LATEST NEWS

VIEW ALL
Google Transparency Report at first glance
Pierluigi Paganini March 28, 2014

Google has published its new Google Transparency Report related to the second semester of 2013, the number of requests for user information is still increasing. While the Internet users continue to c ...

Netcraft stats on the increasing abuse for WordPress installations
Pierluigi Paganini March 28, 2014

More than 12,000 phishing sites analyzed by Netcraft are hosted on compromised WordPress installations, the websites were used also to serve malicious code. Netcraft internet services company publish ...

Gameover ZeuS is Targeting recruitment websites
Pierluigi Paganini March 27, 2014

Security experts at F-Secure have detected a new variant of Gameover ZeuS financial Trojan which is targeting recruitment websites. Zeus Trojan is probably one of the most prolific and long-lived mal ...

FireEye uncovered APTs exploiting interest on Malaysian Flight MH370
Pierluigi Paganini March 27, 2014

Security experts at FireEye uncovered a cyber espionage campaign based on multiple MH370 themed spear phishing emails. Security researchers at FireEye have revealed a link between a recent sp ...

recent articles

Hacking
U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)� ...

Pierluigi Paganini December 06, 2024
Security
Hundred of CISCO switches impacted by bootloader flaw

A bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature checks. Cisco released security patches for a vulnerability, tracked as CVE-2024-2039 ...

Pierluigi Paganini December 06, 2024
Cyber Crime
Operation Destabilise dismantled Russian money laundering networks

Operation Destabilise: The U.K. National Crime Agency disrupted Russian money laundering networks tied to organized crime. The U.K. National Crime Agency (NCA) disrupted Russian money laundering n ...

Pierluigi Paganini December 05, 2024
APT
Russia-linked APT Secret Blizzard spotted using infrastructure of other threat actors

Russia-linked APT group Secret Blizzard has used the tools and infrastructure of at least 6 other threat actors during the past 7 years. Researchers from Microsoft Threat Intelligence collected ev ...

Pierluigi Paganini December 05, 2024
APT
China-linked APT Salt Typhoon has breached telcos in dozens of countries

China-linked APT group Salt Typhoon has breached telecommunications companies in dozens of countries, US govt warns. President Biden's deputy national security adviser Anne Neuberger said that Chi ...

Pierluigi Paganini December 05, 2024
Breaking News
Black Basta ransomware gang hit BT Group

BT Group (formerly British Telecom)'s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Gro ...

Pierluigi Paganini December 04, 2024
Cyber Crime
Authorities shut down Crimenetwork, the Germany's largest crime marketplace

Germany's largest crime marketplace, Crimenetwork, has been shut down, and an administrator has been arrested. German authorities announced the takedown of Crimenetwork, the largest German-speakin ...

Pierluigi Paganini December 04, 2024
Security
Veeam addressed critical Service Provider Console (VSPC) bug

Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code. Veeam released security updates for a critical vulnerabilit ...

Pierluigi Paganini December 04, 2024
Hacking
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory ...

Pierluigi Paganini December 04, 2024
Security
U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...

Pierluigi Paganini December 04, 2024
Hacking
The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is bei ...

Pierluigi Paganini December 03, 2024
Cyber Crime
DMM Bitcoin halts operations six months after a $300 million cyber heist

The Japanese cryptocurrency platform DMM Bitcoin is closing its operations just six months after a $300 million cyber heist. DMM Bitcoin is a cryptocurrency exchange based in Japan, operated by DM ...

Pierluigi Paganini December 03, 2024
Cyber Crime
Energy industry contractor ENGlobal Corporation discloses a ransomware attack

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industr ...

Pierluigi Paganini December 03, 2024
Intelligence
Poland probes Pegasus spyware abuse under the PiS government

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland's government has been investigating the alleged misus ...

Pierluigi Paganini December 03, 2024
Digital ID
Tor Project needs 200 WebTunnel bridges more to bypass Russia' censorship

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Recent reports from Russia show increased censorship targeting the Tor network, including b ...

Pierluigi Paganini December 02, 2024
Cyber Crime
Interpol: Operation HAECHI-V led to more than 5,500 suspects arrested

International law enforcement operation Operation HAECHI-V led to more than 5,500 suspects arrested and seized over $400 million. A global operation code-named Operation HAECHI V, involving 40 cou ...

Pierluigi Paganini December 02, 2024
Uncategorized
How threat actors can use generative artificial intelligence?

Generative Artificial Intelligence (GAI) is rapidly revolutionizing various industries, including cybersecurity, allowing the creation of realistic and personalized content. The capabilities that ...

Pierluigi Paganini December 02, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 22

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware E ...

Pierluigi Paganini December 01, 2024
Breaking News
Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 01, 2024
Security
Hackers stole millions of dollars from Uganda Central Bank

Financially-motivated threat actors hacked Uganda 's central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered ...

Pierluigi Paganini December 01, 2024
Cyber Crime
Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian authorities arrested a ransomware affiliate, Mikhail Pav ...

