LATEST NEWS

VIEW ALL
From the mosaic theory to the stuxnet case
Pierluigi Paganini December 12, 2011

With the term of Mosaic theory we refer the method used in security analysis to gather information about a corporation. A natural extension of the method hit its application to ordinary life. Mosaic ...

India The blurred line between defense and cyber censorship
Pierluigi Paganini December 11, 2011

In this article I wish to bring to your attention what I regard as gross contradiction of a nation whose people I admire for their professionalism and dedication to work, India. In my previous article ...

“Need an expert in customized botnet.” ... new recruiting channel.
Pierluigi Paganini December 10, 2011

In recent weeks we have discussed a lot about cyber crime and how it is assuming frightening proportions. A growing business in which a huge number of organizations have taken an interest. The cyber s ...

Top Nine cyber security trends for 2012? They are too few, isn't it?
Pierluigi Paganini December 09, 2011

In this article I intend to read with you an interesting document, distributed by Imperva, in which they emphasized, the main threats that could cause significant problems in the coming ye ...

recent articles

Cyber Crime
Experts found a bug in the Linux version of RansomHub ransomware

The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encry ...

Pierluigi Paganini June 22, 2024
Hacking
UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models

A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware security firm Eclypsium discovered a vulnerability, ...

Pierluigi Paganini June 21, 2024
APT
Russia-linked APT Nobelium targets French diplomatic entities

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information sec ...

Pierluigi Paganini June 21, 2024
Laws and regulations
US bans sale of Kaspersky products due to risks to national security

The US government announced the ban on selling Kaspersky software due to security risks from Russia and urged citizens to replace it. The Biden administration announced it will ban the sale of Kas ...

Pierluigi Paganini June 20, 2024
Security
Atlassian fixed six high-severity bugs in Confluence Data Center and Server

Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-se ...

Pierluigi Paganini June 20, 2024
APT
China-linked spies target Asian Telcos since at least 2021

A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has ...

Pierluigi Paganini June 20, 2024
Malware
New Rust infostealer Fickle Stealer spreads through various attack methods

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration A new Rust malware called Fickle Stealer spreads through various attack methods and steals sensitive information. ...

Pierluigi Paganini June 20, 2024
Hacking
An unpatched bug allows anyone to impersonate Microsoft corporate email accounts

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered ...

Pierluigi Paganini June 20, 2024
Cyber Crime
Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale

Resecurity researchers warn of a new activity of Smishing Triad, which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad, which has expanded its o ...

Pierluigi Paganini June 20, 2024
Hacking
Alleged researchers stole $3 million from Kraken exchange

Alleged researchers have exploited a zero-day in Kraken crypto exchange to steal $3 million worth of cryptocurrency. Kraken Chief Security Officer Nick Percoco revealed that alleged security resea ...

Pierluigi Paganini June 19, 2024
Security
Google Chrome 126 update addresses multiple high-severity flaws

Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing s ...

Pierluigi Paganini June 19, 2024
Data Breach
Chip maker giant AMD investigates a data breach

AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they we ...

Pierluigi Paganini June 19, 2024
Cyber Crime
Cryptojacking campaign targets exposed Docker APIs

A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the at ...

Pierluigi Paganini June 19, 2024
Hacking
VMware fixed RCE and privilege escalation bugs in vCenter Server

VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exp ...

Pierluigi Paganini June 18, 2024
Laws and regulations
Meta delays training its AI using public content shared by EU users 

Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its ...

Pierluigi Paganini June 18, 2024
Data Breach
Keytronic confirms data breach after ransomware attack

Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly sto ...

Pierluigi Paganini June 18, 2024
Cyber Crime
The Financial Dynamics Behind Ransomware Attacks

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim's ...

Pierluigi Paganini June 18, 2024
Deep Web
Empire Market owners charged with operating $430M dark web marketplace

Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka "Dopenugget ...

Pierluigi Paganini June 17, 2024
APT
China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances to breach target networks. In late 2023, Sygnia researchers responded to an incident suffere ...

Pierluigi Paganini June 17, 2024
Data Breach
LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals

The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the ...

Pierluigi Paganini June 17, 2024
Cyber Crime
Spanish police arrested an alleged member of the Scattered Spider group

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of be ...

Pierluigi Paganini June 17, 2024
Security
Online job offers, the reshipping and money mule scams

Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid scheme ...

Pierluigi Paganini June 17, 2024
Breaking News
Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini June 16, 2024
Security
ASUS fixed critical remote authentication bypass bug in several routers

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerabil ...

Pierluigi Paganini June 16, 2024
Cyber Crime
London hospitals canceled over 800 operations in the week after Synnovis ransomware attack

NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were forced to cancel planned operations. NHS England confirmed that the recent ransomware attack ...

Pierluigi Paganini June 15, 2024
Laws and regulations
DORA Compliance Strategy for Business Leaders

In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and an ...

Pierluigi Paganini June 14, 2024
Security
CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ...

Pierluigi Paganini June 14, 2024
Hacking
City of Cleveland still working to fully restore systems impacted by a cyber attack

Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was t ...

Pierluigi Paganini June 14, 2024
Security
Google fixed an actively exploited zero-day in the Pixel Firmware

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tr ...

Pierluigi Paganini June 13, 2024
Security
Multiple flaws in Fortinet FortiOS fixed

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS a ...

Pierluigi Paganini June 13, 2024
Hacking
CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini June 12, 2024
Breaking News
Ukraine Police arrested a hacker who developed a crypter used by Conti and LockBit ransomware operation

The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (2 ...

Pierluigi Paganini June 12, 2024
Security
JetBrains fixed IntelliJ IDE flaw exposing GitHub access tokens

JetBrains warned to fix a critical vulnerability in IntelliJ integrated development environment (IDE) apps that exposes GitHub access tokens. JetBrains warned customers to address a critical vulne ...

Pierluigi Paganini June 12, 2024
Security
Microsoft Patch Tuesday security updates for June 2024 fixed only one critical issue

Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw. Microsoft Patch Tuesday security updates for June 2024 ...

Pierluigi Paganini June 12, 2024
Data Breach
Cylance confirms the legitimacy of data offered for sale in the dark web

A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000. A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen dat ...

Pierluigi Paganini June 11, 2024
Hacking
Arm zero-day in Mali GPU Drivers actively exploited in the wild

Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, track ...

Pierluigi Paganini June 11, 2024
Hacking
Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. Patch it now!

A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Ent ...

Pierluigi Paganini June 11, 2024
Security
Japanese video-sharing platform Niconico was victim of a cyber attack

The Japanese video-sharing platform, Niconico, was forced to suspend its services following a cybersecurity incident. The Japanese video-sharing platform, Niconico, temporarily suspended its servi ...

Pierluigi Paganini June 10, 2024
Cyber Crime
UK NHS call for O-type blood donations following ransomware attack on London hospitals

The UK NHS issued an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals. The UK National Health Service (NHS) issued an urgent call for ...

Pierluigi Paganini June 10, 2024
Data Breach
Christie’s data breach impacted 45,798 individuals

Auction house Christie’s revealed that the data breach caused by the recent ransomware attack impacted 45,000 individuals. At the end of May, the auction house Christie’s disclosed a data bre ...

Pierluigi Paganini June 10, 2024
Hacking
Sticky Werewolf targets the aviation industry in Russia and Belarus

Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023, initial ...

Pierluigi Paganini June 10, 2024
Data Breach
Frontier Communications data breach impacted over 750,000 individuals

Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen ...

Pierluigi Paganini June 10, 2024
Breaking News
PHP addressed critical RCE flaw potentially impacting millions of servers

A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE disc ...

Pierluigi Paganini June 09, 2024
Security
Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini June 09, 2024
Security
SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform

SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address mul ...

Pierluigi Paganini June 07, 2024
Cyber Crime
Pandabuy was extorted twice by the same threat actor

Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pa ...

Pierluigi Paganini June 07, 2024
Intelligence
UAC-0020 threat actor used the SPECTR Malware to target Ukraine's defense forces

Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA ...

Pierluigi Paganini June 07, 2024
Cyber Crime
A new Linux version of TargetCompany ransomware targets VMware ESXi environments

A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell sc ...

Pierluigi Paganini June 06, 2024
Security
FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support

The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. The FBI is inviting victims of LockBit ra ...

Pierluigi Paganini June 06, 2024
Malware
RansomHub operation is a rebranded version of the Knight RaaS

Researchers believe the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation. Cybersecurity experts who analyzed the recently emerged ransomware operation Ra ...

Pierluigi Paganini June 06, 2024
Digital ID
Malware can steal data collected by the Windows Recall tool, experts warn

Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to ...

Pierluigi Paganini June 05, 2024
Breaking News
Cisco addressed Webex flaws used to compromise German government meetings

Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited v ...

Pierluigi Paganini June 05, 2024
Hacking
CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing p ...

Pierluigi Paganini June 05, 2024
Security
Zyxel addressed three RCEs in end-of-life NAS devices

Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical ...

Pierluigi Paganini June 05, 2024
Cyber Crime
A ransomware attack on Synnovis impacted several London hospitals

A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnosti ...

Pierluigi Paganini June 04, 2024
Data Breach
RansomHub gang claims the hack of the telecommunications giant Frontier Communications

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stol ...

Pierluigi Paganini June 04, 2024
Cyber Crime
Cybercriminals attack banking customers in EU with V3B phishing kit - PhotoTAN and SmartID supported.

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. Resecurity has uncovered a new cybercriminal group pro ...

Pierluigi Paganini June 04, 2024
Hacking
Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers

Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Researchers published a proof-of-concept (PoC) exploit code for an authentic ...

Pierluigi Paganini June 04, 2024
Security
Multiple flaws in Cox modems could have impacted millions of devices

Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox ...

Pierluigi Paganini June 04, 2024
Hacking
CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracl ...

Pierluigi Paganini June 03, 2024
Cyber Crime
Spanish police shut down illegal TV streaming network

Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distri ...

Pierluigi Paganini June 03, 2024
APT
APT28 targets key networks in Europe with HeadLace malware

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU's unit APT28 targeti ...

Pierluigi Paganini June 03, 2024
Deep Web
Experts found information of European politicians on the dark web

Personal information of hundreds of British and EU politicians is available on dark web marketplaces. According to research conducted by Proton and Constella Intelligence, the email addresses and ...

Pierluigi Paganini June 03, 2024
Hacking
FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware

Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a R ...

Pierluigi Paganini June 02, 2024
Breaking News
Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini June 02, 2024
Data Breach
Ticketmaster confirms data breach impacting 560 million customers

Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently claimed ...

Pierluigi Paganini June 01, 2024
Hacking
Critical Apache Log4j2 flaw still threatens global finance

The vulnerability CVE-2021-44832 is Apache Log4j2 library is still a serious problem for multiple industries, expert warns it threatens global Finance. The independent cyber threat intelligence an ...

Pierluigi Paganini June 01, 2024
Security
Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin

Crooks stole approximately 48.2 billion yen ($304 million) worth of Bitcoin from the Japanese cryptocurrency exchange DMM Bitcoin. The Japanese cryptocurrency exchange DMM Bitcoin announced that c ...

Pierluigi Paganini June 01, 2024
Data Breach
ShinyHunters is selling data of 30 million Santander customers

The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a hug ...

Pierluigi Paganini May 31, 2024
Malware
Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours 

The Chalubo trojan destroyed over 600,000 SOHO routers from a single ISP, researchers from Lumen Technologies reported. Between October 25 and October 27, 2023, the Chalubo malware destroyed more ...

Pierluigi Paganini May 31, 2024
APT
LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021

A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021. Cisco Talos researchers reported that a previously undocumented ...

Pierluigi Paganini May 31, 2024
Data Breach
BBC disclosed a data breach impacting its Pension Scheme members

The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members. The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files o ...

Pierluigi Paganini May 31, 2024
Security
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the f ...

Pierluigi Paganini May 30, 2024
Malware
Experts found a macOS version of the sophisticated LightSpy spyware

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of ...

Pierluigi Paganini May 30, 2024
Cyber Crime
Operation Endgame, the largest law enforcement operation ever against botnets

An international law enforcement operation, called Operation Endgame targeted multiple botnets and their operators. Between 27 and 29 May 2024, an international law enforcement operation coordinat ...

Pierluigi Paganini May 30, 2024
Cyber Crime
Law enforcement operation dismantled 911 S5 botnet

An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcem ...

Pierluigi Paganini May 30, 2024
Cyber Crime
Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature

Identity and access management firm Okta warns of credential stuffing attacks targeting the Customer Identity Cloud (CIC) feature. Okta warns of credential stuffing attacks targeting its Custome ...

Pierluigi Paganini May 30, 2024
Digital ID
Check Point released hotfix for actively exploited VPN zero-day

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero- ...

Pierluigi Paganini May 29, 2024
Data Breach
ABN Amro discloses data breach following an attack on a third-party provider

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provid ...

Pierluigi Paganini May 29, 2024
Cyber Crime
Christie disclosed a data breach after a RansomHub attack

Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred this month. Auction house Christie’s disclosed a data breach after the ransomware group RansomHub ...

Pierluigi Paganini May 28, 2024
Hacking
Experts released PoC exploit code for RCE in Fortinet SIEM

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at Horizon3's Attack Team released a proof-of-co ...

Pierluigi Paganini May 28, 2024
Malware
WordPress Plugin abused to install e-skimmers in e-commerce sites

Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress ...

