LATEST NEWS

VIEW ALL
Governments and gaming platforms, it's time for warfare
Pierluigi Paganini April 10, 2012

The US government is financing several activities to investigate and hack into the technology spread in every device that ordinary surround us. This is the next step of the warfare, spy and attacks ...

China, cyber warfare and challenges for the future
Pierluigi Paganini April 09, 2012

When discuss on cyber warfare we cannot regardless of the role played by nations such as China, U.S. and Russia. In particular, the Beijing government has distinguished itself in recent years for two ...

Synaptic Labs' Annual Reports on the Global Cyber Safety and Security Status, Technical Problems, Drivers and Incentives (2012)
Pierluigi Paganini April 09, 2012

It is clear that there is an unrelenting increase in cyber attacks.  Indeed, the media at large is now bombarding the community with a stream of isolated security incidents, one after the ...

Anonymous attacks the UK government.OpTrialAtHome, Tango Down
Pierluigi Paganini April 08, 2012

As announced during last days Anonymous has launched a Distributed Denial of Service (DDoS) against several UK government websites. A massive recruiting campaign is started on social media, a call ...

recent articles

Cyber Crime
U.S. President Donald Trump granted a "full and unconditional pardon" to Ross Ulbricht, Silk Road creator

Donald Trump pardoned Ross Ulbricht, creator of the notorious dark web, drug marketplace Silk Road , after 11 years in prison. Donald Trump pardoned Ross Ulbricht, creator of Silk Road, who was co ...

Pierluigi Paganini January 23, 2025
Hacking
Pwn2Own Automotive 2025 Day 1: organizers awarded $382,750 for 16 zero-days

Trend Micro’s Zero Day Initiative (ZDI) announced that $380K was awarded on Day 1 of Pwn2Own Automotive 2025. Trend Micro’s Zero Day Initiative (ZDI) announced that over $380,000 was awarded o ...

Pierluigi Paganini January 22, 2025
Cyber Crime
Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracke ...

Pierluigi Paganini January 22, 2025
Hacking
A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

A vulnerability in the 7-Zip file software allows attackers to bypass the Mark of the Web (MotW) Windows security feature. Attackers can exploit a vulnerability, tracked as CVE-2025-0411, in the f ...

Pierluigi Paganini January 22, 2025
Intelligence
Former CIA analyst pleaded guilty to leaking top-secret documents

A former CIA analyst, Asif William Rahman, pleaded guilty to leaking top-secret National Defense Information on social media in 2024. Asif William Rahman, a former CIA analyst with Top-Secret cle ...

Pierluigi Paganini January 21, 2025
Cyber Crime
New Mirai botnet variant Murdoc Botnet targets AVTECH IP cameras and Huawei HG532 routers

Researchers warn of a campaign exploiting AVTECH IP cameras and Huawei HG532 routers to create a Mirai botnet variant called Murdoc Botnet. Murdoc Botnet is a new Mirai botnet variant that targets ...

Pierluigi Paganini January 21, 2025
Hacking
CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber sc ...

Pierluigi Paganini January 21, 2025
Hacking
Experts found multiple flaws in Mercedes-Benz infotainment system

Kaspersky researchers shared details about multiple vulnerabilities impacting the Mercedes-Benz MBUX infotainment system. Kaspersky published research findings on the first-generation Mercedes-Ben ...

Pierluigi Paganini January 21, 2025
Data Breach
HPE is investigating IntelBroker's claims of the company hack

HPE is probing claims by the threat actor IntelBroker who is offering to sell alleged stolen source code and data from the company. Last week, the notorious threat actor IntelBroker announced on a ...

Pierluigi Paganini January 20, 2025
APT
Esperts found new DoNot Team APT group's Android malware

Researchers linked the threat actor DoNot Team to a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the ...

Pierluigi Paganini January 20, 2025
Cyber Crime
Malicious npm and PyPI target Solana Private keys to steal funds from victims' wallets

Researchers found malicious npm and PyPI packages capable of stealing and deleting sensitive data from infected systems. Socket researchers have identified multiple packages in the npm and Python ...

Pierluigi Paganini January 20, 2025
Security
Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology's industrial devices. The Planet WGS-804HPT industrial switch is used in building and home ...

Pierluigi Paganini January 20, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 29

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Stealthy Credit Card Skimmer Targets WordPress Checkout Pages ...

Pierluigi Paganini January 19, 2025
Uncategorized
Security Affairs newsletter Round 507 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 19, 2025
Security
A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. A severe vulnerability, tracked as CVE-2 ...

Pierluigi Paganini January 19, 2025
Intelligence
U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

The U.S. Treasury's OFAC sanctioned a Chinese cybersecurity firm and a Shanghai cyber actor for ties to Salt Typhoon and a federal agency breach. The U.S. Treasury Department's Office of Foreign A ...

Pierluigi Paganini January 18, 2025
Security
EU privacy non-profit group filed complaints against TikTok, SHEIN, AliExpress, and other Chinese companies

noyb files complaints against TikTok, AliExpress, and other Chinese companies for illegal EU user data transfers to China, violating data protection laws. Austrian privacy non-profit group None of ...

Pierluigi Paganini January 17, 2025
Security
ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024- ...

Pierluigi Paganini January 17, 2025
APT
Russia-linked APT Star Blizzard targets WhatsApp accounts

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked ...

