Breaking News

Pierluigi Paganini November 14, 2024
Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices

The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure.   Days after D-Link announced it wouldn’t patch a critical vulnerability, tracked as CVE-2024-10914 (CVSS score of 9.8), in legacy D-Link NAS devices, that threat actors started attempting to exploit. The vulnerability CVE-2024-10914 is a command […]

Pierluigi Paganini November 14, 2024
China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

China-linked threat actors breached U.S. broadband providers and gained access to private communications of a limited number of U.S. government officials. The FBI and CISA continues to investigate a large-scale cyber-espionage campaign by China-linked threat actors targeting U.S. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. […]

Pierluigi Paganini November 14, 2024
Bitdefender released a decryptor for the ShrinkLocker ransomware

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. ShrinkLocker ransomware was first discovered in May 2024 by researchers from Kaspersky. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives. It first checks if BitLocker is enabled […]

Pierluigi Paganini November 13, 2024
China’s Volt Typhoon botnet has re-emerged

China’s Volt Typhoon botnet has re-emerged, using the same core infrastructure and techniques, according to SecurityScorecard researchers. The China-linked Volt Typhoon’s botnet has resurfaced using the same infrastructure and techniques, per SecurityScorecard researchers. In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. and Guam without being detected. The group […]

Pierluigi Paganini November 13, 2024
Zoom addressed two high-severity issues in its platform

Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Zoom addressed six vulnerabilities in its video conferencing and communication platform. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. […]

Pierluigi Paganini November 12, 2024
Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

A cyber attack affected Ahold Delhaize USA brands, disrupting Giant Food, Hannaford, their pharmacies, and e-commerce services. A cyber attack hit the food giant Ahold Delhaize impacting US pharmacies and supermarket chains owned by the company. As of Tuesday, Hannaford’s e-commerce portal is down due to server issues, while websites for Food Lion, Giant Food, […]

Pierluigi Paganini November 12, 2024
A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel

A cyberattack in Israel allegedly disrupted communication services, causing widespread malfunction of credit card readers across the country on Sunday. The Jerusalem Post reported that thousands of credit card readers across at gas stations and supermarket chains in Israel stopped working on Sunday morning following an alleged DDoS attack that hit the company responsible for […]

Pierluigi Paganini November 12, 2024
Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Apple iOS supports a new feature that reboots locked devices after extended inactivity, aiming to enhance data security for users. Apple ‘quietly’ implemented a new security feature that automatically reboots a locked device if it has not been used for several days. The new feature was introduced with the release of iOS 18.1 at the […]

Pierluigi Paganini November 12, 2024
Ymir ransomware, a new stealthy ransomware grow in the wild

New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir ransomware, which attackers deployed after breaching systems via PowerShell commands. Ymir includes detection-evasion features, executing tasks in memory using functions like malloc, memmove, and memcmp. Attackers initially accessed systems […]

Pierluigi Paganini November 11, 2024
Amazon discloses employee data breach after May 2023 MOVEit attacks

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the […]