Pierluigi Paganini
July 11, 2023
Apple released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address an actively exploited zero-day. Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw, tracked as CVE-2023-37450, that has been actively exploited in the wild. Tricking the victim into processing specially crafted web content may lead to […]
Pierluigi Paganini
July 11, 2023
Resecurity researchers identified a zero-day Buffer Overflow vulnerability in the Schneider Electric Accutech Manager product. Resecurity identified a zero-day vulnerability in the Schneider Electric Accutech Manager product. The vulnerability, labeled as CVE-2023-29414 and SEVD-2-23-192-03, has been rated high with a CVSS v3.1 Base Score of 7.8. This issue pertains to a Buffer Overflow exploitation (CWE-120) […]
Pierluigi Paganini
July 11, 2023
VMware warns customers of the public availability of an exploit code for the RCE vulnerability CVE-2023-20864 affecting vRealize. VMware warned customers of the availability of an exploit code for the critical RCE vulnerability CVE-2023-20864 in the VMware Aria Operations for Logs analysis tool (formerly vRealize Log Insight). VMware Aria Operations for Networks (formerly vRealize Network Insight) is […]
Pierluigi Paganini
July 11, 2023
Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution. These tools are used by criminals involved in online-banking theft to impersonate compromised account holders and […]
Pierluigi Paganini
July 10, 2023
A Proof-of-Concept (PoC) exploit for the CVE-2023-31998 vulnerability in the Ubiquiti EdgeRouter has been publicly released. The CVE-2023-31998 flaw (CVSS v3 5.9) is a heap overflow issue impacting Ubiquiti EdgeRouters and Aircubes, an attacker can exploit it to potentially execute arbitrary code and interrupt UPnP service to a vulnerable device. The flaw resides in the […]
Pierluigi Paganini
July 10, 2023
Threat actors are targeting NATO and groups supporting Ukraine in a spear-phishing campaign distributing the RomCom RAT. On July 4, the BlackBerry Threat Research and Intelligence team uncovered a spear phishing campaign aimed at an organization supporting Ukraine abroad. The researchers discovered two lure documents submitted from an IP address in Hungary, both targeting upcoming NATO Summit guests who […]
Pierluigi Paganini
July 10, 2023
A zero-day vulnerability in the Revolut payment systems allowed threat actors to steal more than $20 million in early 2022. In early 2022, threat actors exploited a zero-day flaw in Revolut payment systems to steal more than $20 million, reported the Financial Times quoting multiple unnamed sources. The issue resulted from differences between American and […]
Pierluigi Paganini
July 10, 2023
The French government is going to grant law enforcement the power to spy on suspects through smartphones and other devices. French legislators are going to approve a justice reform bill that also gives more power to law enforcement, allowing them to spy on suspects through their smartphones and other electronic devices. According to the French […]
Pierluigi Paganini
July 09, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Google addressed 3 actively exploited flaws in Android Iran-linked APT TA453 targets Windows and macOS systems […]
Pierluigi Paganini
July 08, 2023
Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. “There are indications that the following may be under limited, targeted exploitation.” reads the security bulletin. The CVE-2023-26083 is […]
Data Breach / February 09, 2026