Pierluigi Paganini January 17, 2025
Data Breach
Prominent US law firm Wolf Haldenstein disclosed a data breach

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 million individuals. The law firm Wolf Haldenstein disclosed a 2023 data breach that expos ...

Pierluigi Paganini January 16, 2025
Cyber Crime
Clop Ransomware exploits Cleo File Transfer flaw: dozens of claims, disputed breaches

The Clop ransomware gang claims dozens of victims from a Cleo file transfer vulnerability, though several companies dispute the breaches. The Clop ransomware group added 59 new companies to its le ...

Pierluigi Paganini January 16, 2025
Hacking
MikroTik botnet relies on DNS misconfiguration to spread malware

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that ex ...

Pierluigi Paganini January 16, 2025
Cyber Crime
Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group publish ...

Pierluigi Paganini January 16, 2025
Security
U.S. CISA adds Fortinet FortiOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...

Pierluigi Paganini January 15, 2025
Cyber Crime
Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AW ...

Pierluigi Paganini January 15, 2025
Hacking
CVE-2024-44243 macOS flaw allows persistent malware installation

Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS's System Integrity Protection (SIP). Microsoft disclosed details of a now-patched ...

Pierluigi Paganini January 15, 2025
Malware
FBI deleted China-linked PlugX malware from over 4,200 US computers

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with intern ...

Pierluigi Paganini January 14, 2025
APT
Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cybe ...

Pierluigi Paganini January 14, 2025
Hacking
A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf researchers observed a campaign targeting Fortin ...

Pierluigi Paganini January 14, 2025
Cyber Crime
Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners

A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerabi ...

Pierluigi Paganini January 14, 2025
Security
U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...

Pierluigi Paganini January 13, 2025
Cyber Crime
Inexperienced actors developed the FunkSec ransomware using AI tools

FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late 2024, ...

Pierluigi Paganini January 13, 2025
Malware
Credit Card Skimmer campaign targets WordPress via database injection

Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection. Sucuri researchers warn of a stealthy credit card skimm ...

Pierluigi Paganini January 13, 2025
Cyber Crime
Microsoft took legal action against crooks who developed a tool to abuse its AI-based services

In December, Microsoft sued a group for creating tools to bypass safety measures in its cloud AI products. Microsoft filed a complaint with the Eastern District Court of Virginia against ten indiv ...

Pierluigi Paganini January 13, 2025
Hacktivism
Pro-Russia hackers NoName057 targets Italy again after Zelensky's visit to the country

Over the weekend, Italy faced new waves of DDoS attacks carried out by pro-Russia group NoName057(16). Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastr ...

Pierluigi Paganini January 12, 2025
Breaking News
Security Affairs newsletter Round 506 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 12, 2025
Hacking
How a researcher earned $100,000 hacking a Facebook server

Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024. TechCrunch first reported that Facebook awarded security researc ...

Pierluigi Paganini January 12, 2025
Cyber Crime
DoJ charged three Russian citizens with operating crypto-mixing services

The U.S. Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. The U.S. Department of Justice (DoJ) charged Russian ...

Pierluigi Paganini January 11, 2025
Data Breach
U.S. cannabis dispensary STIIIZY disclosed a data breach

US marijuana dispensary STIIIZY warns customers of leaked IDs and passports following a November data breach. US marijuana dispensary STIIIZY disclosed a data breach after a vendor's point-of-sale ...

Pierluigi Paganini January 11, 2025
Cyber Crime
A novel PayPal phishing campaign hijacks accounts

Fortinet warns of a phishing campaign using legitimate links to hijack PayPal accounts, tricking users into granting unauthorized access. Fortinet uncovered a phishing campaign targeting PayPal us ...

Pierluigi Paganini January 11, 2025
Malware
Banshee macOS stealer supports new evasion mechanisms

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostea ...

Pierluigi Paganini January 10, 2025
Hacking
Researchers disclosed details of a now-patched Samsung zero-click flaw

Researchers at Google Project Zero disclosed a now-patched zero-click vulnerability that affects Samsung devices. Google Project Zero researchers disclosed details about a now-patched zero-click v ...

Pierluigi Paganini January 10, 2025
Cyber Crime
Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. CrowdStrike disco ...

Pierluigi Paganini January 10, 2025
APT
China-linked APT group MirrorFace targets Japan

Japanese authorities attributed a cyber-espionage campaign targeting the country to the China-linked APT group MirrorFace. The National Police Agency (NPA) and the Cabinet Cyber Security Center in ...

Pierluigi Paganini January 10, 2025
Data Breach
U.S. Medical billing provider Medusind suffered a sata breach

Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and ...

Pierluigi Paganini January 09, 2025
Hacking
U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...

Pierluigi Paganini January 09, 2025
Security
SOC Scalability: How AI Supports Growth Without Overloading Analysts

Scaling up a security operations center (SOC) is inevitable for many organizations. How AI supports growth without overloading analysts. Scaling up a security operations center (SOC) is inevitable ...

Pierluigi Paganini January 09, 2025
Security
SonicWall warns of an exploitable SonicOS vulnerability

SonicWall warns customers to address an authentication bypass vulnerability in its firewall's SonicOS that is "susceptible to actual exploitation." SonicWall is urging customers to upgrade the Son ...

Pierluigi Paganini January 08, 2025
Malware
Gayfemboy Botnet targets Four-Faith router vulnerability

Gayfemboy, a Mirai botnet variant, has been exploiting a flaw in Four-Faith industrial routers to launch DDoS attacks since November 2024. The Gayfemboy botnet was first identified in February 202 ...

