pro-Russia group Vermin targets Ukraine with a new malware family

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine ...

Pierluigi Paganini August 21, 2024
Hacking
A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning

A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly. Researchers from security firm Quarkslab discovered a backdo ...

Pierluigi Paganini August 21, 2024
Malware
Ransomware payments rose from $449.1 million to $459.8 million

Blockchain analysis firm Chainalysis revealed that ransomware payments rose by approximately 2%, from $449.1 million to $459.8 million. Blockchain analysis firm Chainalysis revealed that while ove ...

Pierluigi Paganini August 20, 2024
Malware
Previously unseen Msupedge backdoor targeted a university in Taiwan

Experts spotted a previously undetected backdoor, dubbed Msupedge, that was employed in an attack against a university in Taiwan.  Broadcom Symantec researchers discovered a previously undetected ...

Pierluigi Paganini August 20, 2024
Hacking
Oracle NetSuite misconfiguration could lead to data exposure

Researchers discovered thousands of Oracle NetSuite e-stores that are vulnerable to data leak, sensitive customer information is at risk. Cybersecurity researchers from AppOmni warn of a potential ...

Pierluigi Paganini August 20, 2024
Data Breach
Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an arc ...

Pierluigi Paganini August 20, 2024
Hacking
CISA adds Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructu ...

Pierluigi Paganini August 19, 2024
Cyber Crime
Researchers uncovered new infrastructure linked to the cybercrime group FIN7

Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potential ...

Pierluigi Paganini August 19, 2024
Hacking
Experts warn of exploit attempt for Ivanti vTM bug

Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit att ...

Pierluigi Paganini August 19, 2024
APT
Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT

Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS sco ...

Pierluigi Paganini August 19, 2024
Malware
The Mad Liberator ransomware group uses social-engineering techniques

New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a n ...

Pierluigi Paganini August 19, 2024
Hacking
From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using 'MasterPrints, 'which are fingerprints that can match multiple other prints. A team of researc ...

Pierluigi Paganini August 18, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Deciphering the Brain Cipher Ransomware   Ideal ...

Pierluigi Paganini August 18, 2024
Breaking News
Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini August 18, 2024
Cyber Crime
Large-scale extortion campaign targets publicly accessible environment variable files (.env)

A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extor ...

Pierluigi Paganini August 18, 2024
Intelligence
OpenAI dismantled an Iranian influence operation targeting the U.S. presidential election

OpenAI announced it had dismantled an Iranian influence operation that was producing content related to the U.S. Presidential election. OpenAI has dismantled an Iran-linked influence operation, tr ...

Pierluigi Paganini August 17, 2024
Data Breach
National Public Data confirms a data breach

Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information.  Background check service National Public D ...

Pierluigi Paganini August 17, 2024
Security
CISA adds SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini August 16, 2024
Deep Web
Russian national sentenced to 40 months for selling stolen data on the dark web

A Russian national was sentenced to over three years in prison for selling stolen information and credentials on a dark web marketplace. The 27-year-old Russian national Georgy Kavzharadze (also k ...

Pierluigi Paganini August 16, 2024
Malware
Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANS ...

Pierluigi Paganini August 16, 2024
Security
Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have i ...

Pierluigi Paganini August 16, 2024
Hacking
Microsoft urges customers to fix zero-click Windows RCE in the TCP/IP stack

Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP rem ...

Pierluigi Paganini August 16, 2024
Cyber Crime
A group linked to RansomHub operation employs EDR-killing tool EDRKillShifter

A cybercrime group linked to the RansomHub ransomware was spotted using a new tool designed to kill EDR software. Sophos reports that a cybercrime group, likely linked to the RansomHub ransomware ...

Pierluigi Paganini August 15, 2024
Security
Google disrupted hacking campaigns carried out by Iran-linked APT42

Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it disrupted a hacking campaign carried out by Iran ...

Pierluigi Paganini August 15, 2024
Cyber Crime
Black Basta ransomware gang linked to a SystemBC malware campaign

Experts linked an ongoing social engineering campaign, aimed at deploying the malware SystemBC, to the Black Basta ransomware group. Rapid7 researchers uncovered a new social engineering campaign ...

Pierluigi Paganini August 15, 2024
Hacking
A massive cyber attack hit Central Bank of Iran and other Iranian banks

Iranian news outlet reported that a major cyber attack targeted the Central Bank of Iran (CBI) and several other banks causing disruptions. Iran International reported that a massive cyber attack ...

Pierluigi Paganini August 15, 2024
APT
China-linked APT Earth Baku targets Europe, the Middle East, and Africa

China-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Earth Baku (a threat actor associated with APT41) ...

Pierluigi Paganini August 14, 2024
Security
SolarWinds addressed a critical RCE in all Web Help Desk versions

SolarWinds addressed a critical remote code execution vulnerability in its Web Help Desk solution for customer support. SolarWinds fixed a critical vulnerability, tracked as CVE-2024-289 ...

Pierluigi Paganini August 14, 2024
Data Breach
Kootenai Health data breach impacted 464,000 patients

Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak ...

Pierluigi Paganini August 14, 2024
Security
Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Microsoft's August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Micros ...

Pierluigi Paganini August 14, 2024
Hacking
A PoC exploit code is available for critical Ivanti vTM bug

Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti addressed a critical ...

Pierluigi Paganini August 13, 2024
Hacking
Elon Musk claims that a DDoS attack caused problems with the livestream interview with Donald Trump

Elon Musk claims that the livestream interview with Donald Trump on the X social media platform was impacted by a cyberattack. Elon Musk claims that a massive DDoS attack caused problems with the ...

Pierluigi Paganini August 13, 2024
APT
CERT-UA warns of a phishing campaign targeting government entities

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukrain ...

Pierluigi Paganini August 13, 2024
Intelligence
US DoJ dismantled remote IT worker fraud schemes run by North Korea

The U.S. DoJ arrested a Tennessee man for running a "laptop farm" that enabled North Korea-linked IT workers to obtain remote jobs with American companies. The U.S. Justice Department arrested Mat ...

Pierluigi Paganini August 13, 2024
Security
A FreeBSD flaw could allow remote code execution, patch it now!

FreeBSD Project maintainers addressed a high-severity flaw in OpenSSH that could allow remote code execution with elevated privileges. The maintainers of the FreeBSD Project have released urgent s ...

Pierluigi Paganini August 12, 2024
APT
EastWind campaign targets Russian organizations with sophisticated backdoors

A campaign tracked as EastWind is targeting Russian government and IT organizations with PlugY and GrewApacha Backdoors. In late July 2024, Kaspersky researchers detected a series of targeted cybe ...

Pierluigi Paganini August 12, 2024
Hacking
Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE

Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclose ...

Pierluigi Paganini August 12, 2024
Cyber warfare
Foreign nation-state actors hacked Donald Trump’s campaign

Donald Trump's campaign reported that its emails were hacked by "foreign sources hostile to the United States." Donald Trump's presidential campaign announced it was hacked, a spokesman attributes ...

Pierluigi Paganini August 11, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Surge in Magniber ransomware attacks impact home users worldw ...

Pierluigi Paganini August 11, 2024
Breaking News
Security Affairs newsletter Round 484 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini August 11, 2024
Cyber Crime
ADT disclosed a data breach that impacted more than 30,000 customers

Physical security firm ADT disclosed a data breach, threat actors stole information from 30,000 customers and leaked it. ADT is a provider of alarm and physical security systems, it employs more t ...

