LATEST NEWS

VIEW ALL
Millions computers running Computrace agent can be remotely hijacked
Pierluigi Paganini February 13, 2014

Experts at Kaspersky confirm hidden threat in BIOSes of Popular Laptops and warns that Absolute Computrace Anti-Theft agent can be remotely hijacked Researchers at Kaspersky Lab have demonstrated tha ...

Largest Ever 400Gbps Distributed Denial of Service NTP Amplification attack hit Cloudfare
Pierluigi Paganini February 12, 2014

Largest Ever 400Gbps Distributed Denial of Service NTP Amplification attack hits Europe servers of anti-DDoS protection firm Cloudfare. Despite  the Distributed Denial of Service (DDoS) attack is a ...

JackPOS malware presented as a Java Update Scheduler
Pierluigi Paganini February 12, 2014

JackPOS was detected by security experts at IntelCrawler firm several days ago and it seemed based on code from "Alina". Attacks on POS are on the rise. A new strain of Point-of-Sale malware named "J ...

Honey Encryption deceives attackers with fake data
Pierluigi Paganini February 11, 2014

Honey Encryption is the name of a new approach to encryption, elaborated by the independent researcher Ari Juels, based on misleading results. Honey Encryption, this is the name for a new approach t ...

recent articles

Security
SentinelOne warns of threat actors targeting its systems and high-value clients

SentinelOne warns China-linked APT group PurpleHaze attempted reconnaissance on its systems and high-value clients. Cybersecurity firm SentinelOne warns that a China-linked APT group, tracked as P ...

Pierluigi Paganini April 29, 2025
Hacking
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group's latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilitie ...

Pierluigi Paganini April 29, 2025
Data Breach
VeriSource data breach impacted 4M individuals

VeriSource breach exposed data of 4M people in Feb 2024; stolen info includes personal details from an employee benefits services provider. VeriSource is alerting 4 million people after a February ...

Pierluigi Paganini April 29, 2025
Hacking
U.S. CISA adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog. ...

Pierluigi Paganini April 29, 2025
Hacking
The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning

BreachForums, a major data leak marketplace, shut down on April 15 after a MyBB 0-day exploit allowed law enforcement infiltration. On April 15, BreachForums, one of the top marketplaces for stole ...

Pierluigi Paganini April 28, 2025
APT
Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast As ...

Pierluigi Paganini April 28, 2025
Hacking
A large-scale phishing campaign targets WordPress WooCommerce users

A large-scale phishing campaign targets WordPress WooCommerce users with a fake security alert urging them to download a 'critical patch' hiding a backdoor. Patchstack researchers uncovered a larg ...

Pierluigi Paganini April 28, 2025
Hacking
PoC rootkit Curing evades traditional Linux detection systems

Researchers created a PoC rootkit called Curing that uses Linux’s io_uring feature to evade traditional system call monitoring. Armo researchers have demonstrated a proof-of-concept (PoC) rootki ...

Pierluigi Paganini April 28, 2025
Hacking
Attackers chained Craft CMS zero-days attacks in the wild

Orange Cyberdefense's CSIRT reported that threat actors exploited two vulnerabilities in Craft CMS to breach servers and steal data. Orange Cyberdefense's CSIRT warns that threat actors chained tw ...

Pierluigi Paganini April 28, 2025
Hacking
Storm-1977 targets education sector with password spraying, Microsoft warns

Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers obser ...

Pierluigi Paganini April 27, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive ...

Pierluigi Paganini April 27, 2025
Breaking News
Security Affairs newsletter Round 521 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini April 27, 2025
Security
African multinational telco giant MTN Group disclosed a data breach

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers' personal information. MTN Group Limited is a South African multinational telecommunicat ...

Pierluigi Paganini April 26, 2025
Cyber Crime
CEO of cybersecurity firm charged with installing malware on hospital systems

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma's Computer Crimes Act. Jeffrey Bowie, CEO of the cybersecurity firm Veritaco, is ...

Pierluigi Paganini April 26, 2025
Malware
JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure

Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed Dslogd ...

Pierluigi Paganini April 25, 2025
Hacking
SAP NetWeaver zero-day allegedly exploited by an initial access broker

A zero-day in SAP NetWeaver is potentially being exploited, putting thousands of internet-facing applications at risk. Researchers warn that a zero-day vulnerability, tracked as CVE-2025-31324 ( ...

Pierluigi Paganini April 25, 2025
APT
Operation SyncHole: Lazarus APT targets supply chains in South Korea

The North Korea-linked Lazarus Group targeted at least six firms in South Korea in a cyber espionage campaign called Operation SyncHole. Kaspersky researchers reported that the North Korea-linked ...

Pierluigi Paganini April 25, 2025
Cyber Crime
Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita

The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. DaVita Inc. provides kidney dialysis services t ...

Pierluigi Paganini April 25, 2025
Data Breach
Yale New Haven Health (YNHHS) data breach impacted 5.5 million patients

Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack. Yale New Haven Health (YNHHS) disclosed a data breach that exposed pers ...

Pierluigi Paganini April 24, 2025
Cyber Crime
Crooks exploit the death of Pope Francis

Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. After Pope Francis' death, cybercriminals launc ...

Pierluigi Paganini April 24, 2025