Pierluigi Paganini November 30, 2024
Cyber Crime
Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Trustwave researchers are monitoring malicious a ...

Pierluigi Paganini November 29, 2024
Security
Zello urges users to reset passwords following a cyber attack

Zello urges customers with accounts created before November 2 to reset passwords following a potential security breach. Zello is warning customers who have an account created before November 2 to ...

Pierluigi Paganini November 29, 2024
Uncategorized
A cyberattack impacted operations at UK Wirral University Teaching Hospital

UK's Wirral University Teaching Hospital suffered a cyberattack that caused delays in appointments and procedures. Wirral University Teaching Hospital NHS Foundation Trust (WUTH) is an NHS Foundat ...

Pierluigi Paganini November 28, 2024
Uncategorized
T-Mobile detected network intrusion attempts and blocked them

T-Mobile reported recent infiltration attempts but pointed out that threat actors had no access to its systems and no sensitive data was compromised. T-Mobile detected recent infiltration attempts ...

Pierluigi Paganini November 28, 2024
Hacking
ProjectSend critical flaw actively exploited in the wild, experts warn

Researchers warn that a critical security flaw in ProjectSend open-source file-sharing application may be under active exploitation. VulnCheck researchers warn that ProjectSend vulnerability CVE- ...

Pierluigi Paganini November 28, 2024
Malware
Bootkitty is the first UEFI Bootkit designed for Linux systems

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UE ...

Pierluigi Paganini November 27, 2024
Security
VMware fixed five vulnerabilities in Aria Operations product

Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five ...

Pierluigi Paganini November 27, 2024
Cyber Crime
Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries

Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries and dismantled 134,089 malicious networks. A joint law enforcement operation by INTERPOL and AFRIPOL across 19 African ...

Pierluigi Paganini November 27, 2024
APT
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America

The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0 ...

Pierluigi Paganini November 27, 2024
Uncategorized
Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Blue Yonder, a supply chain software provider, suffered a ransomware attack, impacting operations for clients like Starbucks and grocery stores. A ransomware attack on Blue Yonder disrupted operat ...

Pierluigi Paganini November 26, 2024
Malware
The source code of Banshee Stealer leaked online

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS ...

Pierluigi Paganini November 26, 2024
Hacking
U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini November 26, 2024
Cyber Crime
Thai police arrested Chinese hackers involved in SMS blaster attacks

Thai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members ...

Pierluigi Paganini November 26, 2024
Cyber Crime
Zyxel firewalls targeted in recent ransomware attacks

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a rece ...

Pierluigi Paganini November 25, 2024
Hacking
Malware campaign abused flawed Avast Anti-Rootkit driver

Threat actors exploit an outdated Avast Anti-Rootkit driver to evade detection, disable security tools, and compromise the target systems. Trellix researchers uncovered a malware campaign that abu ...

Pierluigi Paganini November 25, 2024
APT
Russia-linked APT TAG-110 uses targets Europe and Asia

Russia-linked threat actors TAG-110 employed custom malware HATVIBE and CHERRYSPY to target organizations in Asia and Europe. Insikt Group researchers uncovered an ongoing cyber-espionage campaign ...

Pierluigi Paganini November 25, 2024
Intelligence
Russia-linked threat actors threaten the UK and its allies, minister to say

A senior UK minister will warn that Russia is preparing cyberattacks against the UK and its allies to undermine support for Ukraine. Russia may launch cyberattacks against the UK and its allies in ...

Pierluigi Paganini November 25, 2024
Breaking News
Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini November 24, 2024
Cyber Crime
DoJ seized credit card marketplace PopeyeTools and charges its administrators

The U.S. seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. The US Department of Justice announced the seizure of PopeyeTo ...

Pierluigi Paganini November 24, 2024
Hacking
A cyberattack on gambling giant IGT disrupted portions of its IT systems

A cyberattack on gambling giant IGT disrupted its systems, forcing the company to take certain services offline. International Game Technology (IGT) detected a cyberattack on November 17, the comp ...

Pierluigi Paganini November 23, 2024
APT
China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane

China-linked APT Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane in attacks targeting East and Southeast Asia. China-linked APT Gelsemium has deployed a previously unknown ...

Pierluigi Paganini November 23, 2024
Cyber Crime
Microsoft seized 240 sites used by the ONNX phishing service

Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation. Microsoft announced the disruption of the ONNX phishing service, a ...

Pierluigi Paganini November 23, 2024
Security
U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Ag ...

Pierluigi Paganini November 22, 2024
Hacking
More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromi ...

Pierluigi Paganini November 22, 2024
Data Breach
Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government i ...

Pierluigi Paganini November 21, 2024
Cyber Crime
US DoJ charges five alleged members of the Scattered Spider cybercrime gang

The U.S. Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. The U.S. Justice Department charged five alleged members of the cybercr ...

