LATEST NEWS

VIEW ALL
RSA refused claims on NSA Relationship and encryption backdoor
Pierluigi Paganini December 24, 2013

RSA published a blog post to deny the accusation about secret partnership with the National Security Agency and the use of flawed algorithm in its product. A couple of days ago on Internet was spre ...

NATO has constituted Cyber Response Teams
Pierluigi Paganini December 24, 2013

The NATO has announced to be close to launch two Cyber Response Teams to protect the infrastructures of the Alliance in the case of cyber attacks. NATO is establishing its reaction units to protect ...

Apple iOS 7 Untethered Jailbreak is available
Pierluigi Paganini December 23, 2013

The evad3rs team has released the untethered jailbreak for different Apple devices running running iOS version from 7.0 to 7.0.4. The evad3rs team has released the untethered jailbreak for numerou ...

Hackers have compromised a misconfigured cloud server in less than 4hh
Pierluigi Paganini December 23, 2013

CloudPassage organized an exercise to demonstrated how it is simple the live server exploitation of cloud environments poorly configured. Cloud computing is considerable one of the paradigms with hig ...

recent articles

APT
Storm-2372 used the device code phishing technique since August 2024

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn t ...

Pierluigi Paganini February 16, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data B ...

Pierluigi Paganini February 16, 2025
Security
Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini February 16, 2025
Security
U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...

Pierluigi Paganini February 15, 2025
Hacking
Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. Researchers warn that threat actors are exploiting a recently di ...

Pierluigi Paganini February 15, 2025
APT
China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. China-linked APT group Salt Typhoon is still targeting telecommunicati ...

Pierluigi Paganini February 14, 2025
Hacking
Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

Threat actors are exploiting a zero-day SQL injection vulnerability in PostgreSQL, according to researchers from cybersecurity firm Rapid7. Rapid7 researchers discovered a high-severity SQL inject ...

Pierluigi Paganini February 14, 2025
Malware
Valve removed the game PirateFi from the Steam video game platform because contained a malware

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. Valve removed the game PirateFi from the Steam video game ...

Pierluigi Paganini February 14, 2025
APT
China-linked APTs' tool employed in RA World Ransomware attack

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomwar ...

Pierluigi Paganini February 13, 2025
APT
Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

A subgroup of the Russia-linked Seashell Blizzard APT group (aka Sandworm) ran a global multi-year initial access operation called BadPilot. Microsoft shared findings on research on a subgroup of ...

Pierluigi Paganini February 13, 2025
Cyber Crime
Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manuf ...

Pierluigi Paganini February 13, 2025
Cyber Crime
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel

Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel, a Trump administration source told CNN. The New York Times first reported that Alexander Vinn ...

Pierluigi Paganini February 12, 2025
APT
North Korea-linked APT Emerald Sleet is using a new tactic

Microsoft Threat Intelligence has observed North Korea-linked APT Emerald Sleet using a new tactic, tricking targets into running PowerShell. Microsoft Threat Intelligence researchers spotted Nort ...

Pierluigi Paganini February 12, 2025
Hacking
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 202 ...

Pierluigi Paganini February 12, 2025
Hacking
Attackers exploit a new zero-day to hijack Fortinet firewalls

Fortinet warned of attacks using a now-patched zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls. Fortinet warned that threat actors are exploiting a new zero-day vulne ...

Pierluigi Paganini February 11, 2025
Security
OpenSSL patched high-severity flaw CVE-2024-12797

OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks. The OpenSSL Project addressed a high-severity vulnerability, tracked a ...

Pierluigi Paganini February 11, 2025
Security
Progress Software fixed multiple high-severity LoadMaster flaws

Progress Software fixed multiple vulnerabilities in its LoadMaster software, which could be exploited to execute arbitrary system commands. Progress Software has addressed multiple high-severity ...

Pierluigi Paganini February 11, 2025
Security
Artificial intelligence (AI) as an Enabler for Enhanced Data Security

Artificial intelligence enhances data security by identifying risks and protecting sensitive cloud data, helping organizations stay ahead of evolving threats. Artificial intelligence (AI) is trans ...

Pierluigi Paganini February 11, 2025
Cyber Crime
Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores. Sucuri researchers found threat actors using Google Tag Manag ...

Pierluigi Paganini February 11, 2025
Cyber Crime
Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement operation, codenamed Operation Phobos Aetor, dismantl ...

Pierluigi Paganini February 11, 2025
Hacking
Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’

Apple released iOS and iPadOS updates to address a zero-day likely exploited in extremely sophisticated attacks targeting specific individuals. Apple released emergency security updates to address ...

Pierluigi Paganini February 10, 2025
Data Breach
HPE is notifying individuals affected by a December 2023 attack

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying ind ...

Pierluigi Paganini February 10, 2025
Cyber Crime
XE Group shifts from credit card skimming to exploiting zero-days

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed light ...