Pierluigi Paganini January 08, 2025
Social Networks
Meta replaces fact-checking with community notes post 'Cultural Tipping Point'

Meta is replacing its fact-checking program with a "community notes" system, citing a shift in moderation strategy after a "cultural tipping point." Meta CEO Mark Zuckerberg announced that the fac ...

Pierluigi Paganini January 08, 2025
Security
U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrast ...

Pierluigi Paganini January 08, 2025
Uncategorized
Threat actors breached the Argentina’s airport security police (PSA) payroll

Threat actors breached Argentina’s airport security police (PSA) payroll, stealing data and deducting 2,000-5,000 pesos from salaries. Threat actors have breached Argentina’s airport security ...

Pierluigi Paganini January 07, 2025
Security
US adds Tencent to the list of companies supporting Chinese military

US adds Chinese multinational technology and entertainment conglomerate Tencent to the list of companies supporting the Chinese military. The US Department of Defense has added Chinese multination ...

Pierluigi Paganini January 07, 2025
Malware
Eagerbee backdoor targets govt entities and ISPs in the Middle East

Experts spotted new variants of the Eagerbee backdoor being used in attacks on government organizations and ISPs in the Middle East. Kaspersky researchers reported that new variants of the Eagerbe ...

Pierluigi Paganini January 07, 2025
Security
Nessus scanner agents went offline due to a faulty plugin update

Tenable disabled two Nessus scanner agent versions after a faulty plugin update caused agents to go offline. Tenable Nessus is a widely-used vulnerability scanning tool designed to identify and as ...

Pierluigi Paganini January 06, 2025
Intelligence
China-linked Salt Typhoon APT compromised more US telecoms than previously known

China-linked Salt Typhoon group that breached multiple US telecoms compromised more firms than previously known, WSJ says. The China-linked cyberespionage group Salt Typhoon targeted more US telec ...

Pierluigi Paganini January 06, 2025
Malware
PLAYFULGHOST backdoor supports multiple information stealing features

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. Google researchers analyzed a new malware f ...

Pierluigi Paganini January 06, 2025
Security
Nuclei flaw allows signature bypass and code execution

A vulnerability in Nuclei, an open-source vulnerability scanner, could allow attackers to bypass signature checks and execute malicious code. A high-severity security flaw, tracked as CVE-2024-43 ...

Pierluigi Paganini January 05, 2025
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 27

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostea ...

Pierluigi Paganini January 05, 2025
Breaking News
Security Affairs newsletter Round 505 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini January 05, 2025
Malware
Malicious npm packages target Ethereum developers

Malicious npm packages target Ethereum developers, impersonating Hardhat plugins to steal private keys and sensitive data. Hardhat, by the Nomic Foundation, is an essential Ethereum tool, enablin ...

Pierluigi Paganini January 04, 2025
Intelligence
US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

The U.S. Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. The U.S. Treasury sanctioned a Chinese cybers ...

Pierluigi Paganini January 04, 2025
Malware
FireScam Android info-stealing malware supports spyware capabilities

FireScam malware steals credentials and financial data by monitoring Android app notifications and sending data to a Firebase database. Cybersecurity firm Cyfirma warns of the FireScam Android inf ...

Pierluigi Paganini January 03, 2025
Data Breach
Richmond University Medical Center data breach impacted 674,033 individuals

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York's Richmond University Medical Center confirmed a May 2023 ransomware at ...

Pierluigi Paganini January 03, 2025
Security
Apple will pay $95 Million to settle lawsuit over Siri's alleged eavesdropping

Apple has agreed to a $95 million settlement over a Siri eavesdropping lawsuit, denying any abuses. The settlement awaits judicial approval. Apple will pay $95 million to settle claims that its vi ...

Pierluigi Paganini January 03, 2025
Security
LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113

Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability CVE-2024-49113 (CVSS score of 7.5), named LDA ...

Pierluigi Paganini January 03, 2025
Security
Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 million POP3 and IMAP mail servers lack ...

Pierluigi Paganini January 03, 2025
Cyber Crime
A US soldier was arrested for leaking presidential call logs

US authorities have arrested soldier Cameron John Wagenius for his alleged involvement in leaking presidential phone records. US authorities arrested Cameron John Wagenius (20), a US Army soldier, ...

Pierluigi Paganini January 02, 2025
Hacking
DoubleClickjacking allows clickjacking on major websites

The "DoubleClickjacking" exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjacking is a technique that allows ...

Pierluigi Paganini January 02, 2025
Security
Russian media outlets Telegram channels blocked in European countries

Telegram restricted access to Russian state-owned news channels in several European countries, including Poland, France, and Italy. Telegram blocked access to channels of multiple Russian state-ow ...

Pierluigi Paganini January 02, 2025
Intelligence
Three Russian-German nationals charged with suspicion of secret service agent activity

German authorities have charged three Russian-German nationals with suspicion of, among other things, secret service agent activity for the Russian government. German authorities have charged th ...

Pierluigi Paganini January 02, 2025
APT
Lumen reports that it has locked out the Salt Typhoon group from its network

Lumen reports that the Salt Typhoon hacking group, which targeted at least nine U.S. telecom firms, was locked out of its network. This week, a White House official confirmed that China-linked AP ...