Pierluigi Paganini May 28, 2024
Hacking
TP-Link Archer C5400X gaming router is affected by a critical flaw

Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router. Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerabil ...

Pierluigi Paganini May 28, 2024
Data Breach
Sav-Rx data breach impacted over 2.8 million individuals

Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2 ...

Pierluigi Paganini May 27, 2024
Security
The Impact of Remote Work and Cloud Migrations on Security Perimeters

Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. What is the impact? The almost overnight shift to remote work ...

Pierluigi Paganini May 27, 2024
Malware
New ATM Malware family emerged in the threat landscape

Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to ...

Pierluigi Paganini May 27, 2024
Security
A high-severity vulnerability affects Cisco Firepower Management Center

Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software.  Cisco addressed a vulnerability, tracked as CVE-2024-20360 ...

Pierluigi Paganini May 27, 2024
Cyber warfare
CERT-UA warns of malware campaign conducted by threat actor UAC-0006

The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned o ...

Pierluigi Paganini May 26, 2024
Breaking News
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini May 26, 2024
Hacking
Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack

Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for ...

Pierluigi Paganini May 26, 2024
Cyber Crime
Fake AV websites used to distribute info-stealer malware

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advance ...

Pierluigi Paganini May 25, 2024
APT
MITRE December 2023 attack: Threat actors created rogue VMs to evade detection

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update abou ...

Pierluigi Paganini May 25, 2024
Hacking
An XSS flaw in GitLab allows attackers to take over accounts

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked ...

Pierluigi Paganini May 24, 2024
Hacking
Google fixes eighth actively exploited Chrome zero-day this year, the third in a month

Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a n ...

Pierluigi Paganini May 24, 2024
Security
CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog

CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healt ...

Pierluigi Paganini May 24, 2024
Hacking
Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provi ...

Pierluigi Paganini May 24, 2024
Security
Recall feature in Microsoft Copilot+ PCs raises privacy and security concerns

UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user's laptop every few seconds. The UK data watchdog, the Information ...

Pierluigi Paganini May 24, 2024
APT
APT41: The threat of KeyPlug against Italian industries

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware T ...

Pierluigi Paganini May 23, 2024
Security
Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabil ...

Pierluigi Paganini May 23, 2024
APT
Chinese actor 'Unfading Sea Haze' remained undetected for five years

A previously unknown China-linked threat actor dubbed 'Unfading Sea Haze' has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown Ch ...

Pierluigi Paganini May 23, 2024
Uncategorized
A consumer-grade spyware app found in check-in systems of 3 US hotels

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app ...

Pierluigi Paganini May 23, 2024
Security
Critical Veeam Backup Enterprise Manager authentication bypass bug

A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in ...

Pierluigi Paganini May 22, 2024
Cyber Crime
Cybercriminals are targeting elections in India with influence campaigns

Resecurity warns of a surge in malicious cyber activity targeting the election in India, orchestrated by several independent hacktivist groups Resecurity has identified a spike of malicious cyber ...

Pierluigi Paganini May 22, 2024
Hacking
Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentica ...

Pierluigi Paganini May 22, 2024
Data Breach
OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. OmniVision Technologies is a company that specializes in developing advanced digital ...

Pierluigi Paganini May 22, 2024
Security
CISA adds NextGen Healthcare Mirth Connect flaw to its Known Exploited Vulnerabilities catalog

CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini May 21, 2024
Cyber Crime
Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. Atlas is one of the largest national fuel distributors to 49 cont ...

Pierluigi Paganini May 21, 2024
Hacking
Experts warn of a flaw in Fluent Bit utility that is used by major cloud platforms and firms

A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulner ...

Pierluigi Paganini May 21, 2024
Hacking
Experts released PoC exploit code for RCE in QNAP QTS

Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor's NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabili ...

Pierluigi Paganini May 21, 2024
Cyber Crime
GitCaught campaign relies on Github and Filezilla to deliver multiple malware

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future's Insikt Group discovered a sophisticated cy ...

Pierluigi Paganini May 20, 2024
Hacking
Two students uncovered a flaw that allows to use laundry machines for free

Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and ai ...

Pierluigi Paganini May 20, 2024
Malware
Grandoreiro Banking Trojan is back and targets banks worldwide

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan ...

Pierluigi Paganini May 20, 2024
Data Breach
Healthcare firm WebTPA data breach impacted 2.5 million individuals

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare managem ...

Pierluigi Paganini May 19, 2024
Breaking News
Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini May 19, 2024
APT
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.  Symantec researchers observed the North Korea-linked ...

Pierluigi Paganini May 19, 2024
Intelligence
North Korea-linked IT workers infiltrated hundreds of US firms

The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an A ...

Pierluigi Paganini May 18, 2024
APT
Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors na ...

Pierluigi Paganini May 17, 2024
Cyber Crime
City of Wichita disclosed a data breach after the recent ransomware attack

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas's city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware ...

Pierluigi Paganini May 17, 2024
Security
CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

CISA adds two D-Link DIR-600 and DIR-605 router vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the followi ...

Pierluigi Paganini May 17, 2024
Cyber Crime
CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog

CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabil ...

Pierluigi Paganini May 17, 2024
APT
North Korea-linked Kimsuky APT attack targets victims via Messenger

North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genians Security Center (GSC) identified a new at ...

Pierluigi Paganini May 17, 2024
Cyber Crime
Electronic prescription provider MediSecure impacted by a ransomware attack

Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. MediSecure is a company that provides digital health solutions, pa ...

Pierluigi Paganini May 16, 2024
Hacking
Google fixes seventh actively exploited Chrome zero-day this year, the third in a week

Google released security updates to address a new actively exploited Chrome zero-day vulnerability, the third in a week. Google has released a new emergency security update to address a new vulner ...

Pierluigi Paganini May 16, 2024
Data Breach
Santander: a data breach at a third-party provider impacted customers and employees

The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay. The Spanish financial institution Santander revealed a data breac ...

Pierluigi Paganini May 16, 2024
Cyber Crime
FBI seized the notorious BreachForums hacking forum

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purcha ...

Pierluigi Paganini May 15, 2024
Cyber Crime
A Tornado Cash developer has been sentenced to 64 months in prison

One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison. Alexey Pertsev (29), one of the main developers of the Tornado Cash cryptocurrency mixer h ...

Pierluigi Paganini May 15, 2024
Security
Adobe fixed multiple critical flaws in Acrobat and Reader

Adobe addressed multiple code execution vulnerabilities in several products, including Adobe Acrobat and Reader. Adobe addressed multiple code execution vulnerabilities in its products, including ...

Pierluigi Paganini May 15, 2024
Data Breach
Ransomware attack on Singing River Health System impacted 895,000 people

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and ...

Pierluigi Paganini May 15, 2024
Security
Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days

Microsoft Patch Tuesday security updates for May 2024 fixed 59 flaws across various products including an actively exploited zero-day. Microsoft Patch Tuesday security updates for May 2024 address ...

Pierluigi Paganini May 14, 2024
Hacking
VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024

VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024 VMware addressed four vulnerabilities in its Workstatio ...

Pierluigi Paganini May 14, 2024
Security
MITRE released EMB3D Threat Model for embedded devices

The non-profit technology organization MITRE released the EMB3D threat model for embedded devices used in critical infrastructure. MITRE announced the public release of its EMB3D threat model for ...

Pierluigi Paganini May 14, 2024
Hacking
Google fixes sixth actively exploited Chrome zero-day this year

Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulner ...

Pierluigi Paganini May 14, 2024
Malware
Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey's Cybersecurity and Communications Integration Cell (NJCCIC)� ...

Pierluigi Paganini May 14, 2024
Hacking
Threat actors may have exploited a zero-day in older iPhones, Apple warns

Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhon ...

Pierluigi Paganini May 13, 2024
Data Breach
City of Helsinki suffered a data breach

The City of Helsinki suffered a data breach that impacted tens of thousands of students, guardians, and personnel. The Police of Finland is investigating a data breach suffered by the City of Hels ...

Pierluigi Paganini May 13, 2024
Cyber Crime
Russian hackers defaced local British news sites

A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be "first-class ...

Pierluigi Paganini May 13, 2024
Data Breach
Australian Firstmac Limited disclosed a data breach after cyber attack

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders i ...

Pierluigi Paganini May 13, 2024
Hacking
Pro-Russia hackers targeted Kosovo’s government websites

Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government's support to Ukraine with military equipment. Pro-Russia hackers targeted Kosovo government websites, in ...

Pierluigi Paganini May 12, 2024
Breaking News
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini May 12, 2024
Cyber Crime
As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Adv ...

Pierluigi Paganini May 12, 2024
Data Breach
Ohio Lottery data breach impacted over 538,000 individuals

The cyber attack on the Ohio Lottery on Christmas Eve exposed the personal data of over 538,000 individuals. On Christmas Eve, a cyberattack targeting the Ohio Lottery resulted in the exposure of ...

Pierluigi Paganini May 11, 2024
Cyber Crime
Notorius threat actor IntelBroker claims the hack of the Europol

Notorius threat actor IntelBroker claims that Europol has suffered a data breach that exposed FOUO and other classified data. The threat actor IntelBroker announced on the cybercrime forum Breach ...

Pierluigi Paganini May 11, 2024
Hacking
A cyberattack hit the US healthcare giant Ascension

A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country. Ascension is one of the largest private healthcare systems in the Unit ...

Pierluigi Paganini May 11, 2024
Hacking
Google fixes fifth actively exploited Chrome zero-day this year

Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address a zer ...

Pierluigi Paganini May 10, 2024
APT
Russia-linked APT28 targets government Polish institutions

CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale ma ...

Pierluigi Paganini May 10, 2024
Security
Citrix warns customers to update PuTTY version installed on their XenCenter system manually

Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin's private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR ...

Pierluigi Paganini May 10, 2024
Breaking News
Dell discloses data breach impacting millions of customers

Dell disclosed a security breach that exposed millions of customers' names and physical mailing addresses. IT giant Dell suffered a data breach exposing customers’ names and physical addresses, ...

Pierluigi Paganini May 09, 2024
Cyber Crime
Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs

Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting rec ...

Pierluigi Paganini May 09, 2024
Cyber Crime
Zscaler is investigating data breach claims

Cybersecurity firm Zscaler is investigating claims of a data breach after hackers offered access to its network. Cybersecurity firm Zscaler is investigating allegations of a data breach following ...

Pierluigi Paganini May 09, 2024
Security
Experts warn of two BIG-IP Next Central Manager flaws that allow device takeover

Two high-severity vulnerabilities in BIG-IP Next Central Manager can be exploited to gain admin control and create hidden accounts on any managed assets. F5 has addressed two high-severity vulnera ...

Pierluigi Paganini May 09, 2024
Cyber Crime
LockBit gang claimed responsibility for the attack on City of Wichita

The LockBit ransomware group has added the City of Wichita to its Tor leak site and threatened to publish stolen data. Last week, the City of Wichita, Kansas, was the victim of a ransomware attack ...

Pierluigi Paganini May 08, 2024
Hacking
New TunnelVision technique can bypass the VPN encapsulation

TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack ...

Pierluigi Paganini May 08, 2024
Hacking
LiteSpeed Cache WordPress plugin actively exploited in the wild

Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites. WPScan researchers reported that threat actors are exploiting a high- ...

Pierluigi Paganini May 08, 2024
Hacking
Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606

A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. Researchers from Cisco Talos reported a use-after-free vulnerability in ...

Pierluigi Paganini May 08, 2024
Data Breach
UK Ministry of Defense disclosed a third-party data breach exposing military personnel data 

The UK Ministry of Defense disclosed a data breach at a third-party payroll system that exposed data of armed forces personnel and veterans. The UK Ministry of Defense disclosed a data breach impa ...

Pierluigi Paganini May 08, 2024
Cyber Crime
Law enforcement agencies identified LockBit ransomware admin and sanctioned him

The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of the LockBit operation and sanctioned him. The FBI, UK National Crime Agency, and Europol have unmasked the ...

Pierluigi Paganini May 07, 2024
Hacking
MITRE attributes the recent attack to China-linked UNC5221

MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence. MITRE has shared more details on the recent hack, including the new malware ...

Pierluigi Paganini May 07, 2024
Cyber Crime
Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Alexander Vinnik, a Russian operator of virtual currency exchange BTC-e pleaded guilty to participating in a money laundering scheme. Alexander Vinnik, a Russian national, pleaded guilty to conspi ...

Pierluigi Paganini May 07, 2024
Security
City of Wichita hit by a ransomware attack

The City of Wichita in Kansas was forced to shut down its computer systems after a ransomware attack. The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network t ...

Pierluigi Paganini May 06, 2024
Data Breach
El Salvador suffered a massive leak of biometric data

Resecurity found a massive leak involving the exposure of personally identifiable information (PII) of over five million citizens of El Salvador on the Dark Web. Resecurity identified a massive le ...

Pierluigi Paganini May 06, 2024
Malware
Finland authorities warn of Android malware campaign targeting bank users

Finland's Transport and Communications Agency (Traficom) warned about an ongoing Android malware campaign targeting bank accounts. Traficom, Finland's Transport and Communications Agency, issued a ...