Pierluigi Paganini November 21, 2024
Data Breach
Threat actor sells data of over 750,000 patients from a French hospital

A threat actor had access to electronic patient record system of an unnamed French hospital, and the health data of 750,000 patients was compromised. An unnamed French hospital suffered a data bre ...

Pierluigi Paganini November 21, 2024
Security
Decade-old local privilege escalation bugs impacts Ubuntu needrestart package

Decade-old flaws in the needrestart package in Ubuntu Server could allow local attackers to gain root privileges without user interaction. The Qualys Threat Research Unit (TRU) discovered five Loc ...

Pierluigi Paganini November 21, 2024
Breaking News
Ford data breach involved a third-party supplier

Ford investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised. Ford investigation investigated a data breach after a thre ...

Pierluigi Paganini November 20, 2024
Security
Hacker obtained documents tied to lawsuit over Matt Gaetz's sexual misconduct allegations

A hacker allegedly accessed a file containing testimony from a woman claiming she had sex with Matt Gaetz when she was 17, sparking controversy. The New York Times reported that a hacker, who goes ...

Pierluigi Paganini November 20, 2024
Security
Apple addressed two actively exploited zero-day vulnerabilities

Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilit ...

Pierluigi Paganini November 20, 2024
Cyber Crime
Unsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports events

Threat actors exploit misconfigured JupyterLab and Jupyter Notebooks servers to rip sports streams and illegally redistribute them. Researchers from security firm Aqua observed threat actors explo ...

Pierluigi Paganini November 20, 2024
Cyber Crime
Russian Phobos ransomware operator faces cybercrime charges

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Pt ...

Pierluigi Paganini November 19, 2024
Data Breach
Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Ce ...

Pierluigi Paganini November 19, 2024
Security
Recently disclosed VMware vCenter Server bugs are actively exploited in attacks

Threat actors are actively exploiting two VMware vCenter Server vulnerabilities tracked as CVE-2024-38812 and CVE-2024-38813, Broadcom warns. Broadcom warns that the two VMware vCenter Server vuln ...

Pierluigi Paganini November 18, 2024
Data Breach
Foreign adversary hacked email communications of the Library of Congress says

The Library of Congress discloses the compromise of some of its IT systems, an alleged foreign threat actor hacked their emails. The Library of Congress informed lawmakers about a security breach ...

Pierluigi Paganini November 18, 2024
APT
T-Mobile is one of the victims of the massive Chinese breach of telecom firms

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espio ...

Pierluigi Paganini November 18, 2024
Security
Increased GDPR Enforcement Highlights the Need for Data Security

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protec ...

Pierluigi Paganini November 18, 2024
Hacking
Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites

A Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. It’s one of the most critical WordPress vulnerabilities ever. Wordfence researchers warn of a vulner ...

Pierluigi Paganini November 18, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 20

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini November 17, 2024
Malware
A botnet exploits e GeoVision zero-day to compromise EoL devices

A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. Researchers at the Shadowserver Foundation observed a botnet exploiting a ze ...

Pierluigi Paganini November 17, 2024
Hacking
Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit acce ...

Pierluigi Paganini November 16, 2024
Malware
Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a .NET-based information stealer that targets browser exten ...

Pierluigi Paganini November 16, 2024
Cyber Crime
Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Bitfinex hacker, Ilya Lichtenstein, who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. "Ilya Lichtenstein was sentenced today to five years in ...

Pierluigi Paganini November 15, 2024
Security
U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...

Pierluigi Paganini November 15, 2024
Internet of Things
Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices

The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure.   Days after D-Link announced it wouldn't patch a ...

Pierluigi Paganini November 14, 2024
Intelligence
China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

China-linked threat actors breached U.S. broadband providers and gained access to private communications of a limited number of U.S. government officials. The FBI and CISA continues to investigate ...

Pierluigi Paganini November 14, 2024
Cyber Crime
Bitdefender released a decryptor for the ShrinkLocker ransomware

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system's drives. ShrinkLocker ransomware was first discovered in May 2024 by ...

Pierluigi Paganini November 14, 2024
APT
China's Volt Typhoon botnet has re-emerged

China's Volt Typhoon botnet has re-emerged, using the same core infrastructure and techniques, according to SecurityScorecard researchers. The China-linked Volt Typhoon's botnet has resurfaced usi ...

Pierluigi Paganini November 13, 2024
Security
Zoom addressed two high-severity issues in its platform

Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Zoom addressed six vulnerabilities in its video ...

Pierluigi Paganini November 13, 2024
Hacking
Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

Microsoft Patch Tuesday security updates for November 2024 addressed 89 vulnerabilities, including two actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for November 2024 ...

Pierluigi Paganini November 13, 2024
Security
Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

A cyber attack affected Ahold Delhaize USA brands, disrupting Giant Food, Hannaford, their pharmacies, and e-commerce services. A cyber attack hit the food giant Ahold Delhaize impacting US pharma ...

