Pierluigi Paganini
June 08, 2023
Researchers published an exploit for an actively exploited Microsoft Windows vulnerability tracked as CVE-2023-29336. The Microsoft Windows vulnerability CVE-2023-29336 (CVSS score 7.8) is an elevation of privilege issue that resides in the Win32k component. Win32k.sys is a system driver file in the Windows operating system. The driver is responsible for providing the interface between user-mode applications and […]
Pierluigi Paganini
June 08, 2023
North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. The attacks are part of a broader campaign recently detailed in a joint advisory published by […]
Pierluigi Paganini
June 08, 2023
Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails. Scouting for a new career can be stressful. Now imagine that, instead of a new role, you find that your resume data was exposed. That’s what job seekers using Pflegia’s services […]
Pierluigi Paganini
June 08, 2023
Cisco addressed a high-severity flaw in Cisco Secure Client that can allow attackers to escalate privileges to the SYSTEM account. Cisco has fixed a high-severity vulnerability, tracked as CVE-2023-20178 (CVSS Score 7.8), found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) that can be exploited by low-privileged, authenticated, local attacker to escalate privileges to […]
Pierluigi Paganini
June 08, 2023
Barracuda warns customers to immediately replace Email Security Gateway (ESG) appliances impacted by the flaw CVE-2023-2868. At the end of May, the network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability. The vulnerability, tracked as CVE-2023-2868, resides in the […]
Pierluigi Paganini
June 07, 2023
Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build […]
Pierluigi Paganini
June 07, 2023
Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and […]
Pierluigi Paganini
June 07, 2023
June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked […]
Pierluigi Paganini
June 07, 2023
Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile […]
Pierluigi Paganini
June 06, 2023
Threat actors have stolen more than $35 million from the decentralized cryptocurrency wallet platform Atomic Wallet. Atomic Wallet is a multi-currency cryptocurrency wallet that allows users to securely store, manage, and exchange various digital assets in a single application. It is designed to provide a user-friendly interface and a comprehensive set of features for managing […]