Pierluigi Paganini May 06, 2024
Cyber Crime
Ransomware drama: Law enforcement seized Lockbit group's website again

Law enforcement seized the Lockbit group's Tor website again and announced they will reveal more identities of its operators Law enforcement seized the Lockbit group's Tor website again. The autho ...

Pierluigi Paganini May 05, 2024
APT
NATO and the EU formally condemned Russia-linked APT28 cyber espionage

NATO and the European Union formally condemned cyber espionage operations carried out by the Russia-linked APT28 against European countries. NATO and the European Union condemned cyber espionage o ...

Pierluigi Paganini May 05, 2024
Security
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini May 05, 2024
Security
Blackbasta gang claimed responsibility for Synlab Italia attack

The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia. Since April 18, Synlab Italia, a major provider of medical dia ...

Pierluigi Paganini May 04, 2024
Cyber Crime
LockBit published data stolen from Simone Veil hospital in Cannes

LockBit ransomware operators have published sensitive data allegedly stolen from the Simone Veil hospital in Cannes. In April, a cyber attack hit the Hospital Simone Veil in Cannes (CHC-SV), impac ...

Pierluigi Paganini May 03, 2024
APT
Russia-linked APT28 and crooks are still using the Moobot botnet

The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet, called Moobot, used by the ...

Pierluigi Paganini May 03, 2024
Hacking
Dirty stream attack poses billions of Android installs at risk

Microsoft devised an attack technique, dubbed 'Dirty Stream,' impacting widely used Android applications, billions of installations are at risk. Microsoft is warning Android users about a new atta ...

Pierluigi Paganini May 03, 2024
Cyber Crime
ZLoader Malware adds Zeus's anti-analysis feature

Zloader continues to evolve, its authors added an anti-analysis feature that was originally present in the Zeus banking trojan. Zloader (aka Terdot, DELoader, or Silent Night) is a modular trojan ...

Pierluigi Paganini May 03, 2024
Breaking News
Ukrainian REvil gang member sentenced to 13 years in prison

A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities. The Ukrainian national, Yaroslav Vasinskyi (24), aka Rab ...

Pierluigi Paganini May 02, 2024
Security
HPE Aruba Networking addressed four critical ArubaOS RCE flaws

HPE Aruba Networking addressed four critical remote code execution vulnerabilities impacting its ArubaOS network operating system. HPE Aruba Networking released April 2024 security updates that ad ...

Pierluigi Paganini May 02, 2024
Hacking
Threat actors hacked the Dropbox Sign production environment

Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached t ...

Pierluigi Paganini May 02, 2024
Security
CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog

CISA adds GitLab Community and Enterprise Editions improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini May 02, 2024
Data Breach
Panda Restaurant Group disclosed a data breach

Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates' personal information. Panda Restaurant Group disclosed a data breach that occurred in M ...

Pierluigi Paganini May 02, 2024
Intelligence
Ex-NSA employee sentenced to 262 months in prison for attempting to transfer classified documents to Russia

A former U.S. NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia. Jareh Sebastian Dalke (32), of Colorado Springs, is a former emplo ...

Pierluigi Paganini May 01, 2024
Malware
Cuttlefish malware targets enterprise-grade SOHO routers

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Researchers at Lumen’s Black Lotus Labs discovere ...

Pierluigi Paganini May 01, 2024
Security
A flaw in the R programming language could allow code execution

A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files. A vulnerability, tracked as CVE-2024-27322 (CVSS v3: 8.8), ...

Pierluigi Paganini May 01, 2024
APT
Muddling Meerkat, a mysterious DNS Operation involving China's Great Firewall

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophis ...

Pierluigi Paganini May 01, 2024
Cyber Crime
Notorious Finnish Hacker sentenced to more than six years in prison

Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion. A popular 26-year-old Finnish hacker Aleksanteri Kivimäki wa ...

Pierluigi Paganini April 30, 2024
Security
CISA guidelines to protect critical infrastructure against AI-based threats

The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure against AI-based attacks. CISA collaborated with Sector Risk Management Agencies ...

Pierluigi Paganini April 30, 2024
Laws and regulations
NCSC: New UK law bans default passwords on smart devices

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. The U.K. National Cyber Security Centre (NCSC) is urging manuf ...

Pierluigi Paganini April 30, 2024
Laws and regulations
The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

The Federal Communications Commission (FCC) fined the largest U.S. wireless carriers $200 million for sharing customers' real-time location data without consent. The FCC has fined four major U. ...

Pierluigi Paganini April 30, 2024
Mobile
Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023

Google announced they have prevented 2.28 million policy-violating apps from being published in the official Google Play. Google announced that in 2023, they have prevented 2.28 million policy-vio ...

Pierluigi Paganini April 29, 2024
Cyber Crime
Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals

Financial Business and Consumer Solutions (FBCS) suffered a data breach that exposed information 2 million individuals. Debt collection agency Financial Business and Consumer Solutions (FBCS) disc ...

Pierluigi Paganini April 29, 2024
Hacktivism
Cyber-Partisans hacktivists claim to have breached Belarus KGB

A Belarusian group of activist group claims to have infiltrated the network of the country’s main KGB agency. The Belarusian hacktivist group Cyber-Partisans claims to have infiltrated the netwo ...

Pierluigi Paganini April 29, 2024
Data Breach
The Los Angeles County Department of Health Services disclosed a data breach

The Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients' personal and health information. The Los Angeles County Department of Health Service ...

Pierluigi Paganini April 29, 2024
Uncategorized
Multiple Brocade SANnav SAN Management SW flaws allow device compromise

Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances. Multiple vulnerabilities found in the Brocade SANnav storage area ne ...

Pierluigi Paganini April 29, 2024
Security
ICICI Bank exposed credit card data of 17000 customers

ICICI Bank, a major private bank in India, mistakenly exposed the sensitive data of thousands of new credit cards to unintended recipients. ICICI Bank, one of the leading private banks in India, a ...

Pierluigi Paganini April 28, 2024
Hacking
Okta warns of unprecedented scale in credential stuffing attacks on online services

Identity and access management services provider Okta warned of a spike in credential stuffing attacks aimed at online services. In recent weeks, Okta observed a surge in credential stuffing attac ...

Pierluigi Paganini April 28, 2024
Breaking News
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini April 28, 2024
Hacking
Targeted operation against Ukraine exploited 7-year-old MS Office bug

A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike. Security experts at Deep Instinct Threat Lab have uncovered a targeted c ...

Pierluigi Paganini April 28, 2024
Data Breach
Hackers may have accessed thousands of accounts on the California state welfare platform

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedic ...

Pierluigi Paganini April 27, 2024
Malware
Brokewell Android malware supports an extensive set of Device Takeover capabilities

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware n ...

Pierluigi Paganini April 27, 2024
Hacking
Experts warn of an ongoing malware campaign targeting WP-Automatic plugin

A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites WordPress security scanner WPScan warns that threat actors are exploi ...

Pierluigi Paganini April 26, 2024
Cyber Crime
Cryptocurrencies and cybercrime: A critical intermingling

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new ...

Pierluigi Paganini April 26, 2024
Data Breach
Kaiser Permanente data breach may have impacted 13.4 million patients

Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals in the United States. Kaiser Permanente is an American integrated managed care  ...

Pierluigi Paganini April 26, 2024
Hacking
Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug

Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over 1,400 CrushFTP internet-facing servers are vulnerable to attac ...

Pierluigi Paganini April 26, 2024
Cyber Crime
Sweden’s liquor supply severely impacted by ransomware attack on logistics company

A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply.  Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail c ...

Pierluigi Paganini April 26, 2024
Security
CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog

CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following v ...

Pierluigi Paganini April 25, 2024
Hacking
CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-3 ...

Pierluigi Paganini April 25, 2024
Cyber Crime
DOJ arrested the founders of crypto mixer Samourai for facilitating $2 Billion in illegal transactions

The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer Samourai. The U.S. Department of Justice (DoJ) has arrested two co-founders of the cryptocur ...

Pierluigi Paganini April 25, 2024
Security
Google fixed critical Chrome vulnerability CVE-2024-4058

Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine. Google addressed four vulnerabilities in the Chrome web browser, includ ...

Pierluigi Paganini April 25, 2024
APT
Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Cisco Talos warned that the nation-state actor UAT4356 (aka ...

Pierluigi Paganini April 24, 2024
Breaking News
Hackers hijacked the eScan Antivirus update mechanism in malware campaign

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign ...

Pierluigi Paganini April 24, 2024
Cyber warfare
US offers a $10 million reward for information on four Iranian nationals

The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their role in cyberattacks against the U.S.. The U.S. Treasury Department's Office of Foreig ...

Pierluigi Paganini April 24, 2024
Hacking
The street lights in Leicester City cannot be turned off due to a cyber attack

A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted the council's operations The Leicester City Council suffered a cybe ...

Pierluigi Paganini April 24, 2024
APT
North Korea-linked APT groups target South Korean defense contractors

The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities. The National Police Agency in South Korea warns that North Korea-link ...

Pierluigi Paganini April 23, 2024
Laws and regulations
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity

The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the commercial spyware business. The US Department of State is imposing visa restrictions on 13 individ ...

Pierluigi Paganini April 23, 2024
Hacking
A cyber attack paralyzed operations at Synlab Italia

A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical diagnosis services, since April 18. Since April 18, Synlab Italia, a major provider of medical diagno ...

Pierluigi Paganini April 23, 2024
APT
Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “Forest Blizz ...

Pierluigi Paganini April 22, 2024
Cyber Crime
Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations ...

Pierluigi Paganini April 22, 2024
Security
A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites

Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server. Japan's CERT warned that the WordPress plugin Forminator, developed b ...

Pierluigi Paganini April 22, 2024
Cyber Crime
Akira ransomware received $42M in ransom payments from over 250 victims

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. A joint advisory published by CISA, the FBI, Europol, ...

Pierluigi Paganini April 21, 2024
Hacking
DuneQuixote campaign targets the Middle East with a complex backdoor

Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote. Researchers from Kaspersky discovered the DuneQuixote ca ...

Pierluigi Paganini April 21, 2024
Security
Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini April 21, 2024
Hacking
Critical CrushFTP zero-day exploited in attacks in the wild

Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn. CrushFTP is a file transfer server software that enables secure ...

Pierluigi Paganini April 20, 2024
Hacking
A French hospital was forced to reschedule procedures after cyberattack

A French hospital was forced to return to pen and paper and postpone medical treatments after a cyber attack. A cyber attack hit Hospital Simone Veil in Cannes (CHC-SV) on Tuesday, impacting med ...

Pierluigi Paganini April 20, 2024
Security
MITRE revealed that nation-state actors breached its systems via Ivanti zero-days

The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its ...

Pierluigi Paganini April 19, 2024
Security
FBI chief says China is preparing to attack US critical infrastructure

China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher Wray. FBI Director Christopher Wray warned this week that China-linked t ...

Pierluigi Paganini April 19, 2024
Cyber Crime
United Nations Development Programme (UNDP) investigates data breach

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) i ...

Pierluigi Paganini April 19, 2024
Cyber Crime
FIN7 targeted a large U.S. carmaker with phishing attacks

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the thre ...

Pierluigi Paganini April 18, 2024
Hacking
Law enforcement operation dismantled phishing-as-a-service platform LabHost

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordin ...

Pierluigi Paganini April 18, 2024
Hacking
Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapek ...

Pierluigi Paganini April 18, 2024
Hacking
Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available

Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Man ...

Pierluigi Paganini April 18, 2024
Cyber Crime
Linux variant of Cerber ransomware targets Atlassian servers

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical ...

Pierluigi Paganini April 17, 2024
Security
Ivanti fixed two critical flaws in its Avalanche MDM

Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can lead to remote command execution. Ivanti addressed multiple flaws in its Avalanche ...

Pierluigi Paganini April 17, 2024
Hacking
Researchers released exploit code for actively exploited Palo Alto PAN-OS bug

Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks' PAN-OS. Researchers at watchTowr Labs have released a technical analysis of the ...

Pierluigi Paganini April 17, 2024
Hacking
Cisco warns of large-scale brute-force attacks against VPN and SSH services

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.   Cisco Talos researchers wa ...

Pierluigi Paganini April 17, 2024
Security
PuTTY SSH Client flaw allows of private keys recovery

The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys. PuTTY tools from 0.68 to 0.80 inclusive are affected by a ...

Pierluigi Paganini April 16, 2024
Intelligence
A renewed espionage campaign targets South Asia with iOS spyware LightSpy

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign target ...

Pierluigi Paganini April 16, 2024
Intelligence
Misinformation and hacktivist campaigns targeting the Philippines skyrocket

Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024. Amidst rising tensions with China in the South China Se ...

Pierluigi Paganini April 16, 2024
Cyber warfare
Russia is trying to sabotage European railways, Czech minister said

Czech transport minister warned that Russia conducted ‘thousands’ of attempts to sabotage railways, attempting to interfere with train networks and signals. Early this month, the Czech transpo ...

Pierluigi Paganini April 16, 2024
Cyber Crime
Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibil ...

Pierluigi Paganini April 16, 2024
Cyber Crime
Cisco Duo warns telephony supplier data breach exposed MFA SMS logs

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers.  Cisco Duo war ...

Pierluigi Paganini April 15, 2024
Hacking
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that ...

Pierluigi Paganini April 15, 2024
Hacking
CISA adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infras ...

Pierluigi Paganini April 15, 2024
APT
Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor

Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2 ...

