Pierluigi Paganini
July 11, 2024
The US and its allies disrupted an AI-powered Russia-linked bot farm on the social media platform X relying on the Meliorator AI software. The U.S. FBI and Cyber National Mission Force, along with Dutch and Canadian intelligence and security agencies, warned social media companies about Russian state-sponsored actors using covert AI software, Meliorator, in disinformation […]
Pierluigi Paganini
July 11, 2024
VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure […]
Pierluigi Paganini
July 10, 2024
IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can […]
Pierluigi Paganini
July 10, 2024
Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope, TEMP.Jumper, Bronze Mohawk, Gingham Typhoon, ISLANDDREAMS, Kryptonite Panda, […]
Pierluigi Paganini
July 10, 2024
A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s […]
Pierluigi Paganini
July 10, 2024
Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; .NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?) Boot; Remote Desktop; and […]
Pierluigi Paganini
July 10, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the flaws added to the KEV catalog: CVE-2024-23692 (CVSS score […]
Pierluigi Paganini
July 09, 2024
The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” Despite the announcement, data leaked data […]
Pierluigi Paganini
July 09, 2024
The recent data breach suffered by the American luxury department store chain Neiman Marcus has exposed more than 31 million customer email addresses. In May 2024, the American luxury retailer and department store chain Neiman Marcus disclosed a data breach following the security breach of the cloud-based data warehousing company Snowflake. The luxury retailer disclosed […]
Pierluigi Paganini
July 09, 2024
Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomware and its predecessors that allowed them to develop a decryptor. The experts revealed the weakness during the Recon 2024 conference. Avast also released a decryptor […]
Data Breach / February 09, 2026