Pierluigi Paganini November 12, 2024
Hacking
A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel

A cyberattack in Israel allegedly disrupted communication services, causing widespread malfunction of credit card readers across the country on Sunday. The Jerusalem Post reported that thousands o ...

Pierluigi Paganini November 12, 2024
Security
Apple indeed added a feature called "inactivity reboot" in iOS 18.1 that reboots locked devices

Apple iOS supports a new feature that reboots locked devices after extended inactivity, aiming to enhance data security for users. Apple 'quietly' implemented a new security feature that automatic ...

Pierluigi Paganini November 12, 2024
Malware
Ymir ransomware, a new stealthy ransomware grow in the wild

New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir rans ...

Pierluigi Paganini November 12, 2024
Data Breach
Amazon discloses employee data breach after May 2023 MOVEit attacks

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data ...

Pierluigi Paganini November 11, 2024
Security
A new fileless variant of Remcos RAT observed in the wild

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a ne ...

Pierluigi Paganini November 11, 2024
Hacking
A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

South Korea claims Pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea's government blames pro-Russia threat actors ...

Pierluigi Paganini November 11, 2024
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 19

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini November 10, 2024
Breaking News
Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini November 10, 2024
Hacking
U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CF ...

Pierluigi Paganini November 10, 2024
Security
Mazda Connect flaws allow to hack some Mazda vehicles

Multiple vulnerabilities in the infotainment unit Mazda Connect could allow attackers to execute arbitrary code with root access. Trend Micro's Zero Day Initiative warned of multiple vulnerabiliti ...

Pierluigi Paganini November 09, 2024
Malware
Veeam Backup & Replication exploit reused in new Frag ransomware attack

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware ...

Pierluigi Paganini November 09, 2024
Cyber Crime
Texas oilfield supplier Newpark Resources suffered a ransomware attack

Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a r ...

Pierluigi Paganini November 08, 2024
Security
Palo Alto Networks warns of potential RCE in PAN-OS management interface

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to l ...

Pierluigi Paganini November 08, 2024
Mobile
iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely s ...

Pierluigi Paganini November 08, 2024
Security
U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...

Pierluigi Paganini November 07, 2024
Malware
DPRK-linked BlueNoroff used macOS malware with novel persistence

SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-link ...

Pierluigi Paganini November 07, 2024
Security
Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology ...

Pierluigi Paganini November 07, 2024
Security
Critical bug in Cisco UWRB access points allows attackers to run commands as root

Cisco fixed a critical flaw in URWB access points, allowing attackers to run root commands, compromising industrial wireless automation security. Cisco has addressed a critical vulnerability, trac ...

Pierluigi Paganini November 07, 2024
Cyber Crime
INTERPOL: Operation Synergia II disrupted +22,000 malicious IPs

A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. INTERPOL announced this week i ...

Pierluigi Paganini November 06, 2024
Cyber Crime
Memorial Hospital and Manor suffered a ransomware attack

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, an ...

Pierluigi Paganini November 06, 2024
Digital ID
South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users

South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users' sensitive data, including political views and sexual orientation, with advertisers. South Korea's data privacy w ...

Pierluigi Paganini November 06, 2024
Hacking
Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerabi ...

Pierluigi Paganini November 06, 2024
Malware
ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed Toxi ...

Pierluigi Paganini November 05, 2024
Security
U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds PTZOptics PT30X-SDI/NDI camera bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini November 05, 2024
Cyber Crime
Canadian authorities arrested alleged Snowflake hacker

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. Canadian law enforcement agencies arrested a suspect, Alexan ...

Pierluigi Paganini November 05, 2024
Uncategorized
Android flaw CVE-2024-43093 may be under limited, targeted exploitation

Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild. Threat actors are actively exploiting a vulnerability, tracked as CVE-2024-43093 ...

Pierluigi Paganini November 05, 2024
Data Breach
July 2024 ransomware attack on the City of Columbus impacted 500,000 people

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber ...

Pierluigi Paganini November 04, 2024
Cyber Crime
Nigerian man Sentenced to 26+ years in real estate phishing scams

Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing milli ...

Pierluigi Paganini November 04, 2024
Intelligence
Russian disinformation campaign active ahead of 2024 US election

U.S. intel says Russia made a fake video claiming Haitians voted illegally in Georgia, aiming to spread election disinformation. U.S. intel reports Russia created a fake viral video falsely claimi ...

Pierluigi Paganini November 04, 2024
Cyber Crime
International law enforcement operation shut down DDoS-for-hire platform Dstat.cc

German police shut down DDoS-for-hire platform Dstat.cc and arrested two men accused of operating the site used for launching DDoS attacks. German police shut down the DDoS-for-hire platform Dstat ...

Pierluigi Paganini November 04, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 18

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini November 03, 2024
Breaking News
Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini November 03, 2024
Security
US Election 2024 – FBI warning about fake election videos

US Election 2024 - The FBI warned that two fake videos on X spread false claims of ballot fraud and misinformation about Kamala Harris’s husband. In a post on X on Saturday, the Federal Bureau o ...