Pierluigi Paganini August 11, 2024
Cyber Crime
Is the INC ransomware gang behind the attack on McLaren hospitals?

A INC Ransom ransomware attack this week disrupted IT and phone systems at McLaren Health Care hospitals. On Tuesday, an INC Ransom ransomware attack hit the McLaren Health Care hospitals and disr ...

Pierluigi Paganini August 10, 2024
Cyber Crime
Crooks took control of a cow milking robot causing the death of a cow

Crooks took control of a cow milking robot and demanded a ransom from a farmer who refused to pay it, resulting in the death of a cow. An extortion attempt had a tragic outcome, cybercriminals too ...

Pierluigi Paganini August 10, 2024
Hacking
Sonos smart speakers flaw allowed to eavesdrop on users

NCC Group discovered vulnerabilities in Sonos smart speakers, including a flaw that could have allowed to eavesdrop on users. Researchers from NCC Group have discovered multiple vulnerabilities in ...

Pierluigi Paganini August 10, 2024
Uncategorized
Five zero-days impacts EoL Cisco Small Business IP Phones. Replace them with newer models asap!

Cisco warns of critical remote code execution zero-day vulnerabilities impacting end-of-life Small Business SPA 300 and SPA 500 series IP phones. Cisco warns of multiple critical remote code execu ...

Pierluigi Paganini August 09, 2024
Hacking
CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...

Pierluigi Paganini August 09, 2024
Intelligence
Russian cyber spies stole data and emails from UK government systems

Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service sto ...

Pierluigi Paganini August 09, 2024
Hacking
0.0.0.0 Day flaw allows malicious websites to bypass security in major browsers

An 18-year-old bug, dubbed "0.0.0.0 Day," allows malicious websites to bypass security in Chrome, Firefox, and Safari to breach local networks. Oligo Security's research team warns of an 18-year ...

Pierluigi Paganini August 08, 2024
Hacking
FBI and CISA update a joint advisory on the BlackSuit Ransomware group

FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint ...

Pierluigi Paganini August 08, 2024
Cyber Crime
Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC. Bayhealth Hospital is a technologically advanced not-for-profit healt ...

Pierluigi Paganini August 08, 2024
Hacking
Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data

Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts. Sonar’s Vulnerability Research Team discovered a critical ...

Pierluigi Paganini August 07, 2024
Malware
New Android spyware LianSpy relies on Yandex Cloud to avoid detection

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown An ...

Pierluigi Paganini August 07, 2024
Hacking
Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Gu ...

Pierluigi Paganini August 07, 2024
Cyber Crime
A ransomware attack hit French museum network

The Réunion des Musées Nationaux network, including Paris' Grand Palais and other museums, was hit by a ransomware attack. A ransomware attack hit the Réunion des Musées Nationaux network, inc ...

Pierluigi Paganini August 06, 2024
Security
CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini August 06, 2024
Breaking News
Google warns of an actively exploited Android kernel flaw

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting ...

Pierluigi Paganini August 06, 2024
Uncategorized
Should Organizations Pay Ransom Demands?

Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, ...

Pierluigi Paganini August 06, 2024
APT
North Korea-linked hackers target construction and machinery sectors with watering hole and supply chain attacks

South Korea's National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea's national security and intelligence agenc ...

Pierluigi Paganini August 06, 2024
Hacking
Researchers warn of a new critical Apache OFBiz flaw

Researchers urge organizations using Apache OFBiz to address a critical bug, following reports of active exploitation of another flaw. Experts urge organizations to address a new critical vulnerab ...

Pierluigi Paganini August 05, 2024
Data Breach
Keytronic incurred approximately $17 million of expenses following ransomware attack

Printed circuit board assembly (PCBA) manufacturer Keytronic reported that a recent ransomware attack led to expenses and lost revenue exceeding $17 million. In June, Keytronic disclosed a data br ...

Pierluigi Paganini August 05, 2024
ICS-SCADA
A flaw in Rockwell Automation ControlLogix 1756 could expose critical control systems to unauthorized access

A security bypass bug in Rockwell Automation ControlLogix 1756 devices could allow unauthorized access to vulnerable devices. A high-severity security bypass vulnerability, tracked as CVE-2024-624 ...

Pierluigi Paganini August 05, 2024
Breaking News
China-linked APT41 breached Taiwanese research institute

China-linked group APT41 breached a Taiwanese government-affiliated research institute using ShadowPad and Cobalt Strike. Cisco Talos researchers reported that the China-linked group compromised a ...

Pierluigi Paganini August 05, 2024
APT
Chinese StormBamboo APT compromised ISP to deliver malware

A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity researchers reported that a China-linked AP ...

Pierluigi Paganini August 04, 2024
Data Breach
Hackers attempt to sell the personal data of 3 billion people resulting from an April data breach

Jerico Pictures Inc., operating as National Public Data, exposed the personal information of nearly 3 billion individuals in an April data breach. A proposed class action claims that Jerico Pictur ...

Pierluigi Paganini August 04, 2024
Malware
Security Affairs Malware Newsletter - Round 5

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unplugging PlugX: Sinkholing the PlugX USB worm botnet & ...

Pierluigi Paganini August 04, 2024
Breaking News
Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini August 04, 2024
Laws and regulations
US sued TikTok and ByteDance for violating children’s privacy laws

The U.S. Department of Justice has sued TikTok and its parent company, ByteDance, for extensive violations of children's privacy laws. The Justice Department and the Federal Trade Commission (FTC) ...

Pierluigi Paganini August 03, 2024
APT
Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. Palo Alto researchers reported that a Russia-linked threat actor known as Fightin ...

Pierluigi Paganini August 03, 2024
Security
Investors sued CrowdStrike over false claims about its Falcon platform

Investors have sued CrowdStrike because the cybersecurity firm made false claims about its Falcon platform. Investors have sued CrowdStrike because the company made false and misleading claims on ...

Pierluigi Paganini August 02, 2024
Hacking
Avtech camera vulnerability actively exploited in the wild, CISA warns

CISA warned that an Avtech camera vulnerability, which is still unpatched, is being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an ad ...

Pierluigi Paganini August 02, 2024
Uncategorized
U.S. released Russian cybercriminals in diplomatic prisoner exchange

Today, 24 prisoners were released in an international swap between Russia and Western countries, including convicted  Russian cybercriminals. In the recent international prisoner swap two not ...

Pierluigi Paganini August 02, 2024
Hacking
Sitting Ducks attack technique exposes over a million domains to hijacking

Researchers warn of an attack vector in the DNS, called the Sitting Ducks, that exposes over a million domains to hackers' takeover. Researchers from Eclypsium and Infoblox have identified an att ...

Pierluigi Paganini August 02, 2024
Hacking
Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation rep ...

Pierluigi Paganini August 01, 2024
Malware
BingoMod Android RAT steals money from victims' bank accounts and wipes data

BingoMod is a new Android malware that can wipe devices after stealing money from the victims' bank accounts. Researchers at Cleafy discovered a new Android malware, called 'BingoMod,' that can w ...

Pierluigi Paganini August 01, 2024
Cyber Crime
A ransomware attack disrupted operations at OneBlood blood bank

OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and ...

Pierluigi Paganini July 31, 2024
Mobile
Apple fixed dozens of vulnerabilities in iOS and macOS

Apple has issued security updates to address multiple vulnerabilities across iOS, macOS, tvOS, visionOS, watchOS, and Safari. Apple released security updates to address multiple vulnerabilities in ...

