LATEST NEWS

VIEW ALL
OpSaveGaza , Anonymous paralized Mossad website with a DDoS
Pierluigi Paganini August 01, 2014

Members of the group of hacktivists Anonymous have coordinated a major Distributed Denial of Service attack early this morning as part of the #OpSaveGaza. Anonymous, the popular collective of h ...

Hackers can exploit USB devices to trigger undetectable attacks
Pierluigi Paganini August 01, 2014

A popular security researcher revealed that bad actors can tap into USB Devices to conduct attacks non detectable with known security defenses. Security experts demonstrated that USB devices can be u ...

Zero-day flaws affect Symantec Endpoint Protection
Pierluigi Paganini July 31, 2014

Pen Testers at Offensive Security discovered Zero-day flaws in Symantec Endpoint Protection that could be exploited to gain full system access. Yesterday I reported the results of the study conducted ...

Discovered attacks to compromise TOR Network and De-Anonymize users
Pierluigi Paganini July 31, 2014

On July 4 2014 Tor Team discovered a group of malicious relays that they assume were trying to deanonymize Tor Network users with confirmation attack technique. Tor network is an excellent techno ...

recent articles

Deep Web
Operation RapTor led to the arrest of 270 dark web vendors and buyers

Law enforcement operation codenamed 'Operation RapTor' led to the arrest of 270 dark web vendors and buyers across 10 countries. Police arrested 270 suspects following an international law enforce ...

Pierluigi Paganini May 23, 2025
Hacking
Chinese threat actors exploited Trimble Cityworks flaw to breach U.S. local government networks

A Chinese threat actor, tracked as UAT-6382, exploited a patched Trimble Cityworks flaw to deploy Cobalt Strike and VShell. Cisco Talos researchers attribute the exploitation of the CVE-2025-0994 ...

Pierluigi Paganini May 23, 2025
Hacking
U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...

Pierluigi Paganini May 22, 2025
Digital ID
New Signal update stops Windows from capturing user chats

Signal implements new screen security on Windows 11, blocking screenshots by default to protect user privacy from Microsoft’s Recall feature. A Signal update for the Windows app prevents the sys ...

Pierluigi Paganini May 22, 2025
Cyber Crime
Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS

Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included global manufacturers. A US court order, with Europol and Japan’s JC3 dismantled the Lumm ...

Pierluigi Paganini May 22, 2025
APT
Russia-linked APT28 targets western logistics entities and technology firms

CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies i ...

Pierluigi Paganini May 22, 2025
Security
A cyberattack was responsible for the week-long outage affecting Cellcom wireless network

Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the cause of a service outage it faced during the past week. Cellcom, a regional wireless carrier in W ...

Pierluigi Paganini May 21, 2025
Data Breach
Coinbase data breach impacted 69,461 individuals

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals. Coinbase disclosed that a data breach impacted 69,461 individuals after oversea ...

Pierluigi Paganini May 21, 2025
Security
U.S. CISA adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to its Known Exploited Vul ...

Pierluigi Paganini May 21, 2025
Uncategorized
A critical flaw in OpenPGP.js lets attackers spoof message signatures

A critical flaw in OpenPGP.js, tracked as CVE-2025-47934, lets attackers spoof message signatures; updates have been released to address the flaw. A critical vulnerability, tracked as CVE-2025-479 ...

Pierluigi Paganini May 21, 2025
Data Breach
SK Telecom revealed that malware breach began in 2022

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Korea’s largest wireless telecom company, a major player i ...

Pierluigi Paganini May 21, 2025
Hacking
4G Calling (VoLTE) flaw allowed to locate any O2 customer with a phone call

A flaw in O2 4G Calling (VoLTE) leaked user location data via network responses due to improper IMS standard implementation. A flaw in 4G Calling (VoLTE) service of the UK telecom O2 exposed user ...

Pierluigi Paganini May 20, 2025
Malware
China-linked UnsolicitedBooker APT used new backdoor MarsSnake in recent attacks

China-linked UnsolicitedBooker used a new backdoor, MarsSnake, to target an international organization in Saudi Arabia. ESET researchers revealed that a China-linked APT, tracked as UnsolicitedBoo ...

Pierluigi Paganini May 20, 2025
Data Breach
UK’s Legal Aid Agency discloses a data breach following April cyber attack

The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that sensitive data was stolen during the incident. The Legal Aid Agency (LAA) revealed that it had suffered a cyb ...

Pierluigi Paganini May 20, 2025
Malware
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

Cybersecurity Observatory of the Unipegaso's malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by th ...

Pierluigi Paganini May 20, 2025
Security
Mozilla fixed zero-days recently demonstrated at Pwn2Own Berlin 2025

Mozilla addressed two critical Firefox vulnerabilities that could be potentially exploited to access sensitive data or achieve code execution. Mozilla released security updates to fix two critical ...

Pierluigi Paganini May 19, 2025
Laws and regulations
Japan passed a law allowing preemptive offensive cyber actions

Japan passed a law allowing preemptive offensive cyber actions, shifting from its pacifist stance to bolster defenses like major Western powers. Japan has enacted the Active Cyberdefense Law, allo ...

Pierluigi Paganini May 19, 2025
Laws and regulations
James Comey is under investigation by Secret Service for a seashell photo showing “8647”

James Comey is under investigation for a seashell photo showing “8647,” seen by some as a coded threat against Trump. Former FBI chief James Comey is under investigation by the Secret Service ...

Pierluigi Paganini May 19, 2025
Hacking
Pwn2Own Berlin 2025: total prize money reached $1,078,750

Pwn2Own Berlin 2025 wrapped up with $383,750 awarded on the final day, pushing the total prize money to $1,078,750 over three days. On the final day of Pwn2Own Berlin 2025, participants earned $38 ...

Pierluigi Paganini May 19, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer  Interlock r ...

Pierluigi Paganini May 18, 2025