Pierluigi Paganini November 03, 2024
Malware
Chinese threat actors use Quad7 botnet in password-spray attacks

Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to ...

Pierluigi Paganini November 03, 2024
Cyber Crime
FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being f ...

Pierluigi Paganini November 02, 2024
APT
Sophos details five years of China-linked threat actors' activity targeting network devices worldwide

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long "cat-and-mouse" battle with China-linked threat a ...

Pierluigi Paganini November 02, 2024
Hacking
PTZOptics cameras zero-days actively exploited in the wild

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracke ...

Pierluigi Paganini November 02, 2024
Malware
New LightSpy spyware version targets iPhones with destructive capabilities

New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSp ...

Pierluigi Paganini November 01, 2024
Hacking
LottieFiles confirmed a supply chain attack on Lottie-Player

LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Play ...

Pierluigi Paganini November 01, 2024
Data Breach
Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank, formally the Banco Internacional del Perú Service Holding S.A ...

Pierluigi Paganini October 31, 2024
Security
QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, ...

Pierluigi Paganini October 31, 2024
Malware
New version of Android malware FakeCall redirects bank calls to scammers

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of ...

Pierluigi Paganini October 31, 2024
APT
Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files

Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scale spear-phishing campaign by Russia-linked APT ...

Pierluigi Paganini October 30, 2024
Uncategorized
QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. QNAP addressed a critical zero-day vulnerability, tracke ...

Pierluigi Paganini October 30, 2024
Cyber Crime
International law enforcement operation dismantled RedLine and Meta infostealers

A global law enforcement operation disrupted RedLine and Meta infostealers, seizing their infrastructure and making arrests. The Dutch police announced it has dismantled infrastructure used by Red ...

Pierluigi Paganini October 29, 2024
Cyber Crime
Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vuln ...

Pierluigi Paganini October 29, 2024
Cyber warfare
Russia-linked espionage group UNC5812 targets Ukraine's military with malware

Suspected Russia-linked espionage group UNC5812 targets Ukraine's military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812 ...

Pierluigi Paganini October 29, 2024
Data Breach
France’s second-largest telecoms provider Free suffered a cyber attack

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free S.A.S. is a French telecommunications ...

Pierluigi Paganini October 28, 2024
Data Breach
A crime ring compromised Italian state databases reselling stolen info

Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individu ...

Pierluigi Paganini October 28, 2024
Security
Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

A long supply chain adds third-party risks, as each partner's security affects your own, making identity and access management more challenging. Identity-related attack vectors are a significant c ...

Pierluigi Paganini October 28, 2024
Cyber Crime
Black Basta affiliates used Microsoft Teams in recent attacks

ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks. ReliaQuest researchers warn that Black Basta ransomware affiliates swit ...

Pierluigi Paganini October 28, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 17

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini October 27, 2024
Cyber Crime
Four REvil Ransomware members sentenced for hacking and money laundering

Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for ha ...

Pierluigi Paganini October 27, 2024
Intelligence
Chinese cyber spies targeted phones used by Trump and Vance

China-linked threat actors targeted the phone communications of Donald Trump and vice presidential nominee JD Vance. China-linked hackers reportedly targeted phones used by former President D ...

Pierluigi Paganini October 26, 2024
Laws and regulations
Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement

Irish Data Protection Commission fined LinkedIn €310M for violating user privacy by using behavioral data analysis for targeted advertising. Irish Data Protection Commission fined LinkedIn €31 ...

Pierluigi Paganini October 26, 2024
Data Breach
Change Healthcare data breach impacted over 100 million people

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by C ...

Pierluigi Paganini October 25, 2024
Data Breach
OnePoint Patient Care data breach impacted 795916 individuals

US hospice pharmacy OnePoint Patient Care suffered a data breach that exposed the personal info of approximately 800,000 individuals. OnePoint Patient Care is a U.S.-based pharmacy specializing in ...

Pierluigi Paganini October 25, 2024
Security
From Risk Assessment to Action: Improving Your DLP Response

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybe ...

Pierluigi Paganini October 25, 2024
Security
U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...

Pierluigi Paganini October 25, 2024
Hacking
Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24.  On day two of Pwn2Own Ireland 2024, hackers demonstrated attacks against 51 zero-day vu ...

Pierluigi Paganini October 24, 2024
Breaking News
Cisco fixed tens of vulnerabilities, including an actively exploited one

Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign. Cisco addressed multiple vulnerabilities in Adaptive Sec ...

Pierluigi Paganini October 24, 2024
Hacking
FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024

The "FortiJump" flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant. A new report published by Mandiant states that the recently ...

Pierluigi Paganini October 24, 2024
Hacking
U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agen ...

Pierluigi Paganini October 24, 2024
Security
Digital Echo Chambers and Erosion of Trust - Key Threats to the US Elections

Resecurity reports a rise in political content related to the 2024 US elections on social media, with increased activity from foreign sources. Resecurity has detected a substantial increase in the ...