Pierluigi Paganini July 31, 2024
Cyber Crime
Phishing campaigns target SMBs in Poland, Romania, and Italy with multiple malware families

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishi ...

Pierluigi Paganini July 31, 2024
Uncategorized
A Fortune 50 company paid a record-breaking $75 million ransom

Zscaler researchers revealed that a company paid a record-breaking $75 million ransom to the Dark Angels ransomware group. Zscaler discovered a record-breaking ransom payment of US$75 million made ...

Pierluigi Paganini July 31, 2024
Security
CISA adds VMware ESXi bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a VMware ESXi bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...

Pierluigi Paganini July 30, 2024
Mobile
Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new vers ...

Pierluigi Paganini July 30, 2024
Breaking News
SideWinder phishing campaign targets maritime facilities in multiple countries

The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, an ...

Pierluigi Paganini July 30, 2024
Hacking
A crafty phishing campaign targets Microsoft OneDrive users

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research ...

Pierluigi Paganini July 30, 2024
Cyber Crime
Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the re ...

Pierluigi Paganini July 29, 2024
Hacking
Acronis Cyber Infrastructure bug actively exploited in the wild

Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked ...

Pierluigi Paganini July 29, 2024
Hacking
Fake Falcon crash reporter installer used to target German Crowdstrike users

CrowdStrike warns about a new threat actor targeting German customers by exploiting a recent issue with Falcon Sensor updates. On July 24, 2024, CrowdStrike experts identified a spear-phishing ca ...

Pierluigi Paganini July 29, 2024
Intelligence
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware

Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government's Computer ...

Pierluigi Paganini July 29, 2024
Cyber Crime
French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

French authorities and Europol are conducting a "disinfection operation" targeting hosts compromised by the PlugX malware. The French authorities, with the help of Europol, have launched on July ...

Pierluigi Paganini July 28, 2024
Breaking News
Security Affairs Malware Newsletter - Round 4

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Play Ransomware Group’s New Linux Variant Targets ESXi, Sho ...

Pierluigi Paganini July 28, 2024
Breaking News
Security Affairs newsletter Round 482 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini July 28, 2024
Cyber warfare
Ukraine's cyber operation shut down the ATM services of major Russian banks

Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs ...

Pierluigi Paganini July 27, 2024
Security
A bug in Chrome Password Manager caused user credentials to disappear

Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for more than 18 hours. Google has addressed a bug in Chrome's Password Manager that caused u ...

Pierluigi Paganini July 26, 2024
Security
BIND updates fix four high-severity DoS bugs in the DNS software suite

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released secu ...

Pierluigi Paganini July 26, 2024
Breaking News
Terrorist Activity is Accelerating in Cyberspace - Risk Precursor to Summer Olympics and Elections

Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray express ...

Pierluigi Paganini July 26, 2024
Security
Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server

Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for c ...

Pierluigi Paganini July 25, 2024
Hacking
Critical bug in Docker Engine allowed attackers to bypass authorization plugins

A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score ...

Pierluigi Paganini July 25, 2024
Security
Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers obse ...

Pierluigi Paganini July 25, 2024
Cyber Crime
Michigan Medicine data breach impacted 56953 patients

A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michig ...

Pierluigi Paganini July 25, 2024
Breaking News
U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...

Pierluigi Paganini July 24, 2024
APT
China-linked APT group uses new Macma macOS backdoor version

China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Macma. The China-linked APT group Daggerfly (a ...

Pierluigi Paganini July 24, 2024
Malware
FrostyGoop ICS malware targets Ukraine

In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ...

Pierluigi Paganini July 23, 2024
Malware
Hackers abused swap files in e-skimming attacks on Magento sites

Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap fil ...

Pierluigi Paganini July 23, 2024
Hacktivism
US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. The United States sanctioned Russian hacktivi ...

Pierluigi Paganini July 23, 2024
Hacking
EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos

EvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send malicious APK payloads disguised as videos. ESET researchers discovered a zero-day exploit named EvilVideo th ...

Pierluigi Paganini July 22, 2024
Malware
SocGholish malware used to spread AsyncRAT malware

The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. Huntress researchers observed the JavaScript downloader m ...

Pierluigi Paganini July 22, 2024
Cyber Crime
UK police arrested a 17-year-old linked to the Scattered Spider gang

Law enforcement arrested a 17-year-old boy from Walsall, U.K., for suspected involvement in the Scattered Spider cybercrime syndicate. Law enforcement in the U.K. arrested a 17-year-old teenager f ...

Pierluigi Paganini July 22, 2024
Malware
Security Affairs Malware Newsletter - Round 3

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Hardening of HardBit    10,000 Victims a Da ...

Pierluigi Paganini July 21, 2024
Breaking News
Security Affairs newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini July 21, 2024
Hacking
U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog. The ...

Pierluigi Paganini July 21, 2024
Malware
Threat actors attempted to capitalize CrowdStrike incident

CrowdStrike warns that threat actors are exploiting the recent IT outage caused by their faulty update to distribute Remcos RAT malware. CrowdStrike spotted threat actors attempting to benefit fr ...

Pierluigi Paganini July 20, 2024
Cyber Crime
Russian nationals plead guilty to participating in the LockBit ransomware group

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and M ...

Pierluigi Paganini July 20, 2024
Security
MediSecure data breach impacted 12.9 million individuals

Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provide ...

Pierluigi Paganini July 19, 2024
Security
CrowdStrike update epic fail crashed Windows systems worldwide

Windows machines worldwide displayed BSoD screen following a faulty update pushed out by cybersecurity firm CrowdStrike. A faulty update released by CrowdStrike Falcon is causing Windows systems t ...

Pierluigi Paganini July 19, 2024
Security
Cisco fixed a critical flaw in Security Email Gateway that could allow attackers to add root users

Cisco has addressed a critical vulnerability that could allow attackers to add new root users to Security Email Gateway (SEG) appliances. Cisco fixed a critical vulnerability, tracked as CVE-2024- ...

Pierluigi Paganini July 19, 2024
Hacking
SAPwned flaws in SAP AI core could expose customers' data

Researchers discovered security flaws in SAP AI Core cloud-based platform that could expose customers' data. Cybersecurity researchers at Wiz uncovered five security flaws, collectively tracked ...

Pierluigi Paganini July 18, 2024
Cyber Crime
Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivat ...

Pierluigi Paganini July 18, 2024
Security
How to Protect Privacy and Build Secure AI Products

AI systems are transforming technology and driving innovation across industries. How to protect privacy and build secure AI products? How to Protect Privacy and Build Secure AI Products AI syst ...

Pierluigi Paganini July 18, 2024
Security
A critical flaw in Cisco SSM On-Prem allows attackers to change any user's password

A vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers allows threat actors to change any user's password. Cisco has addressed a critical vulnerability, tracke ...

Pierluigi Paganini July 17, 2024
Data Breach
MarineMax data breach impacted over 123,000 individuals

The world's largest recreational boat and yacht retailer MarineMax, disclosed a data breach following a cyber attack. The world's largest recreational boat and yacht retailer MarineMax disclosed a ...

Pierluigi Paganini July 17, 2024
APT
Void Banshee exploits CVE-2024-38112 zero-day to spread malware

Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void Banshee was spotted exploiting the Windows zer ...