Pierluigi Paganini February 10, 2025
Laws and regulations
UK Gov demands backdoor to access Apple iCloud backups worldwide

UK secretly demands Apple create an iCloud backdoor via a Technical Capability Notice, raising privacy concerns over end-to-end encryption. The UK demands Apple to create a backdoor to access any ...

Pierluigi Paganini February 10, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 32

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Malicious packages deepseeek and deepseekai published in Pyth ...

Pierluigi Paganini February 09, 2025
Breaking News
Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini February 09, 2025
Hacking
PlayStation Network outage has been going on for over 24 hours

PlayStation Network has been down for nearly a day, with little communication from Sony, leaving players frustrated. PlayStation Network has been down for almost a day all over the world, Son ...

Pierluigi Paganini February 08, 2025
APT
Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Researchers spotted North Korea's Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed ...

Pierluigi Paganini February 08, 2025
Breaking News
Russia's intelligence recruits Ukrainians for terror attacks via messaging apps

Russia's intelligence recruits Ukrainians for terror attacks via messaging apps and forums, offering quick pay, Ukraine's law enforcement warns. According to Ukraine's law enforcement, Russian int ...

Pierluigi Paganini February 08, 2025
Data Breach
Hospital Sisters Health System impacted 882,782 individuals

The cyberattack on Hospital Sisters Health System in 2023 compromised the personal information of 883,000 individuals. The cyberattack that hit the infrastructure of the Hospital Sisters Health Sy ...

Pierluigi Paganini February 07, 2025
Hacking
Attackers used a public ASP.NET machine to conduct ViewState code injection attacks

Microsoft researchers warn that threat actors are delivering the Godzilla framework using a static ASP.NET machine. In December 2024, Microsoft Threat Intelligence researchers spotted a threat act ...

Pierluigi Paganini February 07, 2025
Hacking
U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...

Pierluigi Paganini February 06, 2025
Cyber Crime
Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US. Spanish National Police arrested a hacker responsible for multiple cyberattack ...

Pierluigi Paganini February 06, 2025
APT
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer

The North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linked&n ...

Pierluigi Paganini February 06, 2025
Hacking
U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agen ...

Pierluigi Paganini February 05, 2025
Security
U.S. CISA adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog. Th ...

Pierluigi Paganini February 05, 2025
Malware
SparkCat campaign target crypto wallets using OCR to steal recovery phrases

In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers u ...

Pierluigi Paganini February 05, 2025
Data Breach
International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

The International Civil Aviation Organization (ICAO) is investigating a data breach affecting system and employee security. The International Civil Aviation Organization (ICAO), a specialized agen ...

Pierluigi Paganini February 05, 2025
Data Breach
Online food ordering and delivery platform GrubHub discloses a data breach

Online food ordering and delivery platform GrubHub suffered a data breach that exposed the personal information of drivers and customers. This week the online food ordering and delivery firm GrubH ...

Pierluigi Paganini February 05, 2025
Security
Netgear urges users to upgrade two flaws impacting WiFi router models

Netgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 ...

Pierluigi Paganini February 04, 2025
Security
AMD fixed a flaw that allowed to load malicious microcode

AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode. Researchers from Google disclosed an improper signature verification vulne ...

Pierluigi Paganini February 04, 2025
Malware
Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Coyote Banking Trojan targets Brazilian users, stealing data from over 70 financial applications and websites. FortiGuard Labs researchers detected a campaign using LNK files executing PowerShell ...

Pierluigi Paganini February 04, 2025
Hacking
Google fixed actively exploited kernel zero-day flaw

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabili ...

Pierluigi Paganini February 04, 2025
Malware
Web Skimmer found on at least 17 websites, including Casio UK

Casio Website Infected With Skimmer  A threat actor has installed a web skimmer on all pages of the Casio UK’s website, except the checkout page. Jscrambler researchers uncovered a web s ...

Pierluigi Paganini February 03, 2025
Cyber Crime
Crazy Evil gang runs over 10 highly specialized social media scams

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major ...

Pierluigi Paganini February 03, 2025
Security
Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

US Sen. Ron Wyden warns of national security risks after Elon Musk ’s DOGE was given full access to sensitive Treasury systems. Sen. Ron Wyden warned of national security risks after Elon Musk � ...

Pierluigi Paganini February 03, 2025
Laws and regulations
Texas is the first state to ban DeepSeek on government devices

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Texas Governor Greg Abbott banned Chinese AI company DeepSeek and Chinese-owned so ...

Pierluigi Paganini February 03, 2025
Cyber Crime
Law enforcement seized the domains of HeartSender cybercrime marketplaces

U.S. and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a ...

Pierluigi Paganini February 03, 2025
Breaking News
Security Affairs newsletter Round 509 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini February 02, 2025
Security
WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp t ...

Pierluigi Paganini February 02, 2025
Cyber Crime
Ransomware attack hit Indian multinational Tata Technologies

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies, a Tata Motors subsidiary, ...