Pierluigi Paganini January 02, 2025
Breaking News
Proposed updates to HIPAA Security Rule mandate to restore the loss of certain relevant electronic information systems and data within 72 hours

HHS OCR proposed updates to the HIPAA Security Rule to boost cybersecurity for electronic protected health information (ePHI). On December 27, 2024, the United States Department of Health and Huma ...

Pierluigi Paganini January 01, 2025
Laws and regulations
U.S. Treasury sanctions Russian and Iranian entities for interfering in the presidential election

The U.S. Treasury sanctioned entities for disinformation tied to Russian and Iranian intelligence before the 2024 presidential elections. The U.S. Treasury sanctioned entities for spreading disinf ...

Pierluigi Paganini January 01, 2025
Cyber Crime
Rhode Island ’s data from health benefits system leaked on the dark web

Rhode Island ’s health benefits system was hacked, and threat actors leaked residents' data on the dark web. Cybercriminals leaked data stolen from Rhode Island 's health benefits system on the ...

Pierluigi Paganini December 31, 2024
Hacking
Hacking campaign compromised at least 16 Chrome browser extensions

Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing ...

Pierluigi Paganini December 31, 2024
Hacking
An X user claimed a 7-Zip zero-day vulnerability, but 7-Zip's creator says is a fake

An X user using the handle @NSA_Employee39 disclosed a zero-day vulnerability in the open-source file archive software 7-Zip. A verified X account, @NSA_Employee39, claimed to disclose a zero-day ...

Pierluigi Paganini December 31, 2024
Data Breach
Cisco states that the second data leak is linked to the one from October

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4 ...

Pierluigi Paganini December 30, 2024
Hacking
Threat actors attempt to exploit a flaw in Four-Faith routers

VulnCheck researchers warn that threat actors are attempting to exploit a high-severity vulnerability impacting some Four-Faith routers. Cybersecurity firm VulnCheck warns that a high-severity fla ...

Pierluigi Paganini December 30, 2024
Data Breach
ZAGG disclosed a data breach that exposed its customers' credit card data

ZAGG Inc. notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. ZAGG Inc. disclosed a data breach that exposed its customers' cr ...

Pierluigi Paganini December 30, 2024
APT
China-linked APT Salt Typhoon breached a ninth U.S. telecommunications firm

A White House official confirmed that China-linked threat actor Salt Typhoon breached a ninth U.S. telecommunications company. A White House official confirmed that China-linked APT group Salt Typ ...

Pierluigi Paganini December 29, 2024
Uncategorized
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 26

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Now You See Me, Now You Don’t: Using LLMs to Obfuscate Mali ...

Pierluigi Paganini December 29, 2024
Breaking News
Security Affairs newsletter Round 504 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 29, 2024
Security
Pro-Russia group NoName targeted the websites of Italian airports

Pro-Russia group NoName057 targets Italian sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions. The pro-Russia group NoName57 continues its camp ...

Pierluigi Paganini December 28, 2024
Malware
North Korea actors use OtterCookie malware in Contagious Interview campaign

North Korea-linked threat actors are using the OtterCookie backdoor to target software developers with fake job offers. North Korea-linked threat actors were spotted using new malware called Otter ...

Pierluigi Paganini December 28, 2024
Uncategorized
Experts warn of a surge in activity associated FICORA and Kaiten botnets

FortiGuard Labs observed increased activity from two botnets, the Mirai variant "FICORA" and the Kaiten variant "CAPSAICIN". FortiGuard Labs researchers observed a surge in activity associated wit ...

Pierluigi Paganini December 27, 2024
Hacking
Brazilian citizen charged for threatening to release data stolen from a company in 2020

A Brazilian citizen faces U.S. charges for allegedly threatening to release data stolen from a company in a March 2020 security breach. The U.S. government has charged the Brazilian citizen Junior ...

Pierluigi Paganini December 27, 2024
Malware
A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Akamai researchers discovered a new Mirai botnet variant targeting a vulnerability in DigiEver DS-2105 Pro DVRs. Akamai researchers spotted a Mirai-based botnet that is exploiting an remote code e ...

Pierluigi Paganini December 26, 2024
Cyber Crime
A ransomware attack disrupted services at Pittsburgh Regional Transit

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency's service disruptions. On December 23, 2024, Pittsburgh Regional Transit (PRT) announced it was actively r ...

Pierluigi Paganini December 26, 2024
Hacking
A cyber attack hit Japan Airlines delaying ticket sales for flights

A cyberattack hit Japan Airlines (JAL), causing the suspension of ticket sales for flights departing on Thursday. A cyber attack hit Japan Airlines (JAL) on Thursday, the offensive began at 7:24 a ...

Pierluigi Paganini December 26, 2024
Security
Apache fixed a critical SQL Injection in Apache Traffic Control

Apache Software Foundation (ASF) addressed a critical SQL Injection vulnerability, tracked as CVE-2024-45387, in Apache Traffic Control. The Apache Software Foundation (ASF) released security u ...

Pierluigi Paganini December 26, 2024
Malware
BellaCPP, Charming Kitten's BellaCiao variant written in C++

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao malware dubbed BellaCPP, Kaspersky researchers warn. The Iran-linked APT group Charming Kitten has been ...

Pierluigi Paganini December 25, 2024
Hacking
DMM Bitcoin $308M Bitcoin heist linked to North Korea

Japanese and U.S. authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to North Korean cyber actors. Japanese and U.S. authorities linked the $308 million cyber heist t ...