Pierluigi Paganini July 17, 2024
Cyber Crime
The Octo Tempest group adds RansomHub and Qilin ransomware to its arsenal

Microsoft said that in Q2 2024, the Octo Tempest cybercrime gang added RansomHub and Qilin ransomware to its arsenal. In the second quarter of 2024, financially motivated threat actor Octo Tempest ...

Pierluigi Paganini July 17, 2024
Security
CISA adds OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini July 16, 2024
Breaking News
Kaspersky leaves U.S. market following the ban on the sale of its software in the country

Kaspersky is leaving the U.S. market following the recent ban on the sales of its software imposed by the Commerce Department. Russian cybersecurity firm Kaspersky announced its exit from the U.S. ...

Pierluigi Paganini July 16, 2024
Mobile
FBI unlocked the phone of the suspect in the assassination attempt on Donald Trump

The FBI gained access to the password-protected phone of the suspect in the assassination attempt on Donald Trump. The independent website 404 Media first reported that the FBI had successfully ac ...

Pierluigi Paganini July 16, 2024
Malware
Ransomware groups target Veeam Backup & Replication bug

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) impacts the ...

Pierluigi Paganini July 15, 2024
Cyber Crime
AT&T paid a $370,000 ransom to prevent stolen data from being leaked

Wired attributes the recently disclosed AT&T data breach to a hacker living in Turkey and reported the company paid a $370,000 ransom. An American hacker who lives in Turkey claimed responsibi ...

Pierluigi Paganini July 15, 2024
Malware
HardBit ransomware version 4.0 supports new obfuscation techniques

Cybersecurity researchers detailed a new version of the HardBit ransomware that supports new obfuscation techniques to avoid detection. The new version (version 4.0) of the HardBit ransomware come ...

Pierluigi Paganini July 15, 2024
Malware
Dark Gate malware campaign uses Samba file shares

A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details abo ...

Pierluigi Paganini July 15, 2024
Malware
Security Affairs Malware Newsletter - Round 2

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Android Spyware Steals Data from Gamers and TikTok Users& ...

Pierluigi Paganini July 14, 2024
Breaking News
Security Affairs newsletter Round 480 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini July 14, 2024
Cyber Crime
Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Ukrainian national Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID malware operations. The U.S. DoJ sentenced the Ukrainian national Vyacheslav Igorevich Pen ...

Pierluigi Paganini July 13, 2024
Data Breach
Rite Aid disclosed data breach following RansomHub ransomware attack

The American drugstore chain Rite Aid Corporation disclosed a data breach following the cyber attack that hit the company in June. The American drugstore chain giant Rite Aid suffered a data breac ...

Pierluigi Paganini July 13, 2024
Data Breach
New AT&T data breach exposed call logs of almost all customers

AT&T disclosed a new data breach that exposed phone call and text message records for approximately 110 million people. AT&T suffered a massive data breach, attackers stole the call logs f ...

Pierluigi Paganini July 12, 2024
Hacking
Critical flaw in Exim MTA could allow to deliver malware to users' inboxes

A critical vulnerability in Exim mail server allows attackers to deliver malicious executable attachments to mailboxes. Attackers can exploit a critical security flaw, tracked as CVE-2024-39929 (C ...

Pierluigi Paganini July 12, 2024
Security
Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security ...

Pierluigi Paganini July 12, 2024
Cyber Crime
Smishing Triad Is Targeting India To Steal Personal and Payment Data at Scale

Resecurity has identified a new campaign by the Smishing Triad that is targeting India to steal personal and payment data at scale Resecurity (USA) identified a new campaign targeting India Post ( ...

Pierluigi Paganini July 12, 2024
Cyber Crime
October ransomware attack on Dallas County impacted over 200,000 people

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas Co ...

Pierluigi Paganini July 12, 2024
Cyber Crime
CrystalRay operations have scaled 10x to over 1,500 victims

A threat actor known as CrystalRay targeted 1,500 victims since February using tools like SSH-Snake and various open-source utilities. The Sysdig Threat Research Team (TRT) first spotted the thr ...

Pierluigi Paganini July 11, 2024
Hacking
Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The Akamai Security Intelligence Response Team (SIRT) warns that multiple ...

Pierluigi Paganini July 11, 2024
Security
AI-Powered Russia's bot farm operates on X, US and its allies warn

The US and its allies disrupted an AI-powered Russia-linked bot farm on the social media platform X relying on the Meliorator AI software. The U.S. FBI and Cyber National Mission Force, along with ...

Pierluigi Paganini July 11, 2024
Security
VMware fixed critical SQL-Injection in Aria Automation product

VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tr ...

Pierluigi Paganini July 11, 2024
Security
Citrix fixed critical and high-severity bugs in NetScaler product

IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity iss ...

Pierluigi Paganini July 10, 2024
Hacking
A new flaw in OpenSSH can lead to remote code execution

A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select ver ...

Pierluigi Paganini July 10, 2024
Security
Microsoft Patch Tuesday for July 2024 fixed 2 actively exploited zero-days

Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnera ...

Pierluigi Paganini July 10, 2024
Security
U.S. CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ...

Pierluigi Paganini July 10, 2024
Cyber Crime
Evolve Bank data breach impacted over 7.6 million individuals

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached ...

Pierluigi Paganini July 09, 2024
Data Breach
More than 31 million customer email addresses exposed following Neiman Marcus data breach

The recent data breach suffered by the American luxury department store chain Neiman Marcus has exposed more than 31 million customer email addresses. In May 2024, the American luxury retailer and ...

Pierluigi Paganini July 09, 2024
Malware
Avast released a decryptor for DoNex Ransomware and its predecessors

Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomw ...

Pierluigi Paganini July 09, 2024
Data Breach
RockYou2024 compilation containing 10 billion passwords was leaked online

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password comp ...

Pierluigi Paganini July 08, 2024
Hacking
Critical Ghostscript flaw exploited in the wild. Patch it now!

Threat actors are exploiting Ghostscript vulnerability CVE-2024-29510 to bypass the sandbox and achieve remote code execution. Threat actors are actively exploiting a Ghostscript vulnerability, tr ...

Pierluigi Paganini July 08, 2024
Hacking
Apple removed 25 VPN apps from the App Store in Russia following Moscow's requests

Apple removed several virtual private network (VPN) apps from its App Store in Russia following a request from the Russian Government. Russia is tightening its citizens' control over Internet acce ...

Pierluigi Paganini July 08, 2024
Security
CISA adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securi ...

Pierluigi Paganini July 08, 2024
Security
Apache fixed a source code disclosure flaw in Apache HTTP Server

The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple vulnerabiliti ...

Pierluigi Paganini July 07, 2024
Malware
Security Affairs Malware Newsletter - Round 1

Today marks the launch of the Security Affairs newsletter, specializing in Malware. This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best ...

Pierluigi Paganini July 07, 2024
Breaking News
Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini July 07, 2024
Uncategorized
Alabama State Department of Education suffered a data breach following a blocked attack

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had th ...

Pierluigi Paganini July 07, 2024
Malware
GootLoader is still active and efficient

Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereaso ...

Pierluigi Paganini July 06, 2024
Data Breach
Hackers stole OpenAI secrets in a 2023 security breach

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the ...

Pierluigi Paganini July 06, 2024
Data Breach
Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3 ...

Pierluigi Paganini July 05, 2024
Hacking
Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still refer ...

Pierluigi Paganini July 05, 2024
Cyber Crime
New Golang-based Zergeca Botnet appeared in the threat landscape

Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based bo ...

Pierluigi Paganini July 05, 2024
ICS-SCADA
Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus

Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automatio ...