Pierluigi Paganini October 23, 2024
Malware
Crooks are targeting Docker API servers to deploy SRBMiner

Threat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances, Trend Micro warns. Trend Micro researchers observed attackers targeting Docker remo ...

Pierluigi Paganini October 23, 2024
Security
Why DSPM is Essential for Achieving Data Privacy in 2024

Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. Data Security Posture Manageme ...

Pierluigi Paganini October 23, 2024
Laws and regulations
SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four compan ...

Pierluigi Paganini October 23, 2024
Security
Samsung zero-day flaw actively exploited in the wild

Google’s Threat Analysis Group (TAG) researchers warn of a Samsung zero-day vulnerability that is exploited in the wild. Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulner ...

Pierluigi Paganini October 22, 2024
Malware
Experts warn of a new wave of Bumblebee malware attacks

Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol's 'Operation Endgame' that disrupted its operations in May. The Bumblebee malware loader has resurfaced ...

Pierluigi Paganini October 22, 2024
Security
U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...

Pierluigi Paganini October 22, 2024
Security
VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as ...

Pierluigi Paganini October 22, 2024
Cyber Crime
Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by the notorious threat actor IntelBroker ...

Pierluigi Paganini October 21, 2024
Data Breach
Internet Archive was breached twice in a month

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users ...

Pierluigi Paganini October 21, 2024
Hacking
Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign

Hackers exploited a now-patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software. Researchers from Positive Technologies warn that unknown threat ...

Pierluigi Paganini October 21, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 16

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini October 20, 2024
Breaking News
Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini October 20, 2024
Security
F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP

Technology firm F5 patches a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity flaw in BIG-IQ. F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise pro ...

Pierluigi Paganini October 20, 2024
Security
U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini October 19, 2024
APT
North Korea-linked APT37 exploited IE zero-day in a recent attack

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt ...

Pierluigi Paganini October 19, 2024
Data Breach
Omni Family Health data breach impacts 468,344 individuals

Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to c ...

Pierluigi Paganini October 19, 2024
APT
Iran-linked actors target critical infrastructure organizations

U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S. ...

Pierluigi Paganini October 18, 2024
Security
macOS HM Surf flaw in TCC allows bypass Safari privacy settings

Microsoft disclosed a flaw in the macOS Apple's Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulne ...

Pierluigi Paganini October 18, 2024
Hacktivism
Two Sudanese nationals indicted for operating the Anonymous Sudan group

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, ...

Pierluigi Paganini October 18, 2024
APT
Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (a ...

Pierluigi Paganini October 17, 2024
Security
A critical flaw in Kubernetes Image Builder could allow attackers to gain root access

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-20 ...

Pierluigi Paganini October 17, 2024
Security
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked ...

Pierluigi Paganini October 17, 2024
Cyber Crime
Brazil's Polícia Federal arrested the notorious hacker USDoD

Brazil's Polícia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil's Polícia Federal (PF) announced the arrest in Belo Horizonte/MG of ...

Pierluigi Paganini October 16, 2024
Cyber Crime
Finnish Customs dismantled the dark web drugs market Sipulitie

Finnish Customs shut down the Tor darknet marketplace Sipulitie and seized the servers hosting the platform. Finnish Customs, with the help of Europol, Swedish and Polish law enforcement authoriti ...

Pierluigi Paganini October 16, 2024
Hacking
U.S. CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cy ...

Pierluigi Paganini October 16, 2024
Security
GitHub addressed a critical vulnerability in Enterprise Server

GitHub addressed a critical vulnerability in Enterprise Server that could allow unauthorized access to affected instances. Code hosting platform GitHub addressed a critical vulnerability, tracked ...

Pierluigi Paganini October 16, 2024
Malware
A new Linux variant of FASTCash malware targets financial systems

North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the ...

Pierluigi Paganini October 15, 2024
Uncategorized
WordPress Jetpack plugin critical flaw impacts 27 million sites

WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site. The maintainers of the WordPress Jetpack plugin have ...

Pierluigi Paganini October 15, 2024
Data Breach
Pokemon dev Game Freak discloses data breach

Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded ...

Pierluigi Paganini October 15, 2024
Security
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...

Pierluigi Paganini October 14, 2024
APT
Nation-state actor exploited three Ivanti CSA zero-days

An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation- ...

Pierluigi Paganini October 14, 2024
Cyber Crime
Dutch police dismantled dual dark web market 'Bohemia/Cannabia'

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement o ...

Pierluigi Paganini October 14, 2024
Data Breach
Fidelity Investments suffered a second data breach this year

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investmen ...

Pierluigi Paganini October 14, 2024
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini October 13, 2024
Breaking News
Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini October 13, 2024
APT
Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR ...

Pierluigi Paganini October 13, 2024
Cyber warfare
A cyber attack hit Iranian government sites and nuclear facilities

As Middle East tensions rise, cyberattacks hit Iran’s government branches and nuclear facilities, following Israel's response to Iran's October 1 missile barrage. Amid escalating Middle East ten ...

