Pierluigi Paganini
May 19, 2023
The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and […]
Pierluigi Paganini
May 18, 2023
Apple released security updates to address three zero-day vulnerabilities in iPhones, Macs, and iPads that are actively exploited in attacks. Apple has addressed three new zero-day vulnerabilities that are actively exploited in attacks in the wild to hack into iPhones, Macs, and iPads. The three vulnerabilities, tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, reside in the […]
Pierluigi Paganini
May 18, 2023
A researcher published a PoC tool to retrieve the master password from KeePass by exploiting the CVE-2023-32784 vulnerability. Security researcher Vdohney released a PoC tool called KeePass 2.X Master Password Dumper that allows retrieving the master password for KeePass. The tool exploits the unpatched KeePass vulnerability, tracked CVE-2023-32784, to retrieve the master password from the memory […]
Pierluigi Paganini
May 18, 2023
A US national has pleaded guilty to operating the carding site Skynet Market and selling financial information belonging to tens of thousands of US victims. The U.S. national Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, pleaded guilty to operating a carding site on the dark web called Skynet Market and selling financial […]
Pierluigi Paganini
May 18, 2023
Cisco fixed nine flaws in its Small Business Series Switches that could be exploited to execute arbitrary code or cause a DoS condition. Cisco has released security updates to address nine security vulnerabilities in the web-based user interface of certain Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to execute […]
Pierluigi Paganini
May 18, 2023
The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) announced that Ukraine, Ireland, Japan and Iceland joined the organization. The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a multinational organization established to enhance cyber defence capabilities and promote cooperation among NATO member countries and partner nations. “On its 15th anniversary, the NATO Cooperative Cyber […]
Pierluigi Paganini
May 17, 2023
Searchlight Cyber researchers warn of threat actors that are offering on the dark web access to energy sector organizations. Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious operations against energy organizations. The threat actors use the hidden part of the web to […]
Pierluigi Paganini
May 17, 2023
The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks. The DoJ unsealed two indictments charging the man […]
Pierluigi Paganini
May 17, 2023
Experts found multiple vulnerabilities in Teltonika industrial cellular routers that could expose OT networks to cyber attacks. A joint analysis conducted by industrial cybersecurity firms Claroty and Otorio discovered multiple flaws in Teltonika Networks’ IIoT products that can expose OT networks to remote attacks. Teltonika Networks is a leading manufacturer of networking solutions, widely adopted […]
Pierluigi Paganini
May 17, 2023
The popular university admission platform Leverage EDU leaked almost 240,000 sensitive files, including students’ passports, financial documents, certificates, and exam results. The Cybernews research team discovered that Leverage EDU leaked extremely sensitive data due to the misconfiguration of their systems. As no authentication was required, anybody could access all of the student’s personal information needed […]
