Pierluigi Paganini
August 25, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer BlindEagle flying high in Latin America Finding Malware: Unveiling NUMOZYLOD with Google Security Operations New Backdoor Targeting Taiwan Employs Stealthy Communications Unmasking Styx Stealer: How a Hacker’s […]
Pierluigi Paganini
August 25, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hackers can take over Ecovacs home robots to spy on their owners Russian national arrested in Argentina for […]
Pierluigi Paganini
August 24, 2024
Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. During the recent Def Con hacking conference, security researchers Dennis Giese and Braelynn explained that attackers can exploit flaws in vacuum and lawn mower robots made by Ecovacs to spy on their […]
Pierluigi Paganini
August 24, 2024
A Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the Argentine Federal Police (PFA) arrested a Russian national for laundering proceeds from illicit actors and seized millions of dollars in assets from his Argentinian-based operation. The cybercriminal facilitated money laundering by accepting illicit cryptocurrency […]
Pierluigi Paganini
August 23, 2024
Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where operators stole credentials stored in Google Chrome browsers of a limited number of compromised endpoints. The experts pointed out that the credential harvesting activity is usually not […]
Pierluigi Paganini
August 23, 2024
Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The threat actors used fake apps almost indistinguishable from real banking apps on both iOS and Android. The technique was first disclosed in Poland in […]
Pierluigi Paganini
August 23, 2024
Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. Cthulhu Stealer targets macOS users via an Apple disk image (DMG) that disguises itself as legitimate software. The researchers spotted […]
Pierluigi Paganini
August 23, 2024
China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cybersecurity firm Sygnia reported that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices. In July 2024, Cisco addressed the NX-OS zero-day CVE-2024-20399 […]
Pierluigi Paganini
August 22, 2024
US oil giant Halliburton announced that it was hit by a cyberattack that is affecting operations at its Houston, Texas offices. Halliburton, a major U.S. oil company, announced that a cyberattack hit its IT infrastructure, particularly impacting operations at its Houston offices. Halliburton Company is an American multinational corporation and the world’s second largest oil service company which […]
Pierluigi Paganini
August 22, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: In October 2021, experts warned of the availability of proof of concept (PoC) exploit code […]
Data Breach / February 09, 2026