Pierluigi Paganini February 02, 2025
Cyber Crime
A ransomware attack forced New York Blood Center to reschedule appointments

The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments. The New York Blood Center suffered a ransomware attack on Sunday, cau ...

Pierluigi Paganini February 01, 2025
Security
Contec CMS8000 patient monitors contain a hidden backdoor

The U.S. CISA and the FDA warned of a hidden backdoor in Contec CMS8000 and Epsimed MN-120 patient monitors. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug ...

Pierluigi Paganini February 01, 2025
Data Breach
Community Health Center data breach impacted over 1 million patients

Community Health Center (CHC) data breach impacted over 1 million patients in Connecticut, the healthcare provider started notifying them. Community Health Center (CHC) is a leading healthcare pro ...

Pierluigi Paganini January 31, 2025
Security
Italy's data protection authority Garante blocked the DeepSeek AI platform

Italy's data protection authority Garante blocked the DeepSeek AI service due to insufficient transparency regarding user data process. Italy's data protection watchdog has blocked Chinese artif ...

Pierluigi Paganini January 31, 2025
Security
Broadcom fixed information disclosure flaws in VMware Aria Operations

Broadcom patched five flaws in VMware Aria Operations and Aria Operations for Logs that could lead to privilege escalation and credential theft. Broadcom addressed the following vulnerabilities in ...

Pierluigi Paganini January 31, 2025
Data Breach
DeepSeek database exposed highly sensitive information

Chinese AI platform DeepSeek has publicly exposed two databases containing highly sensitive user and backend details. Wiz Research discovered a publicly accessible ClickHouse database belonging to ...

Pierluigi Paganini January 30, 2025
Security
TeamViewer fixed a vulnerability in Windows client and host applications

TeamViewer has patched a high-severity privilege escalation vulnerability affecting its Windows client and host applications. TeamViewer released security patches for a high-severity elevation of ...

Pierluigi Paganini January 30, 2025
Cyber Crime
Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites

An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP.  An international law enforcement operation led by Europol, ...

Pierluigi Paganini January 30, 2025
Hacking
PHP package Voyager flaws expose to one-click RCE exploits

The open-source PHP package Voyager is affected by three vulnerabilities that could be exploited to achieve one-click remote code execution on affected instances. Voyager is a popular open-sourc ...

Pierluigi Paganini January 30, 2025
Digital ID
Italy’s Data Protection Authority Garante requested information from Deepseek

Italy’s data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italy’s Data Protection Authority Garante has asked the AI firm ...

Pierluigi Paganini January 30, 2025
Hacking
U.S. CISA adds Apple products' flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products' flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ...

Pierluigi Paganini January 29, 2025
Breaking News
Aquabot variant v3 targets Mitel SIP phones

A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Akamai researchers spotted a new variant of the Mirai-based botnet Aquabot t ...

Pierluigi Paganini January 29, 2025
Security
Critical remote code execution bug found in Cacti framework

A critical flaw in Cacti open-source network monitoring and fault management framework that could allow remote code execution. Cacti is an open-source platform that provides a robust and extensib ...

Pierluigi Paganini January 29, 2025
Hacking
Attackers actively exploit a critical zero-day in Zyxel CPE Series devices

Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exp ...

Pierluigi Paganini January 29, 2025
Security
Attackers exploit SimpleHelp RMM Software flaws for initial access

Threat actors exploit recently fixed SimpleHelp RMM software vulnerabilities to breach targeted networks, experts warn. Horizon3 researchers discovered three vulnerabilities, tracked as CVE-2024-5 ...

Pierluigi Paganini January 29, 2025
Security
VMware fixed a flaw in Avi Load Balancer

VMware fixed a high-risk blind SQL injection vulnerability in Avi Load Balancer, allowing attackers to exploit databases via crafted queries. VMware warns of a high-risk blind SQL injection vulner ...

Pierluigi Paganini January 28, 2025
Security
EU announced sanctions on three members of Russia's GRU Unit 29155

The EU sanctioned three members of Russia's GRU Unit 29155 for cyberattacks on Estonia's government agencies in 2020. The European Union announced sanctions for three members (Nikolay Korchagin, V ...

Pierluigi Paganini January 28, 2025
Security
Chinese AI platform DeepSeek faced a "large-scale" cyberattack

Chinese AI company DeepSeek has disabled registrations for its DeepSeek-V3 chat platform following a "large-scale" cyberattack. DeepSeek has designed a new AI platform that quickly gained attentio ...

Pierluigi Paganini January 28, 2025
Hacking
Apple fixed the first actively exploited zero-day of 2025

Apple addressed the first zero-day vulnerability of 2025, which is actively exploited in attacks in the wild aimed at iPhone users. Apple released security updates to address 2025's first zero-day ...

Pierluigi Paganini January 27, 2025
Cyber Crime
TalkTalk confirms data breach involving a third-party platform

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a th ...

Pierluigi Paganini January 27, 2025
Security
Multiple Git flaws led to credentials compromise

Vulnerabilities in the Git credential retrieval protocol could have allowed threat actors to access user credentials. Security researcher RyotaK from GMO Flatt Security Inc discovered multiple vul ...