Pierluigi Paganini October 12, 2024
Cyber Crime
Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks

Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical v ...

Pierluigi Paganini October 12, 2024
Security
GitLab fixed a critical flaw that could allow arbitrary CI/CD pipeline execution

GitLab issued updates for CE and EE to address multiple flaws, including a critical bug allowing CI/CD pipeline runs on unauthorized branches. GitLab released security updates for Community Editio ...

Pierluigi Paganini October 11, 2024
APT
Iran and China-linked actors used ChatGPT for preparing attacks

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influ ...

Pierluigi Paganini October 11, 2024
Data Breach
Internet Archive data breach impacted 31M users

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its "The Wayback Machine." The Internet Archive is an American nonprofit digital librar ...

Pierluigi Paganini October 11, 2024
Malware
E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Jscrambler researchers found a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer named Mongolian Skimmer. Jscrambler researchers uncovered a skimming ...

Pierluigi Paganini October 10, 2024
Security
U.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Ag ...

Pierluigi Paganini October 10, 2024
Security
Mozilla issued an urgent Firefox update to fix an actively exploited flaw

Mozilla released an urgent Firefox update to fix a critical use-after-free vulnerability actively exploited in ongoing attacks. Mozilla released an emergency security update for its Firefox browse ...

Pierluigi Paganini October 10, 2024
Security
Palo Alto fixed critical flaws in PAN-OS firewalls that allow for full compromise of the devices

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an at ...

Pierluigi Paganini October 10, 2024
Security
Cybercriminals Are Targeting AI Conversational Platforms

Resecurity reports a rise in attacks on AI Conversational platforms, targeting chatbots that use NLP and ML to enable automated, human-like interactions with consumers. Resecurity has observed a s ...

Pierluigi Paganini October 09, 2024
APT
Awaken Likho APT group targets Russian government with a new implant

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A recent investigation by Kaspersky researchers into ...

Pierluigi Paganini October 09, 2024
Security
U.S. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...

Pierluigi Paganini October 09, 2024
Cyber Crime
Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer

Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer, used to steal sensitive data globally. Ukrainian national Mark Sokolovsky has pleaded guilty in a US court to ...

Pierluigi Paganini October 08, 2024
Data Breach
MoneyGram discloses data breach following September cyberattack

MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. In September, American interstate and international peer-to-peer payments ...

Pierluigi Paganini October 08, 2024
Hacking
American Water shut down some of its systems following a cyberattack

American Water, the largest publicly traded water and wastewater utility company in the US, shut down some of its systems following a cyberattack. American Water, the largest U.S. water and wastew ...

Pierluigi Paganini October 08, 2024
Data Breach
Universal Music data breach impacted 680 individuals

Universal Music Group notified hundreds of individuals about a data breach compromising their personal information. Universal Music Group is notifying 680 individuals about a data breach that comp ...

Pierluigi Paganini October 07, 2024
Cyber warfare
Kyiv's hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin's birthday

Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv's hackers. A Ukrainian government source told Reuters that Kyiv's hackers are behind the ...

Pierluigi Paganini October 07, 2024
Data Breach
FBCS data breach impacted 238,000 Comcast customers

238,000 Comcast customers were impacted by the FBCS data breach following the February ransomware attack, Comcast reports. Telecommunications giant Comcast is notifying approximately 238,000 custo ...

Pierluigi Paganini October 07, 2024
Security
Critical Apache Avro SDK RCE flaw impacts Java applications

A critical vulnerability in the Apache Avro Java Software Development Kit (SDK) could be exploited to execute arbitrary code on vulnerable instances. A critical vulnerability, tracked as CVE-2024- ...

Pierluigi Paganini October 07, 2024
Cyber Crime
Man pleads guilty to stealing over $37 Million worth of cryptocurrency

A man from Indiana pleaded guilty to stealing over $37M in cryptocurrency from 571 victims during a 2022 cyberattack. Evan Frederick Light, 21, of Lebanon, Indiana, pleaded guilty to conspiracy to ...

Pierluigi Paganini October 07, 2024
Security
U.S. CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Zimbra Collaboration vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini October 07, 2024
APT
China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

China-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-linked APT group Salt Typhoon (also known as Famo ...

Pierluigi Paganini October 06, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini October 06, 2024
Breaking News
Security Affairs newsletter Round 492 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini October 06, 2024
Security
Google Pixel 9 supports new security features to mitigate baseband attacks

Google announced that its Pixel 9 has implemented new security features, and it supports measures to mitigate baseband attacks. Pixel phones are known for their strong security features, particula ...

Pierluigi Paganini October 06, 2024
Security
WordPress LiteSpeed Cache plugin flaw could allow site takeover

A high-severity flaw in the WordPress LiteSpeed Cache plugin could allow attackers to execute arbitrary JavaScript code under certain conditions. A high-severity security flaw, tracked as CVE-2024 ...

