Pierluigi Paganini
August 15, 2024
Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it disrupted a hacking campaign carried out by Iran-linked group APT42 (Calanque, UNC788) that targeted the personal email accounts of individuals associated with the US elections. APT42 focuses on highly targeted spear-phishing and social […]
Pierluigi Paganini
August 15, 2024
Experts linked an ongoing social engineering campaign, aimed at deploying the malware SystemBC, to the Black Basta ransomware group. Rapid7 researchers uncovered a new social engineering campaign distributing the SystemBC dropper to the Black Basta ransomware operation. On June 20, 2024, Rapid7 researchers detected multiple attacks consistent with an ongoing social engineering campaign being tracked […]
Pierluigi Paganini
August 15, 2024
Iranian news outlet reported that a major cyber attack targeted the Central Bank of Iran (CBI) and several other banks causing disruptions. Iran International reported that a massive cyber attack disrupted operations of the Central Bank of Iran (CBI) and several other banks in the country. The attack crippled the computer systems of the banks […]
Pierluigi Paganini
August 14, 2024
China-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Earth Baku (a threat actor associated with APT41) has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. Trend Micro researchers observed the APT targeting countries like Italy, Germany, UAE, […]
Pierluigi Paganini
August 14, 2024
SolarWinds addressed a critical remote code execution vulnerability in its Web Help Desk solution for customer support. SolarWinds fixed a critical vulnerability, tracked as CVE-2024-28986 (CVSS score 9.8), in SolarWinds’ Web Help Desk solution for customer support. The flaw is a Java deserialization issue that an attacker can exploit to run commands on a vulnerable host leading to […]
Pierluigi Paganini
August 14, 2024
Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak of their personal information by the ThreeAM (3AM) ransomware gang. Kootenai Health is a healthcare organization based in Coeur d’Alene, Idaho. It is a regional medical center […]
Pierluigi Paganini
August 13, 2024
Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-7593 (CVSS score of 9.8), impacting Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti vTM […]
Pierluigi Paganini
August 13, 2024
Elon Musk claims that the livestream interview with Donald Trump on the X social media platform was impacted by a cyberattack. Elon Musk claims that a massive DDoS attack caused problems with the announced interview with Donald Trump on the X platform Monday night. “There appears to be a massive DDOS attack on 𝕏. Working on shutting […]
Pierluigi Paganini
August 13, 2024
CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities. The campaign, tracked as UAC-0198, has been active since July. Threat actors sent out […]
Pierluigi Paganini
August 13, 2024
The U.S. DoJ arrested a Tennessee man for running a “laptop farm” that enabled North Korea-linked IT workers to obtain remote jobs with American companies. The U.S. Justice Department arrested Matthew Isaac Knoot (38) from Nashville (Tennessee) for operating a “laptop farm” that facilitated North Korea-linked IT workers in obtaining remote jobs with American companies. […]
Data Breach / February 09, 2026