Pierluigi Paganini July 05, 2024
Hacking
Hackers compromised Ethereum mailing list and launched a crypto draining attack

Hackers compromised Ethereum 's mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum's mailing list provider and on ...

Pierluigi Paganini July 05, 2024
Cyber Crime
OVHcloud mitigated a record-breaking DDoS attack in April 2024

OVHcloud successfully mitigated a record-breaking DDoS attack in April, which reached 840 million packets per second (Mpps). The cloud services provider OVHcloud announced it has mitigated a recor ...

Pierluigi Paganini July 04, 2024
Data Breach
Healthcare fintech firm HealthEquity disclosed a data breach

Healthcare firm HealthEquity disclosed a data breach caused by a partner's compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data brea ...

Pierluigi Paganini July 04, 2024
Social Networks
Brazil data protection authority bans Meta from training AI models with data originating in the country

Brazil’s data protection authority temporarily banned Meta from using data originating in the country to train its artificial intelligence. Brazil's data protection authority, Autoridade Naciona ...

Pierluigi Paganini July 04, 2024
Security
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterpri ...

Pierluigi Paganini July 04, 2024
Cyber Crime
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors

An international law enforcement operation code-named Operation Morpheus led to the takedown of 593 Cobalt Strike servers used by crooks. An international law enforcement operation, code-named Ope ...

Pierluigi Paganini July 03, 2024
Cyber Crime
LockBit group claims the hack of the Fairfield Memorial Hospital in the US

The LockBit ransomware group breached another hospital in the United States, the victim is the Fairfield Memorial Hospital in Illinois. It has happened again, another US healthcare organization su ...

Pierluigi Paganini July 03, 2024
Hacking
American Patelco Credit Union suffered a ransomware attack

The American credit union Patelco Credit Union shut down several of its banking systems to contain a ransomware attack. Patelco Credit Union is a member-owned, not-for-profit credit union that se ...

Pierluigi Paganini July 03, 2024
Intelligence
Polish government investigates Russia-linked cyberattack on state news agency

The Polish government is investigating a potential connection between Russia and a cyberattack on the country’s state news agency. The Polish government is investigating a suspected link between ...

Pierluigi Paganini July 03, 2024
Cyber Crime
Evolve Bank data breach impacted fintech firms Wise and Affirm

Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by ...

Pierluigi Paganini July 02, 2024
Data Breach
Prudential Financial data breach impacted over 2.5 million individuals

Prudential Financial confirmed that more than 2.5 million individuals were affected by the data breach it suffered in February 2024. The insurance company Prudential Financial confirmed that the d ...

Pierluigi Paganini July 02, 2024
Cyber Crime
Australian man charged for Evil Twin Wi-Fi attacks on domestic flights

An Australian man has been charged with carrying out 'Evil Twin' Wi-Fi attack during a domestic flight to steal user credentials and data. An Evil Twin Wi-Fi attack is a type of cyberattack where ...

Pierluigi Paganini July 02, 2024
APT
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-202 ...

Pierluigi Paganini July 02, 2024
Security
Critical unauthenticated remote code execution flaw in OpenSSH server

A critical flaw in the OpenSSH server can be exploited to achieve unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintainers addressed a critical ...

Pierluigi Paganini July 01, 2024
Cyber Crime
Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania

Wayne Memorial Hospital in Pennsylvania was the victim of a cyber attack, Monti gang claimed to have hacked the healthcare infrastructure. Another critical infrastructure healthcare suffered a sec ...

Pierluigi Paganini July 01, 2024
Hacking
Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769

Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation a ...

Pierluigi Paganini July 01, 2024
Hacking
Russia-linked Midnight Blizzard stole email of more Microsoft customers

Microsoft warned more customers about email theft linked to the previously reported Midnight Blizzard hacking campaign. The Russia-linked cyberespionage group Midnight Blizzard continues to target ...

Pierluigi Paganini June 30, 2024
Hacking
Russia-linked group APT29 likely breached TeamViewer's corporate network

Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer 's corporate network. TeamViewer discovered that a threat actor has breached its corporate network and som ...

Pierluigi Paganini June 30, 2024
Breaking News
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini June 30, 2024
Data Breach
Infosys McCamish Systems data breach impacted over 6 million people

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing ...

Pierluigi Paganini June 29, 2024
Hacking
A cyberattack shut down the University Hospital Centre Zagreb in Croatia

A cyber attack started targeting the University Hospital Centre Zagreb (KBC Zagreb) on Wednesday night, reported the Croatian Radiotelevision. A cyber attack began targeting the University Hospita ...

Pierluigi Paganini June 28, 2024
Hacking
US announces a $10M reward for Russia's GRU hacker behind attacks on Ukraine

The US DoJ announced charges against a member of Russia's military intelligence service GRU for conducting wiper attacks on Ukraine in 2022. The US Department of Justice (DoJ) announced charges ag ...

Pierluigi Paganini June 28, 2024
Cyber Crime
LockBit group falsely claimed the hack of the Federal Reserve

The LockBit ransomware group seems to have lied when they announced the hack of the US Federal Reserve. The real victim is the Evolve Bank. The LockBit ransomware group hasn't hacked the Federal R ...

Pierluigi Paganini June 27, 2024
Security
CISA adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...

Pierluigi Paganini June 27, 2024
Malware
New P2Pinfect version delivers miners and ransomware on Redis servers

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in atta ...

Pierluigi Paganini June 27, 2024
Hacking
New MOVEit Transfer critical bug is actively exploited

Experts warn of active exploitation of a critical authentication bypass vulnerability in MOVEit Transfer file transfer software. Progress Software addressed two critical authentication bypass vuln ...

Pierluigi Paganini June 26, 2024
Malware
New Caesar Cipher Skimmer targets popular CMS used by e-stores

A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer, called Caesar Cipher Ski ...

Pierluigi Paganini June 26, 2024
Cyber Crime
Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw

Researchers warn that a Mirai-based botnet is exploiting a recently disclosed critical vulnerability in EoL Zyxel NAS devices. Researchers at the Shadowserver Foundation warn that a Mirai-based bo ...

Pierluigi Paganini June 25, 2024
Security
Wikileaks founder Julian Assange is free

WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five years in Belmarsh prison. Julian Assange is free after five years in Belmarsh prison, the WikiLe ...

Pierluigi Paganini June 25, 2024
Data Breach
CISA confirmed that its CSAT environment was breached in January.

CISA warned chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was compromised in January. CISA warns chemical facilities that its Chemical Security Assessment Tool ...

Pierluigi Paganini June 25, 2024
Cyber Crime
Threat actors compromised 1,590 CoinStats crypto wallets

Threat actors breached 1,590 cryptocurrency wallets of the cryptocurrency portfolio management and tracking platform CoinStats. The cryptocurrency portfolio management and tracking platform CoinSt ...

Pierluigi Paganini June 24, 2024
Breaking News
Experts observed approximately 120 malicious campaigns using the Rafel RAT

Multiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research identified multiple threat actors using Rafel, ...

Pierluigi Paganini June 24, 2024
Cyber Crime
LockBit claims the hack of the US Federal Reserve

The Lockbit ransomware group announced that it had breached the US Federal Reserve and exfiltrated 33 TB of sensitive data. The Lockbit ransomware group announced that it had breached the systems ...