Pierluigi Paganini April 15, 2024
Cyber Crime
U.S. and Australian police arrested Firebird RAT author and operator

A joint investigation conducted by U.S. and Australian authorities led to the arrest of two key figures behind the Firebird RAT operation. A joint law enforcement operation conducted by the Austra ...

Pierluigi Paganini April 15, 2024
Cyber Crime
Canadian retail chain Giant Tiger data breach may have impacted millions of customers

A threat actor claimed the hack of the Canadian retail chain Giant Tiger and leaked 2.8 million records on a hacker forum. A threat actor, who goes online with the moniker ShopifyGUY, claimed re ...

Pierluigi Paganini April 14, 2024
Breaking News
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini April 14, 2024
Cyber Crime
Crooks manipulate GitHub's search results to distribute malware

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that threat actors are manipulating GitHub search ...

Pierluigi Paganini April 13, 2024
Security
BatBadBut flaw allowed an attacker to perform command injection on Windows

A critical vulnerability, named ‘BatBadBut’, impacts multiple programming languages, its exploitation can lead to command injection in Windows applications. The cybersecurity researcher RyotaK ...

Pierluigi Paganini April 13, 2024
Data Breach
Roku disclosed a new security breach impacting 576,000 accounts

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat act ...

Pierluigi Paganini April 12, 2024
Cyber Crime
LastPass employee targeted via an audio deepfake call

Crooks targeted a LastPass employee using deepfake technology to impersonate the company's CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate Las ...

Pierluigi Paganini April 12, 2024
Cyber Crime
TA547 targets German organizations with Rhadamanthys malware

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targe ...

Pierluigi Paganini April 12, 2024
Security
CISA adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini April 11, 2024
Data Breach
US CISA published an alert on the Sisense data breach

Business intelligence software company Sisense suffered a cyberattack that may have exposed sensitive information of major enterprises worldwide. Sisense, a business intelligence software company, ...

Pierluigi Paganini April 11, 2024
Security
Palo Alto Networks fixed multiple DoS bugs in its firewalls

Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates ...

Pierluigi Paganini April 11, 2024
Security
Apple warns of mercenary spyware attacks on iPhone users in 92 countries

Apple is warning iPhone users in over 90 countries of targeted mercenary spyware attacks, Reuters agency reported. Apple is alerting iPhone users in 92 countries about mercenary spyware attacks, r ...

Pierluigi Paganini April 11, 2024
Security
Microsoft fixed two zero-day bugs exploited in malware attacks

Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware Microsoft addressed two zero-day vulnerabilities, tracke ...

Pierluigi Paganini April 11, 2024
Data Breach
Group Health Cooperative data breach impacted 530,000 individuals

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-prof ...

Pierluigi Paganini April 10, 2024
Data Breach
AT&T states that the data breach impacted 51 million former and current customers

AT&T confirmed that the data breach impacted 51 million former and current customers and is notifying them. AT&T revealed that the recently disclosed data breach impacts more than 51 milli ...

Pierluigi Paganini April 10, 2024
Security
Fortinet fixed a critical remote code execution bug in FortiClientLinux

Fortinet addressed multiple issues in FortiOS and other products, including a critical remote code execution flaw in FortiClientLinux. Fortinet fixed a dozen vulnerabilities in multiple products, ...

Pierluigi Paganini April 10, 2024
Breaking News
Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Microsoft Patches Tuesday security updates for April 2024 addressed three Critical vulnerabilities, none actively exploited in the wild. Microsoft Patches Tuesday security updates for April 2024 a ...

Pierluigi Paganini April 10, 2024
Uncategorized
Cybersecurity in the Evolving Threat Landscape

As technology evolves and our dependence on digital systems increases, the cybersecurity threat landscape also rapidly changes, posing fresh challenges for organizations striving to protect their ass ...

Pierluigi Paganini April 10, 2024
Hacking
Over 91,000 LG smart TVs running webOS are vulnerable to hacking

Researchers found multiple vulnerabilities in LG webOS running on smart TVs that could allow attackers to gain root access to the devices. Bitdefender researchers discovered multiple vulnerabiliti ...

Pierluigi Paganini April 09, 2024
Cyber Crime
ScrubCrypt used to drop VenomRAT along with many malicious plugins

Researchers discovered a sophisticated multi-stage attack that leverages ScrubCrypt to drop VenomRAT along with many malicious plugins. Fortinet researchers observed a threat actor sending out a p ...

Pierluigi Paganini April 09, 2024
Security
Google announces V8 Sandbox to protect Chrome users

Google announced support for a V8 Sandbox in the Chrome web browser to protect users from exploits triggering memory corruption issues. Google has announced support for what's called a V8 Sandb ...

Pierluigi Paganini April 09, 2024
Security
China is using generative AI to carry out influence operations

China-linked threat actors are using AI to carry out influence operations aimed at fueling social disorders in the U.S. and Taiwan. China is using generative artificial intelligence to carry out ...

Pierluigi Paganini April 09, 2024
Data Breach
Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Greylock McKinnon Associates, a service provider for the Department of Justice, suffered a data breach that exposed data of 341650 people. Greylock McKinnon Associates (GMA) provides expert econom ...

Pierluigi Paganini April 08, 2024
Hacking
Crowdfense is offering a larger 30M USD exploit acquisition program

Zero-day broker firm Crowdfense announced a 30 million USD offer as part of its Exploit Acquisition Program. Crowdfense is a world-leading research hub and acquisition platform focused on high-qua ...

Pierluigi Paganini April 08, 2024
Hacking
U.S. Department of Health warns of attacks against IT help desks

The U.S. Department of Health and Human Services (HHS) warns of attacks against IT help desks across the Healthcare and Public Health (HPH) sector. The U.S. Department of Health and Human Services ...

Pierluigi Paganini April 08, 2024
Breaking News
Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini April 07, 2024
Hacking
Over 92,000 Internet-facing D-Link NAS devices can be easily hacked

A researcher disclosed an arbitrary command injection and hardcoded backdoor issue in multiple end-of-life D-Link NAS models. A researcher who goes online with the moniker 'Netsecfish' disclosed a ...

Pierluigi Paganini April 07, 2024
Security
More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Experts warn of roughly 16,500 Ivanti Connect Secure and Poly Secure gateways still vulnerable to a remote code execution (RCE) flaw. Shadowserver researchers reported that roughly 16,500 Ivanti C ...

Pierluigi Paganini April 06, 2024
Security
Cisco warns of XSS flaw in end-of-life small business routers

Cisco warns customers of Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site scripting flaw. Cisco warns of a Small Business RV016, RV042, RV042G, RV082, RV320, and RV3 ...

Pierluigi Paganini April 06, 2024
Hacking
Magento flaw exploited to deploy persistent backdoor hidden in XML

Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores. Sansec researchers observed threat actors are exploiting the recently discl ...

Pierluigi Paganini April 05, 2024
Cyber Crime
Cyberattack disrupted services at Omni Hotels & Resorts

US hotel chain Omni Hotels & Resorts suffered a cyber attack that forced the company to shut down its systems. A cyberattack hit Omni Hotels & Resorts disrupting its services and forcing t ...

Pierluigi Paganini April 05, 2024
Security
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks

HTTP/2 CONTINUATION Flood: Researchers warn of a new HTTP/2 vulnerability that can be exploited to conduct powerful denial-of-service (DoS) attacks. HTTP messages can contain named fields in both ...

Pierluigi Paganini April 05, 2024
Data Breach
US cancer center City of Hope: data breach impacted 827149 individuals

US cancer center City of Hope suffered a data breach that impacted 800,000 individuals, personal and health information was compromised. City of Hope is a renowned cancer research and treatment ce ...

Pierluigi Paganini April 04, 2024
Security
Ivanti fixed for 4 new issues in Connect Secure and Policy Secure

Ivanti addressed four flaws impacting Connect Secure and Policy Secure Gateways that could lead to code execution and denial-of-service (DoS) condition. Ivanti has released security updates to add ...

Pierluigi Paganini April 04, 2024
Cyber Crime
Jackson County, Missouri, discloses a ransomware attack

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. The County Execu ...

Pierluigi Paganini April 04, 2024
Hacking
Google addressed another Chrome zero-day exploited at Pwn2Own in March

Google fixed another Chrome zero-day vulnerability exploited during the Pwn2Own hacking competition in March. Google has addressed another zero-day vulnerability in the Chrome browser, tracked as ...

Pierluigi Paganini April 03, 2024
Malware
The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

Resecurity researchers warn that a new Version of JsOutProx is targeting financial institutions in APAC and MENA via Gitlab abuse. Resecurity has detected a new version of JSOutProx, which is targ ...

Pierluigi Paganini April 03, 2024
Security
Google fixed two actively exploited Pixel vulnerabilities

Google addressed several vulnerabilities in Android and Pixel devices, including two actively exploited flaws. Google addressed 28 vulnerabilities in Android and 25 flaws in Pixel devices. Two iss ...

Pierluigi Paganini April 03, 2024
Data Breach
Highly sensitive files mysteriously disappeared from EUROPOL headquarters

Serious security breach hits EU police agency A batch of highly sensitive files containing the personal information of top Europol executives mysteriously disappeared last summer The website Po ...

Pierluigi Paganini April 03, 2024
Hacking
XSS flaw in WordPress WP-Members Plugin can lead to script injection

A cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defiant’s Wordfence research team disclosed a cr ...

Pierluigi Paganini April 02, 2024
Security
Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in ...

Pierluigi Paganini April 02, 2024
Laws and regulations
Google agreed to erase billions of browser records to settle a class action lawsuit

Google is going to delete data records related to the 'Incognito Mode' browsing activity to settle a class action lawsuit. Google has agreed to delete billions of data records related to users' br ...

Pierluigi Paganini April 02, 2024
Data Breach
PandaBuy data breach allegedly impacted over 1.3 million customers

Threat actors claimed the hack of the PandaBuy online shopping platform and leaked data belonging to more than 1.3 million customers. At least two threat actors claimed the hack of the PandaBuy on ...

Pierluigi Paganini April 02, 2024
Data Breach
OWASP discloses a data breach

The OWASP Foundation disclosed a data breach that impacted some members due to a misconfiguration of an old Wiki web server. The OWASP Foundation has disclosed a data breach that impacted some of ...

Pierluigi Paganini April 01, 2024
Malware
New Vultur malware version includes enhanced remote control and evasion capabilities

Researchers detected a new version of the Vultur banking trojan for Android with enhanced remote control and evasion capabilities. Researchers from NCC Group discovered a new version of the Vultur ...

Pierluigi Paganini April 01, 2024
Cyber warfare
Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy

The US government announced establishing the Office of the Assistant Secretary of Defense for Cyber Policy. The US Defense Department announced establishing the Office of the Assistant Secretary o ...

Pierluigi Paganini April 01, 2024
Malware
Info stealer attacks target macOS users

Experts warn of info stealer malware, including Atomic Stealer, targeting Apple macOS users via malicious ads and rogue websites. Jamf Threat Labs researchers analyzed info stealer malware attack ...

Pierluigi Paganini April 01, 2024
Breaking News
Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini March 31, 2024
Malware
DinodasRAT Linux variant targets users worldwide

A Linux variant of the DinodasRAT backdoor used in attacks against users in China, Taiwan, Turkey, and Uzbekistan, researchers from Kaspersky warn. Researchers from Kaspersky uncovered a Linux ...

Pierluigi Paganini March 31, 2024
Data Breach
AT&T confirmed that a data breach impacted 73 million customers

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In March 2024, more than 70,000,000 records from an unspeci ...

Pierluigi Paganini March 31, 2024
Malware
Expert found a backdoor in XZ tools used many Linux distributions

Red Hat warns of a backdoor in XZ Utils data compression tools and libraries in Fedora development and experimental versions. Red Hat urges users to immediately stop using systems running Fedora ...

Pierluigi Paganini March 30, 2024
Security
German BSI warns of 17,000 unpatched Microsoft Exchange servers

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The German Federal Office for Information Se ...

Pierluigi Paganini March 30, 2024
Hacking
Cisco warns of password-spraying attacks targeting Secure Firewall devices

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying att ...

Pierluigi Paganini March 29, 2024
Data Breach
American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data. Hot Topic, Inc. is an American fast-fashion company specializing in counte ...

Pierluigi Paganini March 29, 2024
Security
Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to trigger a denial-of-service (DoS) condition. Cisco this week released patches to address multiple IOS a ...

Pierluigi Paganini March 28, 2024
Hacking
Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. Google's Threat Analysis Group (TAG) and its subsidiary Man ...

Pierluigi Paganini March 28, 2024
Security
Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during the Pwn2Own Vancouver 2024. Google addressed several vulnerabilities in the Chrome web br ...

Pierluigi Paganini March 28, 2024
Security
CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. The U.S. Cybers ...

Pierluigi Paganini March 27, 2024
Security
The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build a real-time data defense. In cybersecurity, and in life, by the time you find out that something went w ...

Pierluigi Paganini March 27, 2024
APT
Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to the China-linked group APT31. The Finnish Police attributed the March 2021 attack on the parliament t ...

Pierluigi Paganini March 27, 2024
Malware
TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an ...

Pierluigi Paganini March 26, 2024
APT
UK, New Zealand against China-linked cyber operations

UK, Australia and New Zealand are accusing China-linked threat actors of cyber operations against UK institutions and parliamentarians. GCHQ’s National Cyber Security Centre believes that China- ...