Pierluigi Paganini December 25, 2024
Security
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Adobe released out-of-band security updates to address a critical ColdFusion vulnerability, experts warn of a PoC exploit code available for it. Adobe released out-of-band security updates to ad ...

Pierluigi Paganini December 24, 2024
Security
Apache Foundation fixed a severe Tomcat vulnerability

The Apache Software Foundation fixed a Tomcat server software flaw that could lead to remote code execution under certain conditions. The Apache Software Foundation (ASF) addressed an important vu ...

Pierluigi Paganini December 24, 2024
Laws and regulations
Italy's data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Italy's data protection watchdog fined OpenAI €15 million for ChatGPT's improper collection of personal data. Italy’s privacy watchdog, Garante Privacy, fined OpenAI €15M after investigating ...

Pierluigi Paganini December 24, 2024
Hacking
U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security A ...

Pierluigi Paganini December 23, 2024
Laws and regulations
U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

A U.S. court ruled in favor of WhatsApp against NSO Group, holding the spyware vendor liable for exploiting a flaw to deliver Pegasus spyware. WhatsApp won a legal case against NSO Group in a U.S. ...

Pierluigi Paganini December 23, 2024
APT
Lazarus APT targeted employees at an unnamed nuclear-related organization

North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked Lazarus Group targeting at lea ...

Pierluigi Paganini December 23, 2024
Breaking News
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 25

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Vishing via Microsoft Teams Facilitates DarkGate Malware Intr ...

Pierluigi Paganini December 22, 2024
Breaking News
Security Affairs newsletter Round 503 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 22, 2024
Uncategorized
US charged Dual Russian and Israeli National as LockBit Ransomware developer

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ran ...

Pierluigi Paganini December 22, 2024
Malware
BadBox rapidly grows, 190,000 Android devices infected

Experts uncovered a botnet of 190,000 Android devices infected by BadBox bot, primarily Yandex smart TVs and Hisense smartphones. Bitsight researchers uncovered new BADBOX infrastructure, company' ...

Pierluigi Paganini December 21, 2024
Cyber Crime
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sent ...

Pierluigi Paganini December 21, 2024
Security
Sophos fixed critical vulnerabilities in its Firewall product

Sophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access to devices, and remote code execution. Sophos has addressed three vulnerabilities, respectively tra ...

Pierluigi Paganini December 20, 2024
Security
U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities cata ...

Pierluigi Paganini December 20, 2024
Cyber Crime
Raccoon Infostealer operator sentenced to 60 months in prison

Raccoon Infostealer operator Mark Sokolovsky was sentenced to 60 months in US prison and ordered to pay over $910,000 in restitution. The US Department of Justice sentenced the Ukrainian national ...

Pierluigi Paganini December 20, 2024
Malware
Mirai botnet targets SSR devices, Juniper Networks warns

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Juniper Networks is warning that a Mirai botnet ...

Pierluigi Paganini December 19, 2024
Hacking
Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerabilit ...

Pierluigi Paganini December 19, 2024
APT
CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army

The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 abuses Cloudflare Workers services to target the Ukrainian army with Malware. The Computer Emergency ...

Pierluigi Paganini December 19, 2024
Uncategorized
US considers banning TP-Link routers over cybersecurity concerns

The U.S. government may ban TP-Link routers in 2025 if investigations confirm their use could pose a national security risk. The U.S. government is investigating whether TP-Link routers, linked to ...

Pierluigi Paganini December 19, 2024
APT
Russia-linked APT29 group used red team tools in rogue RDP attacks

Russia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT2 ...

Pierluigi Paganini December 18, 2024
Hacking
Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677

Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vul ...

Pierluigi Paganini December 18, 2024
Laws and regulations
Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Meta has been fined €251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta � ...

Pierluigi Paganini December 18, 2024
Data Breach
Texas Tech University data breach impacted 1.4 million individuals

Texas Tech University reports a data breach affecting 1.4 million, exposing personal, health, and financial data from its health sciences centers. Texas Tech University disclosed a data breach tha ...

Pierluigi Paganini December 17, 2024
Malware
The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry No ...

Pierluigi Paganini December 17, 2024
Intelligence
Russia FSB relies on Ukrainian minors for criminal activities disguised as "quest games"

Ukraine's SBU uncovered an FSB espionage campaign recruiting minors for criminal activities disguised as "quest games." The Security Service of Ukraine (SBU or SSU) uncovered a new espionage campa ...

Pierluigi Paganini December 17, 2024
Security
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecu ...

Pierluigi Paganini December 17, 2024
Data Breach
ConnectOnCall data breach impacted over 900,000 individuals

ConnectOnCall disclosed a data breach impacting over 900,000 individuals, exposing their personal information. ConnectOnCall is a telehealth platform and after-hours on-call answering service desi ...

Pierluigi Paganini December 16, 2024
Malware
Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist's phone. In February 2024, Serbian journalist Slaviša Milanov was summ ...

Pierluigi Paganini December 16, 2024
Hacking
Multiple flaws in Volkswagen Group's infotainment unit allow for vehicle compromise

Researchers discovered multiple flaws in the infotainment systems of Volkswagen Group vehicles that could allow to track them in real-time. A team of security researchers from cybersecurity firm P ...