Pierluigi Paganini January 27, 2025
APT
GamaCopy targets Russia mimicking Russia-linked Gamaredon APT

New threat actor GamaCopy mimics Russia-linked Gamaredon APT in attacks on Russian-speaking targets. The Knownsec 404 Advanced Threat Intelligence team recently analyzed attacks on Russian-speakin ...

Pierluigi Paganini January 27, 2025
Cyber Crime
ESXi ransomware attacks use SSH tunnels to avoid detection

Threat actors behind ESXi ransomware attacks target virtualized environments using SSH tunneling to avoid detection. Researchers at cybersecurity firm Sygnia warn that threat actors behind ESXi ra ...

Pierluigi Paganini January 27, 2025
Digital ID
Attackers allegedly stole $69 million from cryptocurrency platform Phemex

Crooks stole at least $69 million from Singapore-based cryptocurrency platform Phemex in an alleged cyberattack. Singapore-based crypto platform Phemex paused operations after a cyberattack that r ...

Pierluigi Paganini January 27, 2025
Data Breach
Change Healthcare data breach exposed the private data of over half the U.S.

The Change Healthcare data breach is worse than initially estimated: approximately 190 million people have been affected. The Change Healthcare data breach is worse than initially estimated, the i ...

Pierluigi Paganini January 26, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 30

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Gmail For Exfiltration: Malicious npm Packages Target Solana ...

Pierluigi Paganini January 26, 2025
Breaking News
Security Affairs newsletter Round 508 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 26, 2025
Uncategorized
Cisco warns of a ClamAV bug with PoC exploit

Cisco addressed a ClamAV denial-of-service (DoS) vulnerability, and experts warn of the availability of a proof-of-concept (PoC) exploit code. Cisco has released security updates to address a Clam ...

Pierluigi Paganini January 26, 2025
Security
Subaru Starlink flaw allowed experts to remotely hack cars

Subaru Starlink flaw exposed vehicles and customer accounts in the US, Canada, and Japan to remote attacks. Popular security researcher Sam Curry and he colleague Shubham Shah discovered a vulnera ...

Pierluigi Paganini January 25, 2025
Security
U.S. CISA adds SonicWall SMA1000 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SMA1000 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini January 24, 2025
Security
J-magic malware campaign targets Juniper routers

Threat actors are targeting Juniper routers with a custom backdoor in a campaign called code-named "J-magic," attackers are exploiting a Magic Packet flaw. Lumen Technologies researchers reported ...

Pierluigi Paganini January 24, 2025
Security
SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

SonicWall warns customers of a critical zero-day vulnerability in SMA 1000 Series appliances, likely exploited in the wild. SonicWall is warning customers of a critical security vulnerability, tra ...

Pierluigi Paganini January 24, 2025
Breaking News
U.S. CISA adds JQuery flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds JQuery vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ...

Pierluigi Paganini January 23, 2025
Hacking
Pwn2Own Automotive 2025 Day 2: organizers awarded $335,500

Bug hunters earned $129,000 for Tesla charger exploits and over $700,000 total in two days at Pwn2Own Automotive 2025. During Day 2 of Pwn2Own Automotive 2025 organizers awarded $335,500, which br ...

Pierluigi Paganini January 23, 2025
Hacking
Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

US agencies revealed Chinese threat actors used two advanced exploit chains to breach Ivanti Cloud Service Appliances (CSA). The US government’s cybersecurity and law enforcement revealed that C ...

Pierluigi Paganini January 23, 2025
Security
Cisco addresses a critical privilege escalation bug in Meeting Management

Cisco addressed a critical flaw in its Meeting Management that could allow it to gain administrator privileges on vulnerable instances. Cisco released security updates to fix a critical flaw, trac ...

Pierluigi Paganini January 23, 2025
Cyber Crime
U.S. President Donald Trump granted a "full and unconditional pardon" to Ross Ulbricht, Silk Road creator

Donald Trump pardoned Ross Ulbricht, creator of the notorious dark web, drug marketplace Silk Road , after 11 years in prison. Donald Trump pardoned Ross Ulbricht, creator of Silk Road, who was co ...

Pierluigi Paganini January 23, 2025
Hacking
Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days

Trend Micro’s Zero Day Initiative (ZDI) announced that $380K was awarded on Day 1 of Pwn2Own Automotive 2025. Trend Micro’s Zero Day Initiative (ZDI) announced that over $380,000 was awarded o ...

Pierluigi Paganini January 22, 2025
Cyber Crime
Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracke ...

Pierluigi Paganini January 22, 2025
Hacking
A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

A vulnerability in the 7-Zip file software allows attackers to bypass the Mark of the Web (MotW) Windows security feature. Attackers can exploit a vulnerability, tracked as CVE-2025-0411, in the f ...

