Pierluigi Paganini
March 08, 2023
North Korea-linked Lazarus APT group exploits a zero-day vulnerability in attacks aimed at a South Korean financial entity. ASEC (AhnLab Security Emergency Response Center) observed North Korea-linked Lazarus APT group exploiting a zero-day vulnerability in an undisclosed software to breach a financial business entity in South Korea. The nation-state actors breached twice the company in one year. The first […]
Pierluigi Paganini
March 08, 2023
US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: The CVE-2022-35914 flaw is a PHP code injection vulnerability that resides in the /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI […]
Pierluigi Paganini
March 08, 2023
China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia. The state-sponsored hackers used a new version of the SoulSearcher loader, which eventually loads a new […]
Pierluigi Paganini
March 08, 2023
Security researchers warn of hacking attempts in the wild exploiting critical vulnerabilities in VMware NSX Manager. Cyber security firm Wallarm is warning of ongoing attacks exploiting the critical flaws, tracked as CVE-2021-39144 (CVSS score of 9.8) and CVE-2022-31678 (CVSS score of 9.1), in VMware NSX Manager. VMware NSX is a network virtualization solution that is […]
Pierluigi Paganini
March 07, 2023
Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. Cybersecurity researchers from Morphisec discovered a new, advanced information stealer, dubbed SYS01 stealer, that since November 2022 was employed in attacks aimed at critical government infrastructure employees, manufacturing companies, and other sectors. The experts found similarities between the SYS01 stealer and another […]
Pierluigi Paganini
March 07, 2023
Taiwanese multinational hardware and electronics corporation Acer discloses a data breach after a threat actor claimed the hack of the company. Recently a threat actor announced the availability for sale of 160 GB of data allegedly stolen from the Taiwanese multinational hardware and electronics corporation Acer. The threat actor announced the hack on a popular cybercrime forum, he claims […]
Pierluigi Paganini
March 07, 2023
Security researcher released a proof-of-concept exploit code for a critical flaw, tracked as CVE-2023-21716, in Microsoft Word. Security researcher Joshua Drake released a proof-of-concept for a critical vulnerability, tracked as CVE-2023-21716 (CVSS score 9.8 out of 10), in Microsoft Word. The vulnerability can be exploited by a remote attacker to execute arbitrary code on a […]
Pierluigi Paganini
March 07, 2023
The LastPass data breach was caused by the failure to update Plex on the home computer of one of the company updates. The security breach suffered by LastPass was caused by the failure to update Plex on the home computer of one of its engineers. Recently, the password management software firm disclosed a “second attack,” […]
Pierluigi Paganini
March 06, 2023
Hospital Clinic de Barcelona, one of the main hospitals in the Spanish city, suffered a cyber attack that crippled its computer system. On Sunday, a ransomware attack hit the Hospital Clinic de Barcelona, one of the main hospitals of the Catalan city. The attack crippled the center’s computer system, 150 nonurgent operations and up to […]
Pierluigi Paganini
March 06, 2023
German police announced to have dismantled an international cybercrime gang behind the DoppelPaymer ransomware operation. Europol has announced that an international operation conducted by law enforcement in Germany and Ukraine, with help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group. “On 28 February 2023, the German […]
Cyber Crime / December 09, 2025
Cyber Crime / December 09, 2025
Cyber Crime / December 08, 2025