Pierluigi Paganini December 16, 2024
Malware
PUMAKIT, a sophisticated rootkit that uses advanced stealth mechanisms 

Researchers discovered PUMAKIT, a Linux rootkit capable of hiding files, escalating privileges, and evading system tools and detection. Elastic Security Lab researchers discovered a new loadable k ...

Pierluigi Paganini December 15, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 24

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. PROXY.AM Powered by Socks5Systemz Botnet  AppLite: A ...

Pierluigi Paganini December 15, 2024
Uncategorized
Security Affairs newsletter Round 502 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 15, 2024
Malware
IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware. Claroty's Team82 obtained a sample of a custom-built IoT/OT malware called IOCONT ...

Pierluigi Paganini December 14, 2024
Security
U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini December 14, 2024
Malware
German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox

The German agency BSI has sinkholed a botnet composed of 30,000 devices shipped with BadBox malware pre-installed. The Federal Office for Information Security (BSI) announced it had blocked commun ...

Pierluigi Paganini December 13, 2024
Cyber Crime
U.S. authorities seized cybercrime marketplace Rydox

The U.S. Department of Justice (DoJ) announced the seizure of the cybercrime marketplace Rydox ("rydox.ru" and "rydox[.]cc"). The U.S. Department of Justice (DoJ) seized Rydox, a cybercrime market ...

Pierluigi Paganini December 13, 2024
APT
Experts discovered the first mobile malware families linked to Russia's Gamaredon

The Russia-linked APT Gamaredon used two new Android spyware tools called BoneSpy and PlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surv ...

Pierluigi Paganini December 13, 2024
Data Breach
US Bitcoin ATM operator Byte Federal suffered a data breach

US Bitcoin ATM operator Byte Federal suffered a data breach impacting 58,000 customers, attackers gained unauthorized access to a server via GitLab flaw. US Bitcoin ATM operator Byte Federal discl ...

Pierluigi Paganini December 12, 2024
Malware
Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance ...

Pierluigi Paganini December 12, 2024
Cyber Crime
Operation PowerOFF took down 27 DDoS platforms across 15 countries

Operation PowerOFF took down 27 DDoS stresser services globally, disrupting illegal platforms used for launching cyberattacks. A global law enforcement operation codenamed Operation PowerOFF disru ...

Pierluigi Paganini December 12, 2024
APT
Russia's Secret Blizzard APT targets Ukraine with Kazuar backdoor

Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla, Snake ...

Pierluigi Paganini December 12, 2024
Breaking News
Ivanti fixed a maximum severity vulnerability in its CSA solution

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as C ...

Pierluigi Paganini December 11, 2024
APT
Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities

An alleged China-linked APT group targeted large business-to-business IT service providers in Southern Europe as part of Operation Digital Eye campaign. Between late June and mid-July 2024, a Chin ...

Pierluigi Paganini December 11, 2024
Security
Chinese national charged for hacking thousands of Sophos firewalls

The U.S. has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. The U.S. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for h ...

Pierluigi Paganini December 11, 2024
Cyber Crime
Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE - Smishing Triad in Action

Resecurity uncovered a large-scale fraud campaign in the UAE where scammers impersonate law enforcement to target consumers. Resecurity has identified a wide-scale fraudulent campaign targeting co ...

Pierluigi Paganini December 11, 2024
Hacking
U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Common Log File System (CLFS) driver flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity ...

Pierluigi Paganini December 11, 2024
Security
Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day

Microsoft December 2024 Patch Tuesday security updates addressed 71 vulnerabilities including an actively exploited zero-day. Microsoft December 2024 Patch Tuesday security updates addressed 71 vu ...

Pierluigi Paganini December 10, 2024
Security
SAP fixed critical SSRF flaw in NetWeaver's Adobe Document Services

SAP has issued patches for 16 vulnerabilities, including a critical SSRF flaw in NetWeaver's Adobe Document Services. SAP addressed 16 vulnerabilities as part of its December 2024 Security Patch D ...

Pierluigi Paganini December 10, 2024
Hacking
Romanian energy supplier Electrica Group is facing a ransomware attack

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. Romanian energy supplier Electrica Group suffered a cyber attack that is impacting ...

Pierluigi Paganini December 10, 2024
Cyber Crime
Deloitte denied its systems were hacked by Brain Cipher ransomware group

Deloitte has responded to claims by the Brain Cipher ransomware group, which alleges the theft of over 1 terabyte of the company's data. Recently, the ransomware group Brain Cipher added Deloitte ...

Pierluigi Paganini December 09, 2024
Hacking
Mandiant devised a technique to bypass browser isolation using QR codes

Mandiant revealed a technique to bypass browser isolation using QR codes, enabling command transmission from C2 servers. Browser isolation is a security measure that separates web browsing from th ...

Pierluigi Paganini December 09, 2024
Data Breach
2023 Anna Jaques Hospital data breach impacted over 310,000 people

Anna Jaques Hospital revealed that the ransomware attack it suffered last year has exposed sensitive health data for over 316,000 patients. On December 25, 2023, a ransomware attack hit the Anna ...

Pierluigi Paganini December 09, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 23

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Ex ...

Pierluigi Paganini December 08, 2024
Breaking News
Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 08, 2024
Cyber Crime
RedLine info-stealer campaign targets Russian businesses through pirated corporate software

An ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. Since January 2024, Russian businesses using unlicensed software have been target ...