Pierluigi Paganini January 22, 2025
Intelligence
Former CIA analyst pleaded guilty to leaking top-secret documents

A former CIA analyst, Asif William Rahman, pleaded guilty to leaking top-secret National Defense Information on social media in 2024. Asif William Rahman, a former CIA analyst with Top-Secret cle ...

Pierluigi Paganini January 21, 2025
Cyber Crime
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers

Researchers warn of a campaign exploiting AVTECH IP cameras and Huawei HG532 routers to create a Mirai botnet variant called Murdoc Botnet. Murdoc Botnet is a new Mirai botnet variant that targets ...

Pierluigi Paganini January 21, 2025
Hacking
CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber sc ...

Pierluigi Paganini January 21, 2025
Hacking
Experts found multiple flaws in Mercedes-Benz infotainment system

Kaspersky researchers shared details about multiple vulnerabilities impacting the Mercedes-Benz MBUX infotainment system. Kaspersky published research findings on the first-generation Mercedes-Ben ...

Pierluigi Paganini January 21, 2025
Data Breach
HPE is investigating IntelBroker's claims of the company hack

HPE is probing claims by the threat actor IntelBroker who is offering to sell alleged stolen source code and data from the company. Last week, the notorious threat actor IntelBroker announced on a ...

Pierluigi Paganini January 20, 2025
APT
Esperts found new DoNot Team APT group's Android malware

Researchers linked the threat actor DoNot Team to a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the ...

Pierluigi Paganini January 20, 2025
Cyber Crime
Malicious npm and PyPI target Solana Private keys to steal funds from victims' wallets

Researchers found malicious npm and PyPI packages capable of stealing and deleting sensitive data from infected systems. Socket researchers have identified multiple packages in the npm and Python ...

Pierluigi Paganini January 20, 2025
Security
Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology's industrial devices. The Planet WGS-804HPT industrial switch is used in building and home ...

Pierluigi Paganini January 20, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Stealthy Credit Card Skimmer Targets WordPress Checkout Pages ...

Pierluigi Paganini January 19, 2025
Uncategorized
Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 19, 2025
Security
A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. A severe vulnerability, tracked as CVE-2 ...

Pierluigi Paganini January 19, 2025
Intelligence
U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

The U.S. Treasury's OFAC sanctioned a Chinese cybersecurity firm and a Shanghai cyber actor for ties to Salt Typhoon and a federal agency breach. The U.S. Treasury Department's Office of Foreign A ...

Pierluigi Paganini January 18, 2025
Security
EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

noyb files complaints against TikTok, AliExpress, and other Chinese companies for illegal EU user data transfers to China, violating data protection laws. Austrian privacy non-profit group None of ...

Pierluigi Paganini January 17, 2025
Security
ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024- ...

Pierluigi Paganini January 17, 2025
APT
Russia-linked APT Star Blizzard targets WhatsApp accounts

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked ...

Pierluigi Paganini January 17, 2025
Data Breach
Prominent US law firm Wolf Haldenstein disclosed a data breach

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 million individuals. The law firm Wolf Haldenstein disclosed a 2023 data breach that expos ...

Pierluigi Paganini January 16, 2025
Cyber Crime
Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches

The Clop ransomware gang claims dozens of victims from a Cleo file transfer vulnerability, though several companies dispute the breaches. The Clop ransomware group added 59 new companies to its le ...

Pierluigi Paganini January 16, 2025
Hacking
MikroTik botnet relies on DNS misconfiguration to spread malware

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that ex ...

Pierluigi Paganini January 16, 2025
Cyber Crime
Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group publish ...

Pierluigi Paganini January 16, 2025
Security
U.S. CISA adds Fortinet FortiOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini January 15, 2025
Cyber Crime
Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AW ...

Pierluigi Paganini January 15, 2025
Hacking
CVE-2024-44243 macOS flaw allows persistent malware installation

Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS's System Integrity Protection (SIP). Microsoft disclosed details of a now-patched ...

Pierluigi Paganini January 15, 2025
Malware
FBI deleted China-linked PlugX malware from over 4,200 US computers

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with intern ...

Pierluigi Paganini January 14, 2025
APT
Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cybe ...

Pierluigi Paganini January 14, 2025
Hacking
A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf researchers observed a campaign targeting Fortin ...

Pierluigi Paganini January 14, 2025
Cyber Crime
Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners

A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerabi ...

Pierluigi Paganini January 14, 2025
Security
U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini January 13, 2025
Cyber Crime
Inexperienced actors developed the FunkSec ransomware using AI tools

FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late 2024, ...

Pierluigi Paganini January 13, 2025
Malware
Credit Card Skimmer campaign targets WordPress via database injection

Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection. Sucuri researchers warn of a stealthy credit card skimm ...

Pierluigi Paganini January 13, 2025
Cyber Crime
Microsoft took legal action against crooks who developed a tool to abuse its AI-based services

In December, Microsoft sued a group for creating tools to bypass safety measures in its cloud AI products. Microsoft filed a complaint with the Eastern District Court of Virginia against ten indiv ...