Pierluigi Paganini October 05, 2024
Mobile
Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs

Apple released iOS 18.0.1 update that addressed two vulnerabilities that exposed passwords and audio snippets to attackers. Apple released iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabi ...

Pierluigi Paganini October 05, 2024
Security
Google removed Kaspersky's security apps from the Play Store

Google removed Kaspersky 's Android security apps from the Play Store and suspended its developer accounts over the weekend. Over the weekend, all the Android products designed by the Russian cybe ...

Pierluigi Paganini October 04, 2024
Malware
New Perfctl Malware targets Linux servers in cryptomining campaign

perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbe ...

Pierluigi Paganini October 04, 2024
APT
Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group

Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. government and nonprofits. The Justice Department revealed the unsealing o ...

Pierluigi Paganini October 04, 2024
Hacking
Dutch police breached by a state actor

The Dutch government blames a "state actor" for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state acto ...

Pierluigi Paganini October 03, 2024
Cyber Crime
Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have explo ...

Pierluigi Paganini October 03, 2024
Digital ID
Telegram revealed it shared U.S. user data with law enforcement

Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed th ...

Pierluigi Paganini October 03, 2024
Security
U.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Endpoint Manager (EPM) vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini October 02, 2024
Security
14 New DrayTek routers' flaws impacts over 700,000 devices in 168 countries

Multiple flaws in DrayTek residential and enterprise routers can be exploited to fully compromise vulnerable devices. Forescout researchers discovered 14 new vulnerabilities in DrayTek routers, tw ...

Pierluigi Paganini October 02, 2024
Malware
Rhadamanthys information stealer introduces AI-driven capabilities

The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorde ...

Pierluigi Paganini October 02, 2024
Hacking
Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!

Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor's Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting ...

Pierluigi Paganini October 02, 2024
Cyber Crime
Police arrested four new individuals linked to the LockBit ransomware operation

An international police operation led to the arrest of four individuals linked to the LockBit ransomware group, including a developer. Europol, the UK, and the US law enforcement authorities annou ...

Pierluigi Paganini October 02, 2024
Cyber Crime
UMC Health System diverted patients following a ransomware attack

US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an ...

Pierluigi Paganini October 01, 2024
Hacking
U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabiliti ...

Pierluigi Paganini October 01, 2024
Hacking
News agency AFP hit by cyberattack, client services impacted

AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that ...

Pierluigi Paganini October 01, 2024
APT
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cybe ...

Pierluigi Paganini October 01, 2024
Cyber Crime
Patelco Credit Union data breach impacted over 1 million people

The ransomware attack on Patelco Credit Union this summer led to a data breach affecting over 1 million individuals, revealed the company. Patelco Credit Union is a member-owned, not-for-profit c ...

Pierluigi Paganini September 30, 2024
Data Breach
Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack

Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. In May, the Community Clinic of Maui experienced a major IT outage that impa ...

Pierluigi Paganini September 30, 2024
Cyber Crime
A British national has been charged for his execution of a hack-to-trade scheme

The Department of Justice charged a British national for hacking into the systems of five U.S. organizations. The Department of Justice charged the British national Robert Westbrook (39) for hacki ...

Pierluigi Paganini September 30, 2024
Uncategorized
Critical NVIDIA Container Toolkit flaw could allow access to the underlying host

A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host. Critical vulnerability CVE-2024-0132 (CVSS score 9.0) in the ...

Pierluigi Paganini September 30, 2024
Cyber warfare
Israel army hacked the communication network of the Beirut Airport control tower

Israel allegedly hacked Beirut airport 's control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of ...

Pierluigi Paganini September 29, 2024
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 13

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...

Pierluigi Paganini September 29, 2024
Breaking News
Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini September 29, 2024
Social Networks
Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

The Irish Data Protection Commission (DPC) fined Meta €91 million for storing the passwords of hundreds of millions of users in plaintext. The Irish Data Protection Commission (DPC) has fined Me ...

Pierluigi Paganini September 28, 2024
Security
A cyberattack on Kuwait Health Ministry impacted hospitals in the country

The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple hospitals and disabled the Sahel healthcare app. Kuwait’s Health Ministry was the victim of a cyber ...

Pierluigi Paganini September 28, 2024
Digital ID
The Tor Project and Tails have merged operations

The Tor Project and Tails OS have joined forces and merged operations to counter a growing number of digital threats. The Tor Project and Tails have merged operations to enhance collaboration and ...

Pierluigi Paganini September 27, 2024
Hacking
Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on publi ...

Pierluigi Paganini September 27, 2024
Hacking
CUPS flaws allow remote code execution on Linux systems under certain conditions

A researcher has disclosed details of an unpatched Linux vulnerability, initially labeled as critical, that allows remote code execution. The popular cybersecurity researcher Simone Margaritelli ( ...

Pierluigi Paganini September 27, 2024
Cyber Crime
U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryp ...

Pierluigi Paganini September 27, 2024