Pierluigi Paganini December 08, 2024
Cyber Crime
8Base ransomware group hacked Croatia's Port of Rijeka

The 8Base ransomware group attacked Croatia's Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomwa ...

Pierluigi Paganini December 07, 2024
Cyber warfare
Romania ’s election systems hit by 85,000 attacks ahead of presidential vote

Romania 's election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election. Romania 's Intelligence Service revealed that o ...

Pierluigi Paganini December 07, 2024
Data Breach
New Atrium Health data breach impacts 585,000 individuals

Atrium Health disclosed a data breach affecting 585,000 individuals to the HHS, potentially linked to the use of online tracking tools. Healthcare company Atrium Health disclosed a data breach tha ...

Pierluigi Paganini December 06, 2024
Hacking
U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ...

Pierluigi Paganini December 06, 2024
Security
Hundred of CISCO switches impacted by bootloader flaw

A bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature checks. Cisco released security patches for a vulnerability, tracked as CVE-2024-2039 ...

Pierluigi Paganini December 06, 2024
Cyber Crime
Operation Destabilise dismantled Russian money laundering networks

Operation Destabilise: The U.K. National Crime Agency disrupted Russian money laundering networks tied to organized crime. The U.K. National Crime Agency (NCA) disrupted Russian money laundering n ...

Pierluigi Paganini December 05, 2024
APT
Russia-linked APT Secret Blizzard spotted using infrastructure of other threat actors

Russia-linked APT group Secret Blizzard has used the tools and infrastructure of at least 6 other threat actors during the past 7 years. Researchers from Microsoft Threat Intelligence collected ev ...

Pierluigi Paganini December 05, 2024
APT
China-linked APT Salt Typhoon has breached telcos in dozens of countries

China-linked APT group Salt Typhoon has breached telecommunications companies in dozens of countries, US govt warns. President Biden's deputy national security adviser Anne Neuberger said that Chi ...

Pierluigi Paganini December 05, 2024
Breaking News
Black Basta ransomware gang hit BT Group

BT Group (formerly British Telecom)'s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Gro ...

Pierluigi Paganini December 04, 2024
Cyber Crime
Authorities shut down Crimenetwork, the Germany's largest crime marketplace

Germany's largest crime marketplace, Crimenetwork, has been shut down, and an administrator has been arrested. German authorities announced the takedown of Crimenetwork, the largest German-speakin ...

Pierluigi Paganini December 04, 2024
Security
Veeam addressed critical Service Provider Console (VSPC) bug

Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code. Veeam released security updates for a critical vulnerabilit ...

Pierluigi Paganini December 04, 2024
Hacking
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory ...

Pierluigi Paganini December 04, 2024
Security
U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...

Pierluigi Paganini December 04, 2024
Hacking
The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is bei ...

Pierluigi Paganini December 03, 2024
Cyber Crime
DMM Bitcoin halts operations six months after a $300 million cyber heist

The Japanese cryptocurrency platform DMM Bitcoin is closing its operations just six months after a $300 million cyber heist. DMM Bitcoin is a cryptocurrency exchange based in Japan, operated by DM ...

Pierluigi Paganini December 03, 2024
Cyber Crime
Energy industry contractor ENGlobal Corporation discloses a ransomware attack

ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industr ...

Pierluigi Paganini December 03, 2024
Intelligence
Poland probes Pegasus spyware abuse under the PiS government

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland's government has been investigating the alleged misus ...

Pierluigi Paganini December 03, 2024
Digital ID
Tor Project needs 200 WebTunnel bridges more to bypass Russia' censorship

The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Recent reports from Russia show increased censorship targeting the Tor network, including b ...

Pierluigi Paganini December 02, 2024
Cyber Crime
Interpol: Operation HAECHI-V led to more than 5,500 suspects arrested

International law enforcement operation Operation HAECHI-V led to more than 5,500 suspects arrested and seized over $400 million. A global operation code-named Operation HAECHI V, involving 40 cou ...

Pierluigi Paganini December 02, 2024
Uncategorized
How threat actors can use generative artificial intelligence?

Generative Artificial Intelligence (GAI) is rapidly revolutionizing various industries, including cybersecurity, allowing the creation of realistic and personalized content. The capabilities that ...

Pierluigi Paganini December 02, 2024
Malware
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 22

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware E ...

Pierluigi Paganini December 01, 2024
Breaking News
Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini December 01, 2024
Security
Hackers stole millions of dollars from Uganda Central Bank

Financially-motivated threat actors hacked Uganda 's central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered ...

Pierluigi Paganini December 01, 2024
Cyber Crime
Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian authorities arrested a ransomware affiliate, Mikhail Pav ...

Pierluigi Paganini November 30, 2024
Cyber Crime
Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Trustwave researchers are monitoring malicious a ...

Pierluigi Paganini November 29, 2024
Security
Zello urges users to reset passwords following a cyber attack

Zello urges customers with accounts created before November 2 to reset passwords following a potential security breach. Zello is warning customers who have an account created before November 2 to ...

Pierluigi Paganini November 29, 2024
Uncategorized
A cyberattack impacted operations at UK Wirral University Teaching Hospital

UK's Wirral University Teaching Hospital suffered a cyberattack that caused delays in appointments and procedures. Wirral University Teaching Hospital NHS Foundation Trust (WUTH) is an NHS Foundat ...