Pierluigi Paganini January 13, 2025
Hacktivism
Pro-Russia hackers NoName057 targets Italy again after Zelensky's visit to the country

Over the weekend, Italy faced new waves of DDoS attacks carried out by pro-Russia group NoName057(16). Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastr ...

Pierluigi Paganini January 12, 2025
Breaking News
Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 12, 2025
Hacking
How a researcher earned $100,000 hacking a Facebook server

Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024. TechCrunch first reported that Facebook awarded security researc ...

Pierluigi Paganini January 12, 2025
Cyber Crime
DoJ charged three Russian citizens with operating crypto-mixing services

The U.S. Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. The U.S. Department of Justice (DoJ) charged Russian ...

Pierluigi Paganini January 11, 2025
Data Breach
U.S. cannabis dispensary STIIIZY disclosed a data breach

US marijuana dispensary STIIIZY warns customers of leaked IDs and passports following a November data breach. US marijuana dispensary STIIIZY disclosed a data breach after a vendor's point-of-sale ...

Pierluigi Paganini January 11, 2025
Cyber Crime
A novel PayPal phishing campaign hijacks accounts

Fortinet warns of a phishing campaign using legitimate links to hijack PayPal accounts, tricking users into granting unauthorized access. Fortinet uncovered a phishing campaign targeting PayPal us ...

Pierluigi Paganini January 11, 2025
Malware
Banshee macOS stealer supports new evasion mechanisms

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostea ...

Pierluigi Paganini January 10, 2025
Hacking
Researchers disclosed details of a now-patched Samsung zero-click flaw

Researchers at Google Project Zero disclosed a now-patched zero-click vulnerability that affects Samsung devices. Google Project Zero researchers disclosed details about a now-patched zero-click v ...

Pierluigi Paganini January 10, 2025
Cyber Crime
Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. CrowdStrike disco ...

Pierluigi Paganini January 10, 2025
APT
China-linked APT group MirrorFace targets Japan

Japanese authorities attributed a cyber-espionage campaign targeting the country to the China-linked APT group MirrorFace. The National Police Agency (NPA) and the Cabinet Cyber Security Center in ...

Pierluigi Paganini January 10, 2025
Data Breach
U.S. Medical billing provider Medusind suffered a sata breach

Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and ...

Pierluigi Paganini January 09, 2025
Hacking
U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...

Pierluigi Paganini January 09, 2025
Security
SOC Scalability: How AI Supports Growth Without Overloading Analysts

Scaling up a security operations center (SOC) is inevitable for many organizations. How AI supports growth without overloading analysts. Scaling up a security operations center (SOC) is inevitable ...

Pierluigi Paganini January 09, 2025
Security
SonicWall warns of an exploitable SonicOS vulnerability

SonicWall warns customers to address an authentication bypass vulnerability in its firewall's SonicOS that is "susceptible to actual exploitation." SonicWall is urging customers to upgrade the Son ...

Pierluigi Paganini January 08, 2025
Malware
Gayfemboy Botnet targets Four-Faith router vulnerability

Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 202 ...

Pierluigi Paganini January 08, 2025
Social Networks
Meta replaces fact-checking with community notes post 'Cultural Tipping Point'

Meta is replacing its fact-checking program with a "community notes" system, citing a shift in moderation strategy after a "cultural tipping point." Meta CEO Mark Zuckerberg announced that the fac ...

Pierluigi Paganini January 08, 2025
Security
U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...

Pierluigi Paganini January 08, 2025
Uncategorized
Threat actors breached the Argentina’s airport security police (PSA) payroll

Threat actors breached Argentina’s airport security police (PSA) payroll, stealing data and deducting 2,000-5,000 pesos from salaries. Threat actors have breached Argentina’s airport security ...

Pierluigi Paganini January 07, 2025
Security
US adds Tencent to the list of companies supporting Chinese military

US adds Chinese multinational technology and entertainment conglomerate Tencent to the list of companies supporting the Chinese military. The US Department of Defense has added Chinese multination ...

Pierluigi Paganini January 07, 2025
Malware
Eagerbee backdoor targets govt entities and ISPs in the Middle East

Experts spotted new variants of the Eagerbee backdoor being used in attacks on government organizations and ISPs in the Middle East. Kaspersky researchers reported that new variants of the Eagerbe ...

Pierluigi Paganini January 07, 2025
Security
Nessus scanner agents went offline due to a faulty plugin update

Tenable disabled two Nessus scanner agent versions after a faulty plugin update caused agents to go offline. Tenable Nessus is a widely-used vulnerability scanning tool designed to identify and as ...

Pierluigi Paganini January 06, 2025
Intelligence
China-linked Salt Typhoon APT compromised more US telecoms than previously known

China-linked Salt Typhoon group that breached multiple US telecoms compromised more firms than previously known, WSJ says. The China-linked cyberespionage group Salt Typhoon targeted more US telec ...

Pierluigi Paganini January 06, 2025
Malware
PLAYFULGHOST backdoor supports multiple information stealing features

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. Google researchers analyzed a new malware f ...