Pierluigi Paganini June 24, 2024
Cyber Crime
Ransomware threat landscape Jan-Apr 2024: insights and challenges

Between Jan and Apr 2024, the global ransomware landscape witnessed significant activity, with 1420 ransomware claims reported worldwide. In the first four months of 2024, the global ransomware la ...

Pierluigi Paganini June 24, 2024
Breaking News
ExCobalt Cybercrime group targets Russian organizations in multiple sectors

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gan ...

Pierluigi Paganini June 24, 2024
Cyber Crime
Threat actor attempts to sell 30 million customer records allegedly stolen from TEG

A threat actor is offering for sale customer data allegedly stolen from the Australia-based live events and ticketing company TEG. TEG (Ticketek Entertainment Group) is an Australian company that ...

Pierluigi Paganini June 23, 2024
Security
Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini June 23, 2024
Hacking
Threat actors are actively exploiting SolarWinds Serv-U bug CVE-2024-28995

Threat actors are actively exploiting a recently discovered vulnerability in SolarWinds Serv-U software using publicly available proof-of-concept (PoC) code. Threat actors are actively exploiting ...

Pierluigi Paganini June 23, 2024
Security
US government sanctions twelve Kaspersky Lab executives

The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned twelve Kaspersky Lab executives for their role in the Russian company. The Treasury Department's Office of Foreign Ass ...

Pierluigi Paganini June 22, 2024
Cyber Crime
Experts found a bug in the Linux version of RansomHub ransomware

The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encry ...

Pierluigi Paganini June 22, 2024
Hacking
UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models

A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware security firm Eclypsium discovered a vulnerability, ...

Pierluigi Paganini June 21, 2024
APT
Russia-linked APT Nobelium targets French diplomatic entities

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information sec ...

Pierluigi Paganini June 21, 2024
Laws and regulations
US bans sale of Kaspersky products due to risks to national security

The US government announced the ban on selling Kaspersky software due to security risks from Russia and urged citizens to replace it. The Biden administration announced it will ban the sale of Kas ...

Pierluigi Paganini June 20, 2024
Security
Atlassian fixed six high-severity bugs in Confluence Data Center and Server

Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-se ...

Pierluigi Paganini June 20, 2024
APT
China-linked spies target Asian Telcos since at least 2021

A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has ...

Pierluigi Paganini June 20, 2024
Malware
New Rust infostealer Fickle Stealer spreads through various attack methods

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration A new Rust malware called Fickle Stealer spreads through various attack methods and steals sensitive information. ...

Pierluigi Paganini June 20, 2024
Hacking
An unpatched bug allows anyone to impersonate Microsoft corporate email accounts

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered ...

Pierluigi Paganini June 20, 2024
Cyber Crime
Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

Resecurity researchers warn of a new activity of Smishing Triad, which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad, which has expanded its o ...

Pierluigi Paganini June 20, 2024
Hacking
Alleged researchers stole $3 million from Kraken exchange

Alleged researchers have exploited a zero-day in Kraken crypto exchange to steal $3 million worth of cryptocurrency. Kraken Chief Security Officer Nick Percoco revealed that alleged security resea ...

Pierluigi Paganini June 19, 2024
Security
Google Chrome 126 update addresses multiple high-severity flaws

Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing s ...

Pierluigi Paganini June 19, 2024
Data Breach
Chip maker giant AMD investigates a data breach

AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they we ...

Pierluigi Paganini June 19, 2024
Cyber Crime
Cryptojacking campaign targets exposed Docker APIs

A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the at ...

Pierluigi Paganini June 19, 2024
Hacking
VMware fixed RCE and privilege escalation bugs in vCenter Server

VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exp ...

Pierluigi Paganini June 18, 2024
Laws and regulations
Meta delays training its AI using public content shared by EU users 

Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its ...

Pierluigi Paganini June 18, 2024
Data Breach
Keytronic confirms data breach after ransomware attack

Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly sto ...

Pierluigi Paganini June 18, 2024
Cyber Crime
The Financial Dynamics Behind Ransomware Attacks

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim's ...

Pierluigi Paganini June 18, 2024
Deep Web
Empire Market owners charged with operating $430M dark web marketplace

Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka "Dopenugget ...

Pierluigi Paganini June 17, 2024
APT
China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances to breach target networks. In late 2023, Sygnia researchers responded to an incident suffere ...

Pierluigi Paganini June 17, 2024
Data Breach
LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals

The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the ...

Pierluigi Paganini June 17, 2024
Cyber Crime
Spanish police arrested an alleged member of the Scattered Spider group

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of be ...

Pierluigi Paganini June 17, 2024
Security
Online job offers, the reshipping and money mule scams

Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid scheme ...

Pierluigi Paganini June 17, 2024
Breaking News
Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini June 16, 2024
Security
ASUS fixed critical remote authentication bypass bug in several routers

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerabil ...

Pierluigi Paganini June 16, 2024
Cyber Crime
London hospitals canceled over 800 operations in the week after Synnovis ransomware attack

NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were forced to cancel planned operations. NHS England confirmed that the recent ransomware attack ...

Pierluigi Paganini June 15, 2024
Laws and regulations
DORA Compliance Strategy for Business Leaders

In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and an ...

Pierluigi Paganini June 14, 2024
Security
CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ...

Pierluigi Paganini June 14, 2024
Hacking
City of Cleveland still working to fully restore systems impacted by a cyber attack

Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was t ...

Pierluigi Paganini June 14, 2024
Security
Google fixed an actively exploited zero-day in the Pixel Firmware

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tr ...

Pierluigi Paganini June 13, 2024
Security
Multiple flaws in Fortinet FortiOS fixed

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS a ...

Pierluigi Paganini June 13, 2024
Hacking
CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini June 12, 2024
Breaking News
Ukraine Police arrested a hacker who developed a crypter used by Conti and LockBit ransomware operation

The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (2 ...

Pierluigi Paganini June 12, 2024
Security
JetBrains fixed IntelliJ IDE flaw exposing GitHub access tokens

JetBrains warned to fix a critical vulnerability in IntelliJ integrated development environment (IDE) apps that exposes GitHub access tokens. JetBrains warned customers to address a critical vulne ...

Pierluigi Paganini June 12, 2024
Security
Microsoft Patch Tuesday security updates for June 2024 fixed only one critical issue

Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw. Microsoft Patch Tuesday security updates for June 2024 ...

Pierluigi Paganini June 12, 2024
Data Breach
Cylance confirms the legitimacy of data offered for sale in the dark web

A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000. A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen dat ...

Pierluigi Paganini June 11, 2024
Hacking
Arm zero-day in Mali GPU Drivers actively exploited in the wild

Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, track ...

Pierluigi Paganini June 11, 2024
Hacking
Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. Patch it now!

A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Ent ...

Pierluigi Paganini June 11, 2024
Security
Japanese video-sharing platform Niconico was victim of a cyber attack

The Japanese video-sharing platform, Niconico, was forced to suspend its services following a cybersecurity incident. The Japanese video-sharing platform, Niconico, temporarily suspended its servi ...

Pierluigi Paganini June 10, 2024
Cyber Crime
UK NHS call for O-type blood donations following ransomware attack on London hospitals

The UK NHS issued an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals. The UK National Health Service (NHS) issued an urgent call for ...

Pierluigi Paganini June 10, 2024
Data Breach
Christie’s data breach impacted 45,798 individuals

Auction house Christie’s revealed that the data breach caused by the recent ransomware attack impacted 45,000 individuals. At the end of May, the auction house Christie’s disclosed a data bre ...