Pierluigi Paganini March 26, 2024
APT
US Treasury Dep announced sanctions against members of China-linked APT31

The US Treasury Department announced sanctions on two APT31 Chinese hackers linked to attacks against organizations in the US critical infrastructure sector. The US government announced sanctions ...

Pierluigi Paganini March 26, 2024
Security
CISA adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybers ...

Pierluigi Paganini March 25, 2024
APT
Iran-Linked APT TA450 embeds malicious links in PDF attachments

In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera. Proofpoint researchers observed the Iran-linked APT group Mudd ...

Pierluigi Paganini March 25, 2024
Cyber Crime
StrelaStealer targeted over 100 organizations across the EU and US

Researchers reported that over 100 organizations in Europe and US were targeted by a wave of large-scale StrelaStealer campaigns Palo Alto Networks' Unit42 spotted a wave of large-scale StrelaStea ...

Pierluigi Paganini March 25, 2024
Hacking
GoFetch side-channel attack against Apple systems allows secret keys extraction

Researchers demonstrated a new side-channel attack, named GoFetch, against Apple CPUs that could allow an attacker to obtain secret keys. A team of researchers from several US universities demonst ...

Pierluigi Paganini March 25, 2024
Breaking News
Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini March 24, 2024
Cyber Crime
Cybercriminals Accelerate Online Scams During Ramadan and Eid Fitr

During the month of Ramadan, Resecurity observed a significant increase in fraudulent activities and scams. During the month of Ramadan, Resecurity observed a significant increase in fraudulent ac ...

Pierluigi Paganini March 24, 2024
APT
Russia-linked APT29 targeted German political parties with WINELOADER backdoor

Russia-linked threat actors employ the WINELOADER backdoor in recent attacks targeting German political parties. In late February, Mandiant researchers spotted the Russia-linked group APT29 using ...

Pierluigi Paganini March 23, 2024
Hacking
Mozilla fixed Firefox zero-days exploited at Pwn2Own Vancouver 2024

Mozilla addressed two Firefox zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2024 hacking competition. Mozilla has done an amazing job addressing two zero-day vulnerabilities in t ...

Pierluigi Paganini March 23, 2024
Hacking
Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1 ...

Pierluigi Paganini March 23, 2024
Cyber Crime
German police seized the darknet marketplace Nemesis Market

The German police seized the infrastructure of the darknet marketplace Nemesis Market disrupting its operation. An operation conducted by the Federal Criminal Police Office in Germany (BKA) and th ...

Pierluigi Paganini March 23, 2024
Hacking
Unsaflok flaws allow to open millions of doors using Dormakaba Saflok electronic locks

A flaw in Dormakaba Saflok electronic locks, dubbed Unsaflok, can allow threat actors to open millions of doors worldwide. Researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly ...

Pierluigi Paganini March 22, 2024
Hacking
Pwn2Own Vancouver 2024: participants earned $1,132,500 for 29 unique 0-days

Pwn2Own Vancouver 2024 hacking competition has ended, and participants earned $1,132,500 for demonstrating 29 unique zero-days. Trend Micro’s Zero Day Initiative (ZDI) announced that participant ...

Pierluigi Paganini March 22, 2024
Hacking
Critical Fortinet's FortiClient EMS flaw actively exploited in the wild

Researchers released a PoC exploit for a critical flaw in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is actively exploited. Security researchers at Horizon3 have rel ...

Pierluigi Paganini March 21, 2024
Hacking
Pwn2Own Vancouver 2024 Day 1 - team Synacktiv hacked a Tesla

Participants earned $732,500 on the first day of the Pwn2Own Vancouver 2024 hacking competition, a team demonstrated a Tesla hack. Participants earned $732,000 on the first day of the Pwn2Own Vanc ...

Pierluigi Paganini March 21, 2024
Hacking
New Loop DoS attack may target 300,000 vulnerable hosts

Boffins devised a new application-layer loop DoS attack based on the UDP protocol that impacts major vendors, including Broadcom, Microsoft and MikroTik. Researchers from the CISPA Helmholtz Cente ...

Pierluigi Paganini March 21, 2024
Security
Critical flaw in Atlassian Bamboo Data Center and Server must be fixed immediately

Atlassian fixed tens of vulnerabilities in Bamboo, Bitbucket, Confluence, and Jira products, including a critical flaw that can be very dangerous. Atlassian addressed multiple vulnerabilities in i ...

Pierluigi Paganini March 20, 2024
Breaking News
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware

Multiple threat actors are exploiting the recently disclosed JetBrains TeamCity flaw CVE-2024-27198 in attacks in the wild. Trend Micro researchers are exploiting the recently disclosed vulnerabil ...

Pierluigi Paganini March 20, 2024
Hacking
BunnyLoader 3.0 surfaces in the threat landscape

Researchers found a new variant of the BunnyLoader malware with a modular structure and new evasion capabilities. In October 2023, Zscaler ThreatLabz researchers discovered a new malware ...

Pierluigi Paganini March 20, 2024
Hacking
Pokemon Company resets some users' passwords

The Pokemon Company resets some users' passwords in response to hacking attempts against some of its users. The Pokemon Company announced it had reset the passwords for some accounts after it had ...

Pierluigi Paganini March 20, 2024
Cyber Crime
Ukraine cyber police arrested crooks selling 100 million compromised accounts

Ukraine cyber police, along with the national police, arrested three hackers attempting to sell 100 million compromised emails and Instagram accounts. The Ukraine cyber police and the national pol ...

Pierluigi Paganini March 19, 2024
Cyber warfare
New AcidPour wiper targets Linux x86 devices. Is it a Russia's weapon?

A new variant of the Russia-linked wiper AcidRain, tracked as AcidPour, was spotted targeting Linux x86 devices. A new variant of a data wiper AcidRain, tracked as AcidPour, is specifically design ...

Pierluigi Paganini March 19, 2024
Hacking
Players hacked during the matches of Apex Legends Global Series. Tournament suspended

On Sunday, two competitive esports players were hacked while participating at the Apex Legends Global Series tournament. Electronic Arts postponed the North American (NA) finals of the Apex ...

Pierluigi Paganini March 19, 2024
APT
Earth Krahang APT breached tens of government organizations worldwide

Trend Micro uncovered a sophisticated campaign conducted by Earth Krahang APT group that breached 70 organizations worldwide. Trend Micro researchers uncovered a sophisticated campaign conducted b ...

Pierluigi Paganini March 19, 2024
Hacking
PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released

Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE- ...

Pierluigi Paganini March 18, 2024
Hacking
Fujitsu suffered a malware attack and probably a data breach

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered ...

Pierluigi Paganini March 18, 2024
Hacking
Remove WordPress miniOrange plugins, a critical flaw can allow site takeover

A critical vulnerability in WordPress miniOrange's Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a su ...

Pierluigi Paganini March 18, 2024
Uncategorized
The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats

Resecurity reported about the increasing wave of cyber incidents targeting the aerospace and aviation sectors. The experts emphasized the importance of rigorous cybersecurity risk assessments for ...

Pierluigi Paganini March 18, 2024
Hacking
Email accounts of the International Monetary Fund compromised

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security brea ...

Pierluigi Paganini March 18, 2024
Data Breach
Threat actors leaked 70,000,000+ records allegedly stolen from AT&T

Researchers at vx-underground first noticed that more than 70,000,000 records from AT&T were leaked on the Breached hacking forum. More than 70,000,000 records from an unspecified division of ...

Pierluigi Paganini March 17, 2024
Hacking
“gitgub” malware campaign targets Github users with RisePro info-stealer

Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. G-Data researchers found at least 13 such Github reposito ...

Pierluigi Paganini March 17, 2024
Breaking News
Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini March 17, 2024
Data Breach
France Travail data breach impacted 43 Million people

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered ...

Pierluigi Paganini March 16, 2024
Cyber Crime
Scranton School District in Pennsylvania suffered a ransomware attack

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, r ...

Pierluigi Paganini March 16, 2024
Breaking News
Lazarus APT group returned to Tornado Cash to launder stolen funds

North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million.  North Korea-linked Lazarus APT group allegedly has reportedly resumed using the ...

Pierluigi Paganini March 16, 2024
Cyber Crime
Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. U.S. District Court sentenced the Moldovan national (31) Sandu Boris Diaco ...

Pierluigi Paganini March 15, 2024
Cyber warfare
UK Defence Secretary jet hit by an electronic warfare attack in Poland

Russian hackers have knocked down the GPS and communications of Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet with electronic warfare attack. Defence Secretary Grant Shapps RAF Dassau ...

Pierluigi Paganini March 15, 2024
Security
Cisco fixed high-severity elevation of privilege and DoS bugs

Cisco this week addressed high-severity elevation of privilege and denial-of-service (DoS) vulnerabilities in IOS RX software. Cisco addressed multiple vulnerabilities in IOS RX software, includin ...

Pierluigi Paganini March 14, 2024
Malware
Recent DarkGate campaign exploited Microsoft Windows zero-day

Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGat ...

Pierluigi Paganini March 14, 2024
Data Breach
Nissan Oceania data breach impacted roughly 100,000 people

The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced i ...

Pierluigi Paganini March 14, 2024
Hacking
Researchers found multiple flaws in ChatGPT plugins

Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of ...

Pierluigi Paganini March 14, 2024
Security
Fortinet fixes critical bugs in FortiOS, FortiProxy, and FortiClientEMS

Fortinet released security updates to address critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. Fortinet this week has released security updates to fix critical c ...

Pierluigi Paganini March 13, 2024
Data Breach
Acer Philippines disclosed a data breach after a third-party vendor hack

Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. Acer Philippines confirmed that employee data was compromised in an attack targeting a ...

Pierluigi Paganini March 13, 2024
Cyber Crime
Stanford University announced that 27,000 individuals were impacted in the 2023 ransomware attack

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomwa ...

Pierluigi Paganini March 13, 2024
Security
Microsoft Patch Tuesday security updates for March 2024 fixed 59 flaws

Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 ...

Pierluigi Paganini March 12, 2024
Intelligence
Russia's Foreign Intelligence Service (SVR) alleges US is plotting to interfere in presidential election

Russia’s Foreign Intelligence Service (SVR) claims that the US intelligence plans to interfere with its presidential election. Russia's Foreign Intelligence Service (SVR) alleges that the US is ...

Pierluigi Paganini March 12, 2024
Breaking News
First-ever South Korean national detained for espionage in Russia

Russian authorities have detained a South Korean national on cyber espionage charges, it is the first time for a Korean citizen. Russian authorities have arrested a South Korean citizen on charges ...

Pierluigi Paganini March 12, 2024
Cyber Crime
Insurance scams via QR codes: how to recognise and defend yourself

Threat actors can abuse QR codes to carry out sophisticated scams, as reported by the Italian Postal Police in its recent alert. As is well known, QR codes are two-dimensional barcodes that can be ...

Pierluigi Paganini March 12, 2024
Hacking
Massive cyberattacks hit French government agencies

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. "Several "intense" cyberattacks targeted multiple French government agencies ...

Pierluigi Paganini March 11, 2024
Hacking
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack ...

Pierluigi Paganini March 11, 2024
Hacking
Experts released PoC exploit for critical Progress Software OpenEdge bug

Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have pub ...

Pierluigi Paganini March 11, 2024
Cyber Crime
Magnet Goblin group used a new Linux variant of NerbianRAT malware

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. A financially motivated threat actor named Magnet Goblin made ...

Pierluigi Paganini March 11, 2024
Hacking
Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites

Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada ...

Pierluigi Paganini March 11, 2024
Intelligence
Lithuania security services warn of China's espionage against the country

A report published by Lithuanian security services warned that China has escalated its espionage operations against Lithuania. A report released by Lithuanian security services has cautioned that ...

Pierluigi Paganini March 10, 2024
Breaking News
Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini March 10, 2024
Hacking
Threat actors breached two crucial systems of the US CISA

Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency wa ...

Pierluigi Paganini March 09, 2024
Security
CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a JetBrains TeamCity vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini March 09, 2024
Hacking
Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices

Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remot ...

Pierluigi Paganini March 09, 2024
Internet of Things
QNAP fixed three flaws in its NAS devices, including an authentication bypass

QNAP addressed three vulnerabilities in its NAS products that can be exploited to access devices. QNAP addressed three vulnerabilities in Network Attached Storage (NAS) devices that can be exploit ...

Pierluigi Paganini March 08, 2024
Hacking
Russia-linked Midnight Blizzard breached Microsoft systems again

Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the comp ...

Pierluigi Paganini March 08, 2024
Security
Cisco addressed severe flaws in its Secure Client

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two hig ...

Pierluigi Paganini March 08, 2024
Data Breach
Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) publis ...

Pierluigi Paganini March 08, 2024
Cyber Crime
2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI's Internet Crime Co ...

Pierluigi Paganini March 07, 2024
Cyber warfare
National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

The national intelligence agency of Moldova warns of hybrid attacks from Russia ahead of the upcoming elections. The Moldovan national intelligence agency warns of hybrid attacks from Russia ahead ...

Pierluigi Paganini March 07, 2024
Security
CISA adds Apple iOS and iPadOS memory corruption bugs to its Known Exploited Vulnerabilities Catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS memory corruption vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and ...