Pierluigi Paganini January 06, 2025
Security
Nuclei flaw allows signature bypass and code execution

A vulnerability in Nuclei, an open-source vulnerability scanner, could allow attackers to bypass signature checks and execute malicious code. A high-severity security flaw, tracked as CVE-2024-43 ...

Pierluigi Paganini January 05, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 27

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostea ...

Pierluigi Paganini January 05, 2025
Breaking News
Security Affairs newsletter Round 505 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 05, 2025
Malware
Malicious npm packages target Ethereum developers

Malicious npm packages target Ethereum developers, impersonating Hardhat plugins to steal private keys and sensitive data. Hardhat, by the Nomic Foundation, is an essential Ethereum tool, enablin ...

Pierluigi Paganini January 04, 2025
Intelligence
US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

The U.S. Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. The U.S. Treasury sanctioned a Chinese cybers ...

Pierluigi Paganini January 04, 2025
Malware
FireScam Android info-stealing malware supports spyware capabilities

FireScam malware steals credentials and financial data by monitoring Android app notifications and sending data to a Firebase database. Cybersecurity firm Cyfirma warns of the FireScam Android inf ...

Pierluigi Paganini January 03, 2025
Data Breach
Richmond University Medical Center data breach impacted 674,033 individuals

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York's Richmond University Medical Center confirmed a May 2023 ransomware at ...

Pierluigi Paganini January 03, 2025
Security
Apple will pay $95 Million to settle lawsuit over Siri's alleged eavesdropping

Apple has agreed to a $95 million settlement over a Siri eavesdropping lawsuit, denying any abuses. The settlement awaits judicial approval. Apple will pay $95 million to settle claims that its vi ...

Pierluigi Paganini January 03, 2025
Security
LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113

Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability CVE-2024-49113 (CVSS score of 7.5), named LDA ...

Pierluigi Paganini January 03, 2025
Security
Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 million POP3 and IMAP mail servers lack ...

Pierluigi Paganini January 03, 2025
Cyber Crime
A US soldier was arrested for leaking presidential call logs

US authorities have arrested soldier Cameron John Wagenius for his alleged involvement in leaking presidential phone records. US authorities arrested Cameron John Wagenius (20), a US Army soldier, ...

Pierluigi Paganini January 02, 2025
Hacking
DoubleClickjacking allows clickjacking on major websites

The "DoubleClickjacking" exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjacking is a technique that allows ...

Pierluigi Paganini January 02, 2025
Security
Russian media outlets Telegram channels blocked in European countries

Telegram restricted access to Russian state-owned news channels in several European countries, including Poland, France, and Italy. Telegram blocked access to channels of multiple Russian state-ow ...

Pierluigi Paganini January 02, 2025
Intelligence
Three Russian-German nationals charged with suspicion of secret service agent activity

German authorities have charged three Russian-German nationals with suspicion of, among other things, secret service agent activity for the Russian government. German authorities have charged th ...

Pierluigi Paganini January 02, 2025
APT
Lumen reports that it has locked out the Salt Typhoon group from its network

Lumen reports that the Salt Typhoon hacking group, which targeted at least nine U.S. telecom firms, was locked out of its network. This week, a White House official confirmed that China-linked AP ...

Pierluigi Paganini January 02, 2025
Breaking News
Proposed updates to HIPAA Security Rule mandate to restore the loss of certain relevant electronic information systems and data within 72 hours

HHS OCR proposed updates to the HIPAA Security Rule to boost cybersecurity for electronic protected health information (ePHI). On December 27, 2024, the United States Department of Health and Huma ...

Pierluigi Paganini January 01, 2025
Laws and regulations
U.S. Treasury sanctions Russian and Iranian entities for interfering in the presidential election

The U.S. Treasury sanctioned entities for disinformation tied to Russian and Iranian intelligence before the 2024 presidential elections. The U.S. Treasury sanctioned entities for spreading disinf ...

Pierluigi Paganini January 01, 2025
Cyber Crime
Rhode Island ’s data from health benefits system leaked on the dark web

Rhode Island ’s health benefits system was hacked, and threat actors leaked residents' data on the dark web. Cybercriminals leaked data stolen from Rhode Island 's health benefits system on the ...

Pierluigi Paganini December 31, 2024
Hacking
Hacking campaign compromised at least 16 Chrome browser extensions

Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing ...

Pierluigi Paganini December 31, 2024
Hacking
An X user claimed a 7-Zip zero-day vulnerability, but 7-Zip's creator says is a fake

An X user using the handle @NSA_Employee39 disclosed a zero-day vulnerability in the open-source file archive software 7-Zip. A verified X account, @NSA_Employee39, claimed to disclose a zero-day ...

Pierluigi Paganini December 31, 2024
Data Breach
Cisco states that the second data leak is linked to the one from October

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4 ...