Pierluigi Paganini June 10, 2024
Hacking
Sticky Werewolf targets the aviation industry in Russia and Belarus

Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023, initial ...

Pierluigi Paganini June 10, 2024
Data Breach
Frontier Communications data breach impacted over 750,000 individuals

Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen ...

Pierluigi Paganini June 10, 2024
Breaking News
PHP addressed critical RCE flaw potentially impacting millions of servers

A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE disc ...

Pierluigi Paganini June 09, 2024
Security
Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini June 09, 2024
Security
SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform

SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address mul ...

Pierluigi Paganini June 07, 2024
Cyber Crime
Pandabuy was extorted twice by the same threat actor

Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pa ...

Pierluigi Paganini June 07, 2024
Intelligence
UAC-0020 threat actor used the SPECTR Malware to target Ukraine's defense forces

Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA ...

Pierluigi Paganini June 07, 2024
Cyber Crime
A new Linux version of TargetCompany ransomware targets VMware ESXi environments

A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell sc ...

Pierluigi Paganini June 06, 2024
Security
FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. The FBI is inviting victims of LockBit ra ...

Pierluigi Paganini June 06, 2024
Malware
RansomHub operation is a rebranded version of the Knight RaaS

Researchers believe the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation. Cybersecurity experts who analyzed the recently emerged ransomware operation Ra ...

Pierluigi Paganini June 06, 2024
Digital ID
Malware can steal data collected by the Windows Recall tool, experts warn

Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to ...

Pierluigi Paganini June 05, 2024
Breaking News
Cisco addressed Webex flaws used to compromise German government meetings

Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited v ...

Pierluigi Paganini June 05, 2024
Hacking
CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing p ...

Pierluigi Paganini June 05, 2024
Security
Zyxel addressed three RCEs in end-of-life NAS devices

Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical ...

Pierluigi Paganini June 05, 2024
Cyber Crime
A ransomware attack on Synnovis impacted several London hospitals

A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnosti ...

Pierluigi Paganini June 04, 2024
Data Breach
RansomHub gang claims the hack of the telecommunications giant Frontier Communications

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stol ...

Pierluigi Paganini June 04, 2024
Cyber Crime
Cybercriminals attack banking customers in EU with V3B phishing kit - PhotoTAN and SmartID supported.

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. Resecurity has uncovered a new cybercriminal group pro ...

Pierluigi Paganini June 04, 2024
Hacking
Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers

Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Researchers published a proof-of-concept (PoC) exploit code for an authentic ...

Pierluigi Paganini June 04, 2024
Security
Multiple flaws in Cox modems could have impacted millions of devices

Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox ...

Pierluigi Paganini June 04, 2024
Hacking
CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracl ...

Pierluigi Paganini June 03, 2024
Cyber Crime
Spanish police shut down illegal TV streaming network

Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distri ...

Pierluigi Paganini June 03, 2024
APT
APT28 targets key networks in Europe with HeadLace malware

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU's unit APT28 targeti ...

Pierluigi Paganini June 03, 2024
Deep Web
Experts found information of European politicians on the dark web

Personal information of hundreds of British and EU politicians is available on dark web marketplaces. According to research conducted by Proton and Constella Intelligence, the email addresses and ...

Pierluigi Paganini June 03, 2024
Hacking
FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware

Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a R ...

Pierluigi Paganini June 02, 2024
Breaking News
Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini June 02, 2024
Data Breach
Ticketmaster confirms data breach impacting 560 million customers

Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently cla ...

Pierluigi Paganini June 01, 2024
Hacking
Critical Apache Log4j2 flaw still threatens global finance

The vulnerability CVE-2021-44832 is Apache Log4j2 library is still a serious problem for multiple industries, expert warns it threatens global Finance. The independent cyber threat intelligence an ...

Pierluigi Paganini June 01, 2024
Security
Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin

Crooks stole approximately 48.2 billion yen ($304 million) worth of Bitcoin from the Japanese cryptocurrency exchange DMM Bitcoin. The Japanese cryptocurrency exchange DMM Bitcoin announced that c ...

Pierluigi Paganini June 01, 2024
Data Breach
ShinyHunters is selling data of 30 million Santander customers

The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a hug ...

Pierluigi Paganini May 31, 2024
Malware
Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours 

The Chalubo trojan destroyed over 600,000 SOHO routers from a single ISP, researchers from Lumen Technologies reported. Between October 25 and October 27, 2023, the Chalubo malware destroyed more ...

Pierluigi Paganini May 31, 2024
APT
LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021

A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021. Cisco Talos researchers reported that a previously undocumented ...

Pierluigi Paganini May 31, 2024
Data Breach
BBC disclosed a data breach impacting its Pension Scheme members

The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members. The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files o ...

Pierluigi Paganini May 31, 2024
Security
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the f ...

Pierluigi Paganini May 30, 2024
Malware
Experts found a macOS version of the sophisticated LightSpy spyware

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of ...

Pierluigi Paganini May 30, 2024
Cyber Crime
Operation Endgame, the largest law enforcement operation ever against botnets

An international law enforcement operation, called Operation Endgame targeted multiple botnets and their operators. Between 27 and 29 May 2024, an international law enforcement operation coordinat ...

Pierluigi Paganini May 30, 2024
Cyber Crime
Law enforcement operation dismantled 911 S5 botnet

An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcem ...

Pierluigi Paganini May 30, 2024
Cyber Crime
Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature

Identity and access management firm Okta warns of credential stuffing attacks targeting the Customer Identity Cloud (CIC) feature. Okta warns of credential stuffing attacks targeting its Custome ...

Pierluigi Paganini May 30, 2024
Digital ID
Check Point released hotfix for actively exploited VPN zero-day

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero- ...

Pierluigi Paganini May 29, 2024
Data Breach
ABN Amro discloses data breach following an attack on a third-party provider

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provid ...

Pierluigi Paganini May 29, 2024
Cyber Crime
Christie disclosed a data breach after a RansomHub attack

Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred this month. Auction house Christie’s disclosed a data breach after the ransomware group RansomHub ...

Pierluigi Paganini May 28, 2024
Hacking
Experts released PoC exploit code for RCE in Fortinet SIEM

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at Horizon3's Attack Team released a proof-of-co ...

Pierluigi Paganini May 28, 2024
Malware
WordPress Plugin abused to install e-skimmers in e-commerce sites

Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress ...

Pierluigi Paganini May 28, 2024
Hacking
TP-Link Archer C5400X gaming router is affected by a critical flaw

Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router. Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerabil ...

Pierluigi Paganini May 28, 2024
Data Breach
Sav-Rx data breach impacted over 2.8 million individuals

Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2 ...

Pierluigi Paganini May 27, 2024
Security
The Impact of Remote Work and Cloud Migrations on Security Perimeters

Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. What is the impact? The almost overnight shift to remote work ...

Pierluigi Paganini May 27, 2024
Malware
New ATM Malware family emerged in the threat landscape

Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to ...

Pierluigi Paganini May 27, 2024
Security
A high-severity vulnerability affects Cisco Firepower Management Center

Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software.  Cisco addressed a vulnerability, tracked as CVE-2024-20360 ...

Pierluigi Paganini May 27, 2024
Cyber warfare
CERT-UA warns of malware campaign conducted by threat actor UAC-0006

The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned o ...

Pierluigi Paganini May 26, 2024
Breaking News
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini May 26, 2024
Hacking
Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack

Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for ...