Pierluigi Paganini March 07, 2024
Hacking
Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers

A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign target ...

Pierluigi Paganini March 07, 2024
Breaking News
CISA ADDS ANDROID PIXEL AND SUNHILLO SURELINE BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel and Sunhillo SureLine vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ...

Pierluigi Paganini March 06, 2024
Cyber Crime
Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec and Stormous ransomware gang are jointly conducting a ransomware cam ...

Pierluigi Paganini March 06, 2024
Cyber Crime
LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage

The wide torrent-based accessibility of these leaked victim files ensures the longevity of LockBit 3.0’s harmful impact. While embattled ransomware gang LockBit 3.0 fights for its survival follo ...

Pierluigi Paganini March 06, 2024
Hacking
Apple emergency security updates fix two new iOS zero-days

Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address ...

Pierluigi Paganini March 05, 2024
Security
VMware urgent updates addressed Critical ESXi Sandbox Escape bugs

VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent up ...

Pierluigi Paganini March 05, 2024
Laws and regulations
US Gov sanctioned Intellexa Consortium individuals and entities behind Predator spyware attacks

The U.S. government sanctioned two individuals and five entities linked to the development and distribution of the Predator spyware used to target Americans. Today, the Department of the Treasury� ...

Pierluigi Paganini March 05, 2024
Hacking
CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini March 05, 2024
Security
Experts disclosed two severe flaws in JetBrains TeamCity On-Premises software

Two new security flaws in JetBrains TeamCity On-Premises software can allow attackers to take over affected systems. Rapid7 researchers disclosed two new critical security vulnerabilities, tracked ...

Pierluigi Paganini March 05, 2024
Cyber warfare
Ukraine's GUR hacked the Russian Ministry of Defense

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Def ...

Pierluigi Paganini March 05, 2024
Data Breach
Some American Express customers' data exposed in a third-party data breach

American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that thei ...

Pierluigi Paganini March 04, 2024
Social Networks
META hit with privacy complaints by EU consumer groups

This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanctio ...

Pierluigi Paganini March 04, 2024
Hacking
New GTPDOOR backdoor is designed to target telecom carrier networks

Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux ...

Pierluigi Paganini March 04, 2024
Data Breach
Threat actors hacked Taiwan-based Chunghwa Telecom

Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company, Ltd. (literally Chinese Te ...

Pierluigi Paganini March 04, 2024
Malware
New Linux variant of BIFROSE RAT uses deceptive domain strategies

A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifro ...

Pierluigi Paganini March 04, 2024
Hacking
Eken camera doorbells allow ill-intentioned individuals to spy on you

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe ...

Pierluigi Paganini March 03, 2024
Breaking News
Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini March 03, 2024
Security
U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO G ...

Pierluigi Paganini March 03, 2024
Hacking
U.S. authorities charged an Iranian national for long-running hacking campaign

The U.S. DoJ charged Iranian national Alireza Shafie Nasab for his role in attacks targeting U.S. government and defense entities. The U.S. Department of Justice (DoJ) charged Iranian national Ali ...

Pierluigi Paganini March 02, 2024
Cyber Crime
US cyber and law enforcement agencies warn of Phobos ransomware attacks

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber se ...

Pierluigi Paganini March 02, 2024
Cyber Crime
Police seized Crimemarket, the largest German-speaking cybercrime marketplace

German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforc ...

Pierluigi Paganini March 01, 2024
Hacking
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws

The Five Eyes alliance warns of threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. The Five Eyes intelligence alliance issued a joint cyberse ...

Pierluigi Paganini March 01, 2024
Cyber Crime
Crooks stole €15 Million from European retail company Pepco

Crooks stole €15.5 million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been t ...

Pierluigi Paganini March 01, 2024
Security
CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini March 01, 2024
Hacking
Researchers found a zero-click Facebook account takeover

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed att ...

Pierluigi Paganini February 29, 2024
APT
New SPIKEDWINE APT group is targeting officials in Europe

A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously un ...

Pierluigi Paganini February 29, 2024
Cyber Crime
Is the LockBit gang resuming its operation?

Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully r ...

Pierluigi Paganini February 29, 2024
APT
Lazarus APT exploited zero-day in Windows driver to gain kernel privileges

North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked La ...

Pierluigi Paganini February 29, 2024
Data Breach
Pharmaceutical giant Cencora discloses a data breach

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberat ...

Pierluigi Paganini February 28, 2024
Hacking
Unmasking 2024's Email Security Landscape

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming ...

Pierluigi Paganini February 28, 2024
Cyber Crime
FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

The FBI, CISA, and the Department of HHS warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. A cybersecurity alert published by the FBI, CISA, and the Department of ...

Pierluigi Paganini February 28, 2024
Breaking News
Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (N ...

Pierluigi Paganini February 28, 2024
Cyber Crime
Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs

New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recen ...

Pierluigi Paganini February 27, 2024
Hacking
XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk

Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerabilit ...

Pierluigi Paganini February 27, 2024
Breaking News
Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini February 25, 2024
Cyber Crime
US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

U.S. government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. The U.S. Department of Stat ...

Pierluigi Paganini February 21, 2024
Malware
New Redis miner Migo uses novel system weakening techniques

A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis serve ...

Pierluigi Paganini February 21, 2024
Security
Critical flaw found in deprecated VMware EAP. Uninstall it immediately

VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated E ...

Pierluigi Paganini February 21, 2024
Hacking
Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers

Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The vulnerability CVE-2024-21410 is a bypass vulnerabili ...

Pierluigi Paganini February 21, 2024
Security
ConnectWise fixed critical flaws in ScreenConnect remote access tool

ConnectWise addressed two critical vulnerabilities in its ScreenConnect remote desktop access product and urges customers to install the patches asap. ConnectWise warns of the following two critic ...

Pierluigi Paganini February 20, 2024
Cyber Crime
More details about Operation Cronos that disrupted Lockbit operation

Law enforcement provided additional details about the international Operation Cronos that led to the disruption of the Lockbit ransomware operation. Yesterday, a joint law enforcement action, code ...

Pierluigi Paganini February 20, 2024
Hacking
Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pil ...

Pierluigi Paganini February 20, 2024
Cyber Crime
Operation Cronos: law enforcement disrupted the LockBit operation

An international law enforcement operation codenamed 'Operation Cronos' led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, con ...

Pierluigi Paganini February 19, 2024
Cyber Crime
A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

The Raccoon Infostealer operator, Mark Sokolovsky, was extradited to the US from the Netherlands to appear in a US court. In October 2020, the US Justice Department charged a Ukrainian national, M ...

Pierluigi Paganini February 19, 2024
APT
Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group id ...

Pierluigi Paganini February 19, 2024
Cyber Crime
How BRICS Got "Rug Pulled" – Cryptocurrency Counterfeiting is on the Rise

Resecurity has identified an increasing trend of cryptocurrency counterfeiting, the experts found several tokens impersonating major brands, government organizations and national fiat currencies. ...

Pierluigi Paganini February 19, 2024
Security
SolarWinds addressed critical RCEs in Access Rights Manager (ARM)

SolarWinds addressed three critical vulnerabilities in its Access Rights Manager (ARM) solution, including two RCE bugs. SolarWinds has fixed several Remote Code Execution (RCE) vulnerabilities in ...

Pierluigi Paganini February 19, 2024
Breaking News
ESET fixed high-severity local privilege escalation bug in Windows products

Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution. ESET addressed a high-severity vulnerability, tracked as CVE-2024-0353 ...

Pierluigi Paganini February 18, 2024
Breaking News
Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini February 18, 2024
Cyber Crime
Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

A Ukrainian national pleaded guilty to his role in the Zeus and IcedID operations, which caused tens of millions of dollars in losses. Ukrainian national Vyacheslav Igorevich Penchukov has pleaded ...

Pierluigi Paganini February 17, 2024
Cyber Crime
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) in attacks in the wild. This week the U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini February 17, 2024
Security
CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...

Pierluigi Paganini February 16, 2024
Cyber Crime
US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders

The U.S. government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. The U.S. Department of State is ...

Pierluigi Paganini February 16, 2024
Hacking
U.S. CISA: hackers breached a state government organization

U.S. CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini February 16, 2024
APT
Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs

Russia-linked APT group Turla has been spotted targeting Polish non-governmental organizations (NGO) with a new backdoor dubbed TinyTurla-NG. Russia-linked cyberespionage group Turla has been spo ...

Pierluigi Paganini February 16, 2024
Cyber Crime
US Gov dismantled the Moobot botnet controlled by Russia-linked APT28

The US authorities dismantled the Moobot botnet, which was controlled by the Russia-linked cyberespionage group APT28. A court order allowed US authorities to neutralize the Moobot botnet, a netwo ...

Pierluigi Paganini February 15, 2024
Hacking
A cyberattack halted operations at Varta production plants

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber atta ...

Pierluigi Paganini February 15, 2024
APT
North Korea-linked actors breached the emails of a Presidential Office member

The office of South Korean President Yoon Suk Yeol said that North Korea-linked actors breached the personal emails of one of his staff members. The office of South Korean President Yoon Suk Yeol ...

Pierluigi Paganini February 15, 2024
Hacking
CISA adds Microsoft Windows bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds 2 Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...

Pierluigi Paganini February 15, 2024
APT
Nation-state actors are using AI services and LLMs for cyberattacks

Microsoft and OpenAI warn that nation-state actors are using ChatGPT to automate some phases of their attack chains, including target reconnaissance and social engineering attacks. Multiple nation ...

Pierluigi Paganini February 15, 2024
Security
Abusing the Ubuntu 'command-not-found' utility to install malicious packages

Researchers reported that attackers can exploit the 'command-not-found' utility to trick users into installing rogue packages on Ubuntu systems. Cybersecurity researchers from cloud security firm ...

Pierluigi Paganini February 14, 2024
Security
Zoom fixed critical flaw CVE-2024-24691 in Windows software

Zoom addressed seven vulnerabilities in its desktop and mobile applications, including a critical flaw (CVE-2024-24691) affecting the Windows software. The popular Video messaging giant Zoom relea ...

Pierluigi Paganini February 14, 2024
Security
Adobe Patch Tuesday fixed critical vulnerabilities in Magento, Acrobat and Reader

Adobe Patch Tuesday security updates for February 2024 addressed more than 30 vulnerabilities in multiple products, including critical issues. Adobe Patch Tuesday security updates released by Adob ...

Pierluigi Paganini February 14, 2024
Security
Microsoft Patch Tuesday for February 2024 fixed 2 actively exploited 0-days

Microsoft Patch Tuesday security updates for February 2024 addressed 72 flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 2024 resolved ...

Pierluigi Paganini February 14, 2024
Cyber Crime
A ransomware attack took 100 Romanian hospitals down

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that target ...

Pierluigi Paganini February 13, 2024
Data Breach
Bank of America customer data compromised after a third-party services provider data breach

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers follo ...

Pierluigi Paganini February 13, 2024
Reports
Ransomfeed - Third Quarter Report 2023 is out!

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. A comprehensive report delving into the intricate landscape ...

Pierluigi Paganini February 13, 2024
Hacking
Global Malicious Activity Targeting Elections is Skyrocketing

Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally With more voters than ever in history heading to the polls in 2024, Resecurity has iden ...

Pierluigi Paganini February 13, 2024
Cyber Crime
Researchers released a free decryption tool for the Rhysida Ransomware

Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Interne ...

Pierluigi Paganini February 12, 2024
Security
Residential Proxies vs. Datacenter Proxies: Choosing the Right Option

Residential Proxies vs. Datacenter Proxies: this blog post examines the contours of each type and provides info on how to choose the perfect proxy option In the robust landscape of the digital era ...

Pierluigi Paganini February 12, 2024
Hacking
CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ...

Pierluigi Paganini February 12, 2024
Security
Canada Gov plans to ban the Flipper Zero to curb car thefts

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipp ...

Pierluigi Paganini February 12, 2024
Security
9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data

Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We've all used public Wi-Fi: it's convenient, saves our data, and sp ...

Pierluigi Paganini February 12, 2024
Cyber Crime
US Feds arrested two men involved in the Warzone RAT operation

The U.S. Justice Department (DoJ) seized the infrastructure that was used to sell the remote access trojan (RAT) Warzone RAT. The Justice Department announced the seizure of internet domains used ...

Pierluigi Paganini February 12, 2024
Malware
Raspberry Robin spotted using two new 1-day LPE exploits

Raspberry Robin continues to evolve, it was spotted using two new one-day exploits for vulnerabilities either Discord to host samples.  Raspberry Robin is a Windows worm discovered by cybers ...

Pierluigi Paganini February 11, 2024
Breaking News
Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini February 11, 2024
Hacking
CISA adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ...

Pierluigi Paganini February 10, 2024
Malware
macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubb ...

Pierluigi Paganini February 10, 2024
Hacking
Exploiting a vulnerable Minifilter Driver to create a process killer

Researcher demonstrated how to exploit a signed Minifilter Driver in a BYOVD attack to terminate a specific process from the kernel. Exploiting a signed Minifilter Driver that can be used to used ...

Pierluigi Paganini February 09, 2024
Data Breach
Black Basta ransomware gang hacked Hyundai Motor Europe

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe ...

Pierluigi Paganini February 09, 2024
Hacking
Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. Fortinet is warning that the recently disc ...