Pierluigi Paganini December 30, 2024
Hacking
Threat actors attempt to exploit a flaw in Four-Faith routers

VulnCheck researchers warn that threat actors are attempting to exploit a high-severity vulnerability impacting some Four-Faith routers. Cybersecurity firm VulnCheck warns that a high-severity fla ...

Pierluigi Paganini December 30, 2024
Data Breach
ZAGG disclosed a data breach that exposed its customers' credit card data

ZAGG Inc. notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. ZAGG Inc. disclosed a data breach that exposed its customers' cr ...

Pierluigi Paganini December 30, 2024
APT
China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm

A White House official confirmed that China-linked threat actor Salt Typhoon breached a ninth U.S. telecommunications company. A White House official confirmed that China-linked APT group Salt Typ ...

Pierluigi Paganini December 29, 2024
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 26

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Now You See Me, Now You Don’t: Using LLMs to Obfuscate Mali ...

Pierluigi Paganini December 29, 2024
Breaking News
Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 29, 2024
Security
Pro-Russia group NoName targeted the websites of Italian airports

Pro-Russia group NoName057 targets Italian sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions. The pro-Russia group NoName57 continues its camp ...

Pierluigi Paganini December 28, 2024
Malware
North Korea actors use OtterCookie malware in Contagious Interview campaign

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called Otter ...

Pierluigi Paganini December 28, 2024
Uncategorized
Experts warn of a surge in activity associated FICORA and Kaiten botnets

FortiGuard Labs observed increased activity from two botnets, the Mirai variant "FICORA" and the Kaiten variant "CAPSAICIN". FortiGuard Labs researchers observed a surge in activity associated wit ...

Pierluigi Paganini December 27, 2024
Hacking
Brazilian citizen charged for threatening to release data stolen from a company in 2020

A Brazilian citizen faces U.S. charges for allegedly threatening to release data stolen from a company in a March 2020 security breach. The U.S. government has charged the Brazilian citizen Junior ...

Pierluigi Paganini December 27, 2024
Malware
A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Akamai researchers discovered a new Mirai botnet variant targeting a vulnerability in DigiEver DS-2105 Pro DVRs. Akamai researchers spotted a Mirai-based botnet that is exploiting an remote code e ...

Pierluigi Paganini December 26, 2024
Cyber Crime
A ransomware attack disrupted services at Pittsburgh Regional Transit

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency's service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively r ...

Pierluigi Paganini December 26, 2024
Hacking
A cyber attack hit Japan Airlines delaying ticket sales for flights

A cyberattack hit Japan Airlines (JAL), causing the suspension of ticket sales for flights departing on Thursday. A cyber attack hit Japan Airlines (JAL) on Thursday, the offensive began at 7:24 a ...

Pierluigi Paganini December 26, 2024
Security
Apache fixed a critical SQL Injection in Apache Traffic Control

Apache Software Foundation (ASF) addressed a critical SQL Injection vulnerability, tracked as CVE-2024-45387, in Apache Traffic Control. The Apache Software Foundation (ASF) released security u ...

Pierluigi Paganini December 26, 2024
Malware
BellaCPP, Charming Kitten's BellaCiao variant written in C++

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao malware dubbed BellaCPP, Kaspersky researchers warn. The Iran-linked APT group Charming Kitten has been ...

Pierluigi Paganini December 25, 2024
Hacking
DMM Bitcoin $308M Bitcoin heist linked to North Korea

Japanese and U.S. authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. Japanese and U.S. authorities linked the $308 million cyber heist t ...

Pierluigi Paganini December 25, 2024
Security
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Adobe released out-of-band security updates to address a critical ColdFusion vulnerability, experts warn of a PoC exploit code available for it. Adobe released out-of-band security updates to ad ...

Pierluigi Paganini December 24, 2024
Security
Apache Foundation fixed a severe Tomcat vulnerability

The Apache Software Foundation fixed a Tomcat server software flaw that could lead to remote code execution under certain conditions. The Apache Software Foundation (ASF) addressed an important vu ...

Pierluigi Paganini December 24, 2024
Laws and regulations
Italy's data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Italy's data protection watchdog fined OpenAI €15 million for ChatGPT's improper collection of personal data. Italy’s privacy watchdog, Garante Privacy, fined OpenAI €15M after investigating ...

Pierluigi Paganini December 24, 2024
Hacking
U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security A ...

Pierluigi Paganini December 23, 2024
Laws and regulations
U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

A U.S. court ruled in favor of WhatsApp against NSO Group, holding the spyware vendor liable for exploiting a flaw to deliver Pegasus spyware. WhatsApp won a legal case against NSO Group in a U.S. ...

Pierluigi Paganini December 23, 2024
APT
Lazarus APT targeted employees at an unnamed nuclear-related organization

North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked Lazarus Group targeting at lea ...

Pierluigi Paganini December 23, 2024
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 25

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Vishing via Microsoft Teams Facilitates DarkGate Malware Intr ...

Pierluigi Paganini December 22, 2024
Breaking News
Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...