Pierluigi Paganini May 26, 2024
Cyber Crime
Fake AV websites used to distribute info-stealer malware

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advance ...

Pierluigi Paganini May 25, 2024
APT
MITRE December 2023 attack: Threat actors created rogue VMs to evade detection

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update abou ...

Pierluigi Paganini May 25, 2024
Hacking
An XSS flaw in GitLab allows attackers to take over accounts

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked ...

Pierluigi Paganini May 24, 2024
Hacking
Google fixes eighth actively exploited Chrome zero-day this year, the third in a month

Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a n ...

Pierluigi Paganini May 24, 2024
Security
CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog

CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healt ...

Pierluigi Paganini May 24, 2024
Hacking
Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provi ...

Pierluigi Paganini May 24, 2024
Security
Recall feature in Microsoft Copilot+ PCs raises privacy and security concerns

UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user's laptop every few seconds. The UK data watchdog, the Information ...

Pierluigi Paganini May 24, 2024
APT
APT41: The threat of KeyPlug against Italian industries

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware T ...

Pierluigi Paganini May 23, 2024
Security
Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabil ...

Pierluigi Paganini May 23, 2024
APT
Chinese actor 'Unfading Sea Haze' remained undetected for five years

A previously unknown China-linked threat actor dubbed 'Unfading Sea Haze' has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown Ch ...

Pierluigi Paganini May 23, 2024
Uncategorized
A consumer-grade spyware app found in check-in systems of 3 US hotels

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app ...

Pierluigi Paganini May 23, 2024
Security
Critical Veeam Backup Enterprise Manager authentication bypass bug

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in ...

Pierluigi Paganini May 22, 2024
Cyber Crime
Cybercriminals are targeting elections in India with influence campaigns

Resecurity warns of a surge in malicious cyber activity targeting the election in India, orchestrated by several independent hacktivist groups Resecurity has identified a spike of malicious cyber ...

Pierluigi Paganini May 22, 2024
Hacking
Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentica ...

Pierluigi Paganini May 22, 2024
Data Breach
OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. OmniVision Technologies is a company that specializes in developing advanced digital ...

Pierluigi Paganini May 22, 2024
Security
CISA adds NextGen Healthcare Mirth Connect flaw to its Known Exploited Vulnerabilities catalog

CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini May 21, 2024
Cyber Crime
Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. Atlas is one of the largest national fuel distributors to 49 cont ...

Pierluigi Paganini May 21, 2024
Hacking
Experts warn of a flaw in Fluent Bit utility that is used by major cloud platforms and firms

A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulner ...

Pierluigi Paganini May 21, 2024
Hacking
Experts released PoC exploit code for RCE in QNAP QTS

Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor's NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabili ...

Pierluigi Paganini May 21, 2024
Cyber Crime
GitCaught campaign relies on Github and Filezilla to deliver multiple malware

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future's Insikt Group discovered a sophisticated cy ...

Pierluigi Paganini May 20, 2024
Hacking
Two students uncovered a flaw that allows to use laundry machines for free

Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and ai ...

Pierluigi Paganini May 20, 2024
Malware
Grandoreiro Banking Trojan is back and targets banks worldwide

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan ...

Pierluigi Paganini May 20, 2024
Data Breach
Healthcare firm WebTPA data breach impacted 2.5 million individuals

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare managem ...

Pierluigi Paganini May 19, 2024
Breaking News
Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini May 19, 2024
APT
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.  Symantec researchers observed the North Korea-linked ...

Pierluigi Paganini May 19, 2024
Intelligence
North Korea-linked IT workers infiltrated hundreds of US firms

The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an A ...

Pierluigi Paganini May 18, 2024
APT
Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors na ...

Pierluigi Paganini May 17, 2024
Cyber Crime
City of Wichita disclosed a data breach after the recent ransomware attack

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas's city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware ...

Pierluigi Paganini May 17, 2024
Security
CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

CISA adds two D-Link DIR-600 and DIR-605 router vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the followi ...

Pierluigi Paganini May 17, 2024
Cyber Crime
CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog

CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabil ...

Pierluigi Paganini May 17, 2024
APT
North Korea-linked Kimsuky APT attack targets victims via Messenger

North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genians Security Center (GSC) identified a new at ...

Pierluigi Paganini May 17, 2024
Cyber Crime
Electronic prescription provider MediSecure impacted by a ransomware attack

Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. MediSecure is a company that provides digital health solutions, pa ...

Pierluigi Paganini May 16, 2024
Hacking
Google fixes seventh actively exploited Chrome zero-day this year, the third in a week

Google released security updates to address a new actively exploited Chrome zero-day vulnerability, the third in a week. Google has released a new emergency security update to address a new vulner ...

Pierluigi Paganini May 16, 2024
Data Breach
Santander: a data breach at a third-party provider impacted customers and employees

The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay. The Spanish financial institution Santander revealed a data breac ...

Pierluigi Paganini May 16, 2024
Cyber Crime
FBI seized the notorious BreachForums hacking forum

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purcha ...

Pierluigi Paganini May 15, 2024
Cyber Crime
A Tornado Cash developer has been sentenced to 64 months in prison

One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison. Alexey Pertsev (29), one of the main developers of the Tornado Cash cryptocurrency mixer h ...

Pierluigi Paganini May 15, 2024
Security
Adobe fixed multiple critical flaws in Acrobat and Reader

Adobe addressed multiple code execution vulnerabilities in several products, including Adobe Acrobat and Reader. Adobe addressed multiple code execution vulnerabilities in its products, including ...

Pierluigi Paganini May 15, 2024
Data Breach
Ransomware attack on Singing River Health System impacted 895,000 people

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and ...

Pierluigi Paganini May 15, 2024
Security
Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days

Microsoft Patch Tuesday security updates for May 2024 fixed 59 flaws across various products including an actively exploited zero-day. Microsoft Patch Tuesday security updates for May 2024 address ...

Pierluigi Paganini May 14, 2024
Hacking
VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024

VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024 VMware addressed four vulnerabilities in its Workstatio ...

Pierluigi Paganini May 14, 2024
Security
MITRE released EMB3D Threat Model for embedded devices

The non-profit technology organization MITRE released the EMB3D threat model for embedded devices used in critical infrastructure. MITRE announced the public release of its EMB3D threat model for ...

Pierluigi Paganini May 14, 2024
Hacking
Google fixes sixth actively exploited Chrome zero-day this year

Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulner ...

Pierluigi Paganini May 14, 2024
Malware
Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey's Cybersecurity and Communications Integration Cell (NJCCIC)� ...

Pierluigi Paganini May 14, 2024
Hacking
Threat actors may have exploited a zero-day in older iPhones, Apple warns

Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhon ...

Pierluigi Paganini May 13, 2024
Data Breach
City of Helsinki suffered a data breach

The City of Helsinki suffered a data breach that impacted tens of thousands of students, guardians, and personnel. The Police of Finland is investigating a data breach suffered by the City of Hels ...

Pierluigi Paganini May 13, 2024
Cyber Crime
Russian hackers defaced local British news sites

A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be "first-class ...

Pierluigi Paganini May 13, 2024
Data Breach
Australian Firstmac Limited disclosed a data breach after cyber attack

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders i ...

Pierluigi Paganini May 13, 2024
Hacking
Pro-Russia hackers targeted Kosovo’s government websites

Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government's support to Ukraine with military equipment. Pro-Russia hackers targeted Kosovo government websites, in ...

Pierluigi Paganini May 12, 2024
Breaking News
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Securi