Pierluigi Paganini February 09, 2024
Security
Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. Ivanti has warned customers of a new high-severity security vulne ...

Pierluigi Paganini February 09, 2024
Security
26 Cyber Security Stats Every User Should Be Aware Of in 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technology. Cyber Crime Surge: During COVID-19, cyber crimes shot up by 600%, s ...

Pierluigi Paganini February 09, 2024
Cyber Crime
US offers $10 million reward for info on Hive ransomware group leaders

U.S. Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards u ...

Pierluigi Paganini February 08, 2024
Internet of Things
Unraveling the truth behind the DDoS attack from electric toothbrushes

Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. Is it true? The Swiss newspaper Aargauer Zeitung first published the news of a DD ...

Pierluigi Paganini February 08, 2024
APT
China-linked APT Volt Typhoon remained undetected for years in US infrastructure

China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. US CISA, the NSA, the FBI, along with partner Five Eyes agenc ...

Pierluigi Paganini February 08, 2024
Security
Cisco fixes critical Expressway Series CSRF vulnerabilities

CISCO fixed two critical flaws in Expressway Series collaboration gateways exposing vulnerable devices to cross-site request forgery (CSRF) attacks. Cisco addressed several vulnerabilities in its ...

Pierluigi Paganini February 08, 2024
Security
CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...

Pierluigi Paganini February 07, 2024
Security
Fortinet addressed two critical FortiSIEM vulnerabilities

Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code Cybersecurity vendor Fortinet warned of two critical vu ...

Pierluigi Paganini February 07, 2024
Hacking
Experts warn of a critical bug in JetBrains TeamCity On-Premises

A new vulnerability in JetBrains TeamCity On-Premises can be exploited by threat actors to take over vulnerable instances. JetBrains addressed a critical security vulnerability, tracked as CVE-202 ...

Pierluigi Paganini February 07, 2024
Hacking
Critical shim bug impacts every Linux boot loader signed in the past decade

The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of 'shim' addressed six vulnerabilities with ...

Pierluigi Paganini February 07, 2024
APT
China-linked APT deployed malware in a network of the Dutch Ministry of Defence

China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence and Security Service (MIVD) and the General Int ...

Pierluigi Paganini February 07, 2024
Hacking
Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Google's TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. The latest report published by Google Threat Analysis Group (TAG), ...

Pierluigi Paganini February 06, 2024
Mobile
Google fixed an Android critical remote code execution flaw

Google released Android ’s February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution issue. Google released Android February 2024 security patches ...

Pierluigi Paganini February 06, 2024
Cyber Crime
A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

A Belarusian and Cypriot national linked with the cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison. Aliaksandr Klimenka, a Belarusian and Cypriot ...

Pierluigi Paganini February 06, 2024
Laws and regulations
U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware

The U.S. government imposes visa restrictions on individuals who are involved in the illegal use of commercial spyware. The U.S. State Department announced it is implementing a new policy to impo ...

Pierluigi Paganini February 06, 2024
Cyber Crime
HPE is investigating claims of a new security breach

Hewlett Packard Enterprise (HPE) is investigating a new data breach after a threat actor claimed to have stolen data on a hacking forum. Hewlett Packard Enterprise (HPE) is investigating a new dat ...

Pierluigi Paganini February 06, 2024
Hacking
Experts warn of a surge of attacks targeting Ivanti SSRF flaw 

The Ivanti SSRF vulnerability tracked as CVE-2024-21893 is actively exploited in attacks in the wild by multiple threat actors. The Ivanti Server-Side Request Forgery (SSRF) vulnerability, identi ...

Pierluigi Paganini February 05, 2024
Hacking
How to hack the Airbus NAVBLUE Flysmart+ Manager

Airbus Navblue Flysmart+ Manager allowed attackers to tamper with the engine performance calculations and intercept data. Flysmart+ is a suite of apps for pilot EFBs, helping deliver efficient and ...

Pierluigi Paganini February 05, 2024
Cyber Crime
Crooks stole $25.5 million from a multinational firm using a 'deepfake' video call

Scammers stole HK$200 million (roughly $25,5 million) from a multi-national company using a deepfake conf call to trick an employee into transferring the funds. Scammers successfully stole HK$200 ...

Pierluigi Paganini February 05, 2024
Hacking
Software firm AnyDesk disclosed a security breach

Remote desktop software company AnyDesk announced that threat actors compromised its production environment. Remote desktop software company AnyDesk announced on Friday that threat actors had acce ...

Pierluigi Paganini February 05, 2024
Data Breach
The 'Mother of all Breaches': Navigating the Aftermath and Fortifying Your Data with DSPM

What is Data Security Posture Management (DSPM) and how you can mitigate the risks of data leaks such as the 'Mother of All Breaches' Cybersecurity researchers recently uncovered what is now being ...

Pierluigi Paganini February 04, 2024
Cyber warfare
US government imposed sanctions on six Iranian intel officials

The US government issued sanctions against six Iranian government officials linked to cyberattacks against critical infrastructure organizations.  The U.S. Treasury Department's Office of Foreign ...

Pierluigi Paganini February 04, 2024
Cyber Crime
A cyberattack impacted operations at Lurie Children's Hospital

A cyber attack forced Lurie Children's Hospital in Chicago to take IT systems offline with a severe impact on its operations. The Lurie Children's Hospital in Chicago took IT systems offline after ...

Pierluigi Paganini February 04, 2024
Cyber Crime
AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web

Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web. Such information being available for cybercriminals could act as a catalys ...

Pierluigi Paganini February 04, 2024
Breaking News
Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini February 04, 2024
Security
Clorox estimates the costs of the August cyberattack will exceed $49 Million

Cleaning products giant Clorox estimates the economic impact of the cyber attack that hit the company in August 2023 at $49 million. The Clorox Company is a multinational consumer goods company th ...

Pierluigi Paganini February 03, 2024
Hacking
Mastodon fixed a flaw that can allow the takeover of any account

A vulnerability impacting the decentralized social network Mastodon can be exploited by threat actors to impersonate and take over any account. A security flaw, tracked as CVE-2024-23832 (CVSS sco ...

Pierluigi Paganini February 03, 2024
Hacking
Iranian hackers breached Albania’s Institute of Statistics (INSTAT)

Albania’s Institute of Statistics (INSTAT) announced that it was targeted by a sophisticated cyberattack that affected some of its systems. A sophisticated cyberattack on Wednesday hit Albania� ...

Pierluigi Paganini February 02, 2024
Cyber Crime
Operation Synergia led to the arrest of 31 individuals

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Operation Synergia was led by Interpo ...

Pierluigi Paganini February 02, 2024
Intelligence
Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

A former software engineer with the U.S. CIA has been sentenced to 40 years in prison for leaking classified documents. Former CIA employee Joshua Adam Schulte has been sentenced to 40 years in p ...

Pierluigi Paganini February 02, 2024
Hacking
Cloudflare breached on Thanksgiving Day, but the attack was promptly contained

Cloudflare revealed that a nation-state actor breached its internal Atlassian server, gaining access to the internal wiki and its bug database (Atlassian Jira). The incident took place on Thanksg ...

Pierluigi Paganini February 02, 2024
Malware
PurpleFox malware infected at least 2,000 computers in Ukraine

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. The Computer Emergency Response T ...

Pierluigi Paganini February 02, 2024
Cyber Crime
Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping

A US man has been sentenced to federal prison for his role in a fraudulent scheme that resulted in the theft of millions of dollars through SIM swapping. Daniel James Junk (22) of Portland was sen ...

Pierluigi Paganini February 01, 2024
Security
CISA orders federal agencies to disconnect Ivanti VPN instances by February 2

CISA is ordering federal agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. For the first time since its establishment, CISA is ordering federal agenci ...

Pierluigi Paganini February 01, 2024
APT
Multiple malware used in attacks exploiting Ivanti VPN flaws

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a Ch ...

Pierluigi Paganini February 01, 2024
Cyber Crime
Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to. The police in Saxony, Germany, have seized 50,000 Bitcoin (more than $2.1 billion at the ...

Pierluigi Paganini February 01, 2024
Cyber Crime
Crooks stole around $112 million worth of XRP from Ripple’s co-founder

Crooks stole around $112 million worth of Ripple XRP from the crypto wallet of Ripple’s co-founder Chris Larsen. This week, crooks stole around $112 million worth of the Ripple-focused cryptocur ...

Pierluigi Paganini January 31, 2024
Security
CISA adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securi ...

Pierluigi Paganini January 31, 2024
Hacking
Ivanti warns of a new actively exploited zero-day

Ivanti warns of two new vulnerabilities in its Connect Secure and Policy Secure products, one of which is actively exploited in the wild. Ivanti is warning of two new high-severity vulnerabilities ...

Pierluigi Paganini January 31, 2024
Malware
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early January 2024, software firm Ivanti reported that threat ...

Pierluigi Paganini January 31, 2024
Security
Data leak at fintech giant Direct Trading Technologies

Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading Technologies, an international fintech company, jeo ...

Pierluigi Paganini January 31, 2024
Breaking News
Root access vulnerability in GNU Library C (glibc) impacts many Linux distros

Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The Qualys Threat Research Unit discovered four securit ...

Pierluigi Paganini January 30, 2024
Laws and regulations
Italian data protection authority said that ChatGPT violated EU privacy laws

Italian data protection authority regulator authority Garante said that ChatGPT violated European Union data privacy regulations. The Italian data protection authority regulator authority, known a ...

Pierluigi Paganini January 30, 2024
Data Breach
750 million Indian mobile subscribers' data offered for sale on dark web

Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian m ...

Pierluigi Paganini January 30, 2024
Security
Juniper Networks released out-of-band updates to fix high-severity flaws

Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take over unpatched systems. Juniper Networks has released out-of ...

Pierluigi Paganini January 30, 2024
Cyber Crime
Hundreds of network operators’ credentials found circulating in Dark Web

Hundreds of compromised credentials of customers of RIPE, APNIC, AFRINIC, and LACNIC are available on the dark web, Resecurity warns. Resecurity conducted a thorough scan of the Dark Web and ident ...

Pierluigi Paganini January 30, 2024
Data Breach
Cactus ransomware gang claims the Schneider Electric hack

Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energ ...

Pierluigi Paganini January 30, 2024
Data Breach
Mercedes-Benz accidentally exposed sensitive data, including source code

Researchers discovered that Mercedes-Benz accidentally left a private key online exposing internal data, including the company’s source code. RedHunt Labs researchers discovered that Mercedes-Be ...

Pierluigi Paganini January 29, 2024
Hacking
Experts detailed Microsoft Outlook flaw that can leak NTLM v2 hashed passwords

A flaw in Microsoft Outlook can be exploited to access NTLM v2 hashed passwords by tricking users into opening a specially crafted file. The vulnerability CVE-2023-35636 impacting Microsoft Outloo ...

Pierluigi Paganini January 29, 2024
Intelligence
NSA buys internet browsing records from data brokers without a warrant

The U.S. National Security Agency (NSA) admitted to buying internet browsing records from data brokers to monitor Americans' activity online without a court order. U.S. Senator Ron Wyden, D-Ore., ...

Pierluigi Paganini January 29, 2024
Intelligence
Ukraine’s SBU arrested a member of Pro-Russia hackers group 'Cyber Army of Russia'

Ukraine's security service (SBU) detained an alleged member of the pro-Russia hacker group "the Cyber Army of Russia." Ukraine's security service, the SBU, announced that it has identified and de ...

Pierluigi Paganini January 29, 2024
Hacking
Multiple PoC exploits released for Jenkins flaw CVE-2024-23897

Multiple proof-of-concept (PoC) exploits for recently disclosed critical Jenkins vulnerability CVE-2024-23897 have been released. Researchers warn that several proof-of-concept (PoC) exploits targ ...

Pierluigi Paganini January 28, 2024
Cyber Crime
Medusa ransomware attack hit Kansas City Area Transportation Authority

Medusa ransomware gang claimed responsibility for the attack against the Kansas City Area Transportation Authority (KCATA). On January 23, 2023, the Kansas City Area Transportation Authority (KCAT ...

Pierluigi Paganini January 28, 2024
Breaking News
Security Affairs newsletter Round 456 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini January 28, 2024
Hacktivism
Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center

The Main Intelligence Directorate of Ukraine's Ministry of Defense states that pro-Ukraine hackers wiped 2 petabytes of data from a Russian research center. The Main Directorate of Intelligence of ...

Pierluigi Paganini January 27, 2024
Hacking
Participants earned more than $1.3M at the Pwn2Own Automotive competition

Bug bounty hunters earned more than $1.3 million for hacking Teslas, infotainment systems, and electric vehicle chargers at the Pwn2Own Automotive competition. The Zero Day Initiative’s Pwn2Own ...

Pierluigi Paganini January 27, 2024
Cyber Crime
A TrickBot malware developer sentenced to 64 months in prison

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sente ...

Pierluigi Paganini January 26, 2024
APT
Russian Midnight Blizzard APT is targeting orgs worldwide, Microsoft warns

Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign. Microsoft announced that the Russia-linked APT Midnight Blizzar ...

Pierluigi Paganini January 26, 2024
Security
Watch out, experts warn of a critical flaw in Jenkins

Jenkins maintainers addressed several security vulnerabilities, including a critical remote code execution (RCE) flaw. Jenkins is the most popular open source automation server, it is maintai ...