Pierluigi Paganini November 28, 2024
Uncategorized
T-Mobile detected network intrusion attempts and blocked them

T-Mobile reported recent infiltration attempts but pointed out that threat actors had no access to its systems and no sensitive data was compromised. T-Mobile detected recent infiltration attempts ...

Pierluigi Paganini November 28, 2024
Hacking
ProjectSend critical flaw actively exploited in the wild, experts warn

Researchers warn that a critical security flaw in ProjectSend open-source file-sharing application may be under active exploitation. VulnCheck researchers warn that ProjectSend vulnerability CVE- ...

Pierluigi Paganini November 28, 2024
Malware
Bootkitty is the first UEFI Bootkit designed for Linux systems

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UE ...

Pierluigi Paganini November 27, 2024
Security
VMware fixed five vulnerabilities in Aria Operations product

Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five ...

Pierluigi Paganini November 27, 2024
Cyber Crime
Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries

Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries and dismantled 134,089 malicious networks. A joint law enforcement operation by INTERPOL and AFRIPOL across 19 African ...

Pierluigi Paganini November 27, 2024
APT
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America

The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0 ...

Pierluigi Paganini November 27, 2024
Uncategorized
Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack

Blue Yonder, a supply chain software provider, suffered a ransomware attack, impacting operations for clients like Starbucks and grocery stores. A ransomware attack on Blue Yonder disrupted operat ...

Pierluigi Paganini November 26, 2024
Malware
The source code of Banshee Stealer leaked online

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS ...

Pierluigi Paganini November 26, 2024
Hacking
U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...

Pierluigi Paganini November 26, 2024
Cyber Crime
Thai police arrested Chinese hackers involved in SMS blaster attacks

Thai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members ...

Pierluigi Paganini November 26, 2024
Cyber Crime
Zyxel firewalls targeted in recent ransomware attacks

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a rece ...

Pierluigi Paganini November 25, 2024
Hacking
Malware campaign abused flawed Avast Anti-Rootkit driver

Threat actors exploit an outdated Avast Anti-Rootkit driver to evade detection, disable security tools, and compromise the target systems. Trellix researchers uncovered a malware campaign that abu ...

Pierluigi Paganini November 25, 2024
APT
Russia-linked APT TAG-110 uses targets Europe and Asia

Russia-linked threat actors TAG-110 employed custom malware HATVIBE and CHERRYSPY to target organizations in Asia and Europe. Insikt Group researchers uncovered an ongoing cyber-espionage campaign ...

Pierluigi Paganini November 25, 2024
Intelligence
Russia-linked threat actors threaten the UK and its allies, minister to say

A senior UK minister will warn that Russia is preparing cyberattacks against the UK and its allies to undermine support for Ukraine. Russia may launch cyberattacks against the UK and its allies in ...

Pierluigi Paganini November 25, 2024
Breaking News
Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...

Pierluigi Paganini November 24, 2024
Cyber Crime
DoJ seized credit card marketplace PopeyeTools and charges its administrators

The U.S. seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. The US Department of Justice announced the seizure of PopeyeTo ...

Pierluigi Paganini November 24, 2024
Hacking
A cyberattack on gambling giant IGT disrupted portions of its IT systems

A cyberattack on gambling giant IGT disrupted its systems, forcing the company to take certain services offline. International Game Technology (IGT) detected a cyberattack on November 17, the comp ...

Pierluigi Paganini November 23, 2024
APT
China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane

China-linked APT Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane in attacks targeting East and Southeast Asia. China-linked APT Gelsemium has deployed a previously unknown ...

Pierluigi Paganini November 23, 2024
Cyber Crime
Microsoft seized 240 sites used by the ONNX phishing service

Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation. Microsoft announced the disruption of the ONNX phishing service, a ...

Pierluigi Paganini November 23, 2024
Security
U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Ag ...

Pierluigi Paganini November 22, 2024
Hacking
More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromi ...

Pierluigi Paganini November 22, 2024
Data Breach
Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government i ...

Pierluigi Paganini November 21, 2024
Cyber Crime
US DoJ charges five alleged members of the Scattered Spider cybercrime gang

The U.S. Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. The U.S. Justice Department charged five alleged members of the cybercr ...

Pierluigi Paganini November 21, 2024
Data Breach
Threat actor sells data of over 750,000 patients from a French hospital

A threat actor had access to electronic patient record system of an unnamed French hospital, and the health data of 750,000 patients was compromised. An unnamed French hospital suffered a data bre ...

Pierluigi Paganini November 21, 2024
Security
Decade-old local privilege escalation bugs impacts Ubuntu needrestart package

Decade-old flaws in the needrestart package in Ubuntu Server could allow local attackers to gain root privileges without user interaction. The Qualys Threat Research Unit (TRU) discovered five Loc ...

Pierluigi Paganini November 21, 2024
Breaking News
Ford data breach involved a third-party supplier

Ford investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised. Ford investigation investigated a data breach after a thre ...

Pierluigi Paganini November 20, 2024
Security
Hacker obtained documents tied to lawsuit over Matt Gaetz's sexual misconduct allegations

A hacker allegedly accessed a file containing testimony from a woman claiming she had sex with Matt Gaetz when she was 17, sparking controversy. The New York Times reported that a hacker, who goes ...

Pierluigi Paganini November 20, 2024
Security
Apple addressed two actively exploited zero-day vulnerabilities

Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilit ...

Pierluigi Paganini November 20, 2024