MUST READ

Ivanti warns customers of new EPM flaw enabling remote code execution

 | 

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

 | 

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

 | 

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

 | 

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

 | 

Oracle EBS zero-day used by Clop to breach Barts Health NHS

 | 

AWS: China-linked threat actors weaponized React2Shell hours after disclosure

 | 

U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

APT

Pierluigi Paganini June 12, 2017
Experts spotted Industroyer ICS Malware and linked it to Ukraine Power Outage

Researchers at antivirus firm ESET have discovered a new strain of malware, dubbed Industroyer, that appears to have been designed to target power grids. The experts published a detailed analysis of the malware, they speculated the malicious code has been involved in the December 2016 attack on an electrical substation in Ukraine. “Win32/Industroyer is a sophisticated piece […]

Pierluigi Paganini June 09, 2017
Platinum hackers leverages Intel Active Management tools to bypass Windows firewall

The PLATINUM hacker group has developed a system leveraging Intel Active Management Technology (AMT) to bypass the Windows firewall. Microsoft is warning users of a new attack that leverage Intel’s Active Management Technology to evade firewalls and other endpoint-based network monitoring. The technique has been already used by a threat actor in Southeast Asia dubbed […]

Pierluigi Paganini June 07, 2017
Russia-linked hacker group APT28 continues to target Montenegro

Once again, Montenegro was targeted by the Russia-linked hacker group APT28, according to the experts it is just the beginning. On June 5 Montenegro officially joined NATO alliance despite the strong opposition from Russian Government that threatened to retaliate. Cybersecurity experts believe that a new wave of attacks from the cyberspace will hit the state. In February, for […]

Pierluigi Paganini June 02, 2017
President Putin blames Patriotic Russian hackers for recent Election attacks

Russian President Putin says patriotic hackers may have powered attacks against foreign countries and denied Russia involvement. President Vladimir Putin says patriotic hackers may have launched cyber attacks against foreign countries and but denied Russia involvement in cyber espionage campaigns. Russian state-sponsored APT groups area accused of continuous interferences with 2016 US Presidential Election elections […]

Pierluigi Paganini May 31, 2017
A new report links North Korea to the Lazarus APT Group

Moscow-based threat intelligence firm Group-IB published a report that details evidence linking the Lazarus APT Group to North Korea. Researchers at security firm Group-IB released a report that links the notorious Lazarus APT to North Korea. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks […]

Pierluigi Paganini May 26, 2017
Flashpoint experts believe WannaCry authors speak Chinese after a linguistic analysis

Security experts at threat intelligence firm Flashpoint conducted a linguistic analysis of dozens of ransom notes displayed by the WannaCry ransomware. Malware researchers at threat intelligence firm Flashpoint conducted a linguistic analysis of 28 ransom notes displayed by the WannaCry ransomware. Flashpoint analyzed 28 WannaCry ransom notes written in various language including Chinese (both simplified and […]

Pierluigi Paganini May 22, 2017
At least 3 different groups have been leveraging the NSA EternalBlue exploit, what’s went wrong?

At least 3 different groups have been leveraging the NSA EternalBlue exploit weeks before the WannaCry attacks, here’s the evidence. In the last days, security experts discovered numerous attacks that have been leveraging the same EternalBlue exploit used by the notorious WannaCry ransomware. The Shadow Brokers hacker group revealed the exploit for the SMB vulnerability in April, but […]

Pierluigi Paganini May 21, 2017
Researchers found a link between the APT3 Threat Group and the Chinese Intelligence Agency

Security experts at threat intelligence firm Record Future have found a clear link between APT3 cyber threat group and China’s Ministry of State Security. The curtain has been pulled back a little on the Chinese Intelligence Agency intelligence gathering structure — and it includes private security contractors and the network vendor supply chain. In 2010, […]

Pierluigi Paganini May 20, 2017
Alleged Russian state-sponsored hackers behind Baltic energy networks

A wave of cyber attacks against the Baltic energy networks raised concerns that foreign states could disable them in the region. A wave of “exploratory” cyber attacks targeted energy networks of the Baltic states, the NATO alliance is following with apprehension the events. Baltic attacks raised concerns that foreign states could disable the energy networks in the […]

Pierluigi Paganini May 16, 2017
WannaCry – Important lessons from the first NSA-powered ransomware cyberattack

Last Friday, a weaponized version of an NSA exploit was used to infect over two hundred thousand computers in over 150 countries with the WannaCry ransomware. In addition to government ministries and transportation infrastructure, the British National Health Service (NHS) was crippled, disrupting treatment and care for thousands of patients, and putting countless lives at […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Ivanti warns customers of new EPM flaw enabling remote code execution

Hacking / December 09, 2025

Broadside botnet hits TBK DVRs, raising alarms for maritime logistics

Malware / December 09, 2025

Polish Police arrest 3 Ukrainians for possessing advanced hacking tools

Cyber Crime / December 09, 2025

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

Cyber Crime / December 09, 2025

FBI: Crooks manipulate online photos to fuel virtual kidnapping ransoms

Cyber Crime / December 08, 2025