Pierluigi Paganini January 26, 2024
Hacking
Pwn2Own Automotive 2024 Day 2 - Tesla hacked again

Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team (@Synacktiv) compromised ...

Pierluigi Paganini January 26, 2024
Reports
Yearly Intel Trend Review: The 2023 RedSense report

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and disco ...

Pierluigi Paganini January 25, 2024
Security
Cisco warns of a critical bug in Unified Communications products, patch it now!

Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. Cisco released security patches to address a critical ...

Pierluigi Paganini January 25, 2024
Security
Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight Blizzard gained access to its Microsoft Office 365 email system. Hewlett Packard Enterprise (HPE) revealed that alle ...

Pierluigi Paganini January 25, 2024
Hacking
CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...

Pierluigi Paganini January 25, 2024
Hacking
5379 GitLab servers vulnerable to zero-click account takeover attacks

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabi ...

Pierluigi Paganini January 24, 2024
Hacking
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra's GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3' ...

Pierluigi Paganini January 24, 2024
Security
Splunk fixed high-severity flaw impacting Windows versions

Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw impacting Windows installs. Splunk addressed multiple vulnerabilities in Splunk Enterprise, including ...

Pierluigi Paganini January 24, 2024
Hacking
Watch out, a new critical flaw affects Fortra GoAnywhere MFT

Fortra addressed a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) product. Fortra warns customers of a new authentication bypass vulnerability tracked as� ...

Pierluigi Paganini January 23, 2024
Hacking
Australian government announced sanctions for Medibank hacker

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Ge ...

Pierluigi Paganini January 23, 2024
Hacking
LoanDepot data breach impacted roughly 16.6 individuals

Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 million individuals. LoanDepot is a financial services company that primarily operates as a mortgage lender. ...

Pierluigi Paganini January 23, 2024
Cyber Crime
Black Basta gang claims the hack of the UK water utility Southern Water

The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. Southern Water is a private utility company responsible for col ...

Pierluigi Paganini January 23, 2024
Security
CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds VMware vCenter Server Out-of-Bounds Write bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...

Pierluigi Paganini January 23, 2024
Breaking News
Mother of all breaches - a historic data leak reveals 26 billion records: check what's exposed

Cybersecurity researcher Bob Dyachenko and CyberNews researchers discovered the largest data leak ever discovered. The supermassive leak contains data from numerous previous breaches, comprising a ...

Pierluigi Paganini January 22, 2024
Security
Apple fixed actively exploited zero-day CVE-2024-23222

Apple addressed the first zero-day vulnerability that impacts iPhones, Macs, and Apple TVs. The issue is actively exploited in the wild. Apple released security updates to address a zero-day vulne ...

Pierluigi Paganini January 22, 2024
Cyber Crime
“My Slice”, an Italian adaptive phishing campaign

Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing t ...

Pierluigi Paganini January 22, 2024
Malware
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell

Researchers warn of a spike in attacks exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell. Trustwave researchers observed a surge in attacks exploiting a now-patche ...

Pierluigi Paganini January 22, 2024
Data Breach
Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web

Resecurity researchers warn of massive leak of stolen Thai personally identifiable information (PII) on the dark web by cybercriminals. Resecurity has detected a noticeable increase in data leaks ...

Pierluigi Paganini January 22, 2024
Malware
Backdoored pirated applications targets Apple macOS users

Researchers warned that pirated applications have been employed to deliver a backdoor to Apple macOS users. Jamf Threat Labs researchers warned that pirated applications have been utilized to dist ...

Pierluigi Paganini January 22, 2024
Cyber Crime
LockBit ransomware gang claims the attack on the sandwich chain Subway

The LockBit ransomware gang claimed to have hacked Subway, the American multinational fast food restaurant franchise.  Subway IP LLC is an American multinational fast-food restauran ...

Pierluigi Paganini January 21, 2024
Breaking News
Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini January 21, 2024
Cyber Crime
Admin of the BreachForums hacking forum sentenced to 20 years supervised release

Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, has been sentenced to 20 years supervised release. Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, was s ...

Pierluigi Paganini January 20, 2024
Data Breach
VF Corp December data breach impacts 35 million customers

American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 million customers. VF Corporation is an American global apparel and footwear company ...

Pierluigi Paganini January 19, 2024
APT
China-linked APT UNC3886 exploits VMware zero-day since 2021

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has ...

Pierluigi Paganini January 19, 2024
Reports
Ransomware attacks break records in 2023: the number of victims rose by 128%

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased ...

Pierluigi Paganini January 19, 2024
Hacking
U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM flaw CVE-2023-35082 to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...

Pierluigi Paganini January 19, 2024
Security
The Quantum Computing Cryptopocalypse – I’ll Know It When I See It

Can quantum computing break cryptography? Can it do it within a person’s lifetime? Will it be a cryptopocalypse, as some experts suggest? Can quantum computing break cryptography? Sure, it can. ...

Pierluigi Paganini January 19, 2024
Security
Kansas State University suffered a serious cybersecurity incident

Kansas State University (K-State) suffered a cybersecurity incident that has disrupted part of its network and services. Kansas State University (K-State) suffered a cybersecurity incident that im ...

Pierluigi Paganini January 19, 2024
Hacking
CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...

Pierluigi Paganini January 18, 2024
APT
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT (aka “Seaborgium“, "Callisto", “Star Blizzard”, “TA ...

Pierluigi Paganini January 18, 2024
Hacking
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts

Experts found multiple flaws, collectively named PixieFail, in the network protocol stack of an open-source reference implementation of the UEFI. Quarkslab researchers discovered nine vulnerabili ...

Pierluigi Paganini January 18, 2024
Malware
iShutdown lightweight method allows to discover spyware infections on iPhones

Researchers devised a "lightweight method," called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a " ...

Pierluigi Paganini January 18, 2024
Hacking
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Switzerland believes that the cyberatta ...

Pierluigi Paganini January 17, 2024
Security
Github rotated credentials after the discovery of a vulnerability

GitHub rotated some credentials after the discovery of a flaw that allowed access to the environment variables of a production container. After GitHub became aware of a vulnerability through its b ...

Pierluigi Paganini January 17, 2024
Cyber Crime
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation

U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) r ...

Pierluigi Paganini January 17, 2024
Hacking
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited ze ...

Pierluigi Paganini January 17, 2024
Security
Google fixed the first actively exploited Chrome zero-day of 2024

Google has addressed the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. Google has released security updates to address the first Chrome zero-day vul ...

Pierluigi Paganini January 16, 2024
Breaking News
Atlassian fixed critical RCE in older Confluence versions

Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerabi ...

Pierluigi Paganini January 16, 2024
Security
VMware fixed a critical flaw in Aria Automation. Patch it now!

VMware warns customers of a critical vulnerability impacting its Aria Automation multi-cloud infrastructure automation platform. VMware Aria Automation (formerly vRealize Automation) is a modern c ...

Pierluigi Paganini January 16, 2024
Hacking
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors ar ...

Pierluigi Paganini January 16, 2024
Security
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The ...

Pierluigi Paganini January 16, 2024
Hacking
Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two ...

Pierluigi Paganini January 15, 2024
Hacking
Phemedrone info stealer campaign exploits Windows smartScreen bypass

Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver the Phemedrone info stealer. Trend Micro researchers uncovered a malware campaign exploiting the vulnerabil ...

Pierluigi Paganini January 15, 2024
Malware
Balada Injector continues to infect thousands of WordPress sites

Balada Injector malware infected more than 7100 WordPress sites using a vulnerable version of the Popup Builder plugin. In September, Sucuri researchers reported that more than 17,000 WordPress we ...

Pierluigi Paganini January 15, 2024
Hacking
Attackers target Apache Hadoop and Flink to deliver cryptominers

Researchers devised a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners. Cybersecurity researchers from cyber security firm Aqua have uncovered ...

Pierluigi Paganini January 15, 2024
Hacking
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic

Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recen ...

Pierluigi Paganini January 15, 2024
Breaking News
Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini January 13, 2024
Security
GitLab fixed a critical zero-click account hijacking flaw

GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to add ...

Pierluigi Paganini January 13, 2024
Security
Juniper Networks fixed a critical RCE bug in its firewalls and switches

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Juniper Networks released security updat ...

Pierluigi Paganini January 12, 2024
Deep Web
Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election

Investigators from Resecurity’s HUNTER (HUMINT) warn that Indonesia is increasingly being targeted by cyber-threat actors. Investigators from Resecurity’s HUNTER (HUMINT) have found that Indon ...

Pierluigi Paganini January 12, 2024
Hacking
Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467

Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a pro ...

Pierluigi Paganini January 12, 2024
Security
Team Liquid’s wiki leak exposes 118K users

Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing its users’ email addresses and other details. Users of the e-sports knowledge base were exposed via a pub ...

Pierluigi Paganini January 12, 2024
Security
CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and In ...

Pierluigi Paganini January 11, 2024
Hacking
Two zero-day bugs in Ivanti Connect Secure actively exploited

Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure. Software firm Ivanti reported that threat actors are exploiting tw ...

Pierluigi Paganini January 11, 2024
Cyber Crime
X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mand ...

Pierluigi Paganini January 11, 2024
Security
Cisco fixed critical Unity Connection vulnerability CVE-2024-20272

Cisco addressed a critical Unity Connection security flaw that can be exploited by an unauthenticated attacker to get root privileges. Cisco has addressed a critical flaw, tracked as CVE-2024-2027 ...

Pierluigi Paganini January 11, 2024
Cyber Crime
ShinyHunters member sentenced to three years in prison

A U.S. District Court sentenced ShinyHunters hacker Sebastien Raoult to three years in prison and ordered him to pay more than $5 million in restitution. The member of the ShinyHunters hacker grou ...

Pierluigi Paganini January 10, 2024
Data Breach
HMG Healthcare disclosed a data breach

The Healthcare services provider HMG Healthcare has disclosed a data breach that impacted 40 affiliated nursing facilities. In November 2023, the Healthcare services provider HMG Healthcare discov ...

Pierluigi Paganini January 10, 2024
Hacking
Threat actors hacked the X account of the Securities and Exchange Commission (SEC) and announced fake Bitcoin ETF approval

Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Sec ...

Pierluigi Paganini January 10, 2024
Cyber Crime
Decryptor for Tortilla variant of Babuk ransomware released

Researchers and the Dutch Police released a decryptor for the Tortilla variant of the Babuk ransomware after the arrest of its operator. Cisco Talos researchers obtained a decryptor for the Babuk ...

Pierluigi Paganini January 10, 2024
Security
Microsoft Patch Tuesday for January 2024 fixed 2 critical flaws

Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. Microsoft Patch Tuesday security updates for January 2024 fixed 49 ...

Pierluigi Paganini January 09, 2024
Security
CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Superset vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ...

Pierluigi Paganini January 09, 2024
Cyber Crime
Syrian group Anonymous Arabic distributes stealthy malware Silver RAT

A hacker group that calls itself Anonymous Arabic is distributing a stealthy remote access trojan called Silver RAT. Cyfirma researchers observed threat actors called ‘Anonymous Arabic’ distr ...

Pierluigi Paganini January 09, 2024
Cyber Crime
Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web ...

Pierluigi Paganini January 08, 2024
Cyber Crime
DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The U.S. DoJ charged 19 individuals worldwide for their role in the operati ...

Pierluigi Paganini January 08, 2024
Malware
Long-existing Bandook RAT targets Windows machines

A new variant of the Bandook remote access trojan (RAT) was spotted in attacks aimed at Windows machines. Reseachers from Fortinet observed a new variant of a remote access trojan dubbed Bandook� ...

Pierluigi Paganini January 08, 2024
Hacking
A cyber attack hit the Beirut International Airport

A cyber attack hit the Beirut International Airport, Rafic Hariri (Lebanon), threat actors breached the Flight Information Display System (FIDS). Threat actors hit the Beirut International Airport ...

Pierluigi Paganini January 07, 2024
Breaking News
Iranian crypto exchange Bit24.cash leaks user passports and IDs

Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced ...

Pierluigi Paganini January 07, 2024
Breaking News
Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...

Pierluigi Paganini January 07, 2024
APT
Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Researchers from Dutch security firm Hunt & Hackett observed Sea Tu ...

Pierluigi Paganini January 07, 2024
APT
Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea

Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT's malware family. Security researcher Greg Lesnewich discovered a backdoor, call ...

Pierluigi Paganini January 06, 2024
Laws and regulations
Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Merck has resolved a dispute with insurers regarding a $1.4 billion claim arising from the NotPetya malware incident. Merck and its insurers have agreed with a $1.4 billion claim arising from the ...

Pierluigi Paganini January 06, 2024
Cyber Crime
The source code of Zeppelin Ransomware sold on a hacking forum

A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Researchers from cybersecurity firm KELA reported that a threat actor ann ...

Pierluigi Paganini January 05, 2024
Cyber warfare
Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant ...

Pierluigi Paganini January 05, 2024
Security
Ivanti fixed a critical EPM flaw that can result in remote code execution

Ivanti fixed a critical vulnerability in its Endpoint Manager (EPM) solution that could lead to remote code execution (RCE) on vulnerable servers Ivanti has released security updates to address a ...

Pierluigi Paganini January 05, 2024
Security
MyEstatePoint Property Search Android app leaks user passwords

The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real e ...

Pierluigi Paganini January 05, 2024
<