Pierluigi Paganini
January 26, 2023
The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. “The Federal Bureau of Investigation seized this site […]
Pierluigi Paganini
January 26, 2023
Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394) (CVSS score 9.8) accounted for more than […]
Pierluigi Paganini
January 25, 2023
Zacks Investment Research (Zacks) disclosed a data breach, the security may have exposed the data of 820K customers. Zacks Investment Research (Zacks) disclosed a data breach, the security incident may have affected the personal information of its 820,000 customers. “On December 28, 2022, Zacks learned that an unknown third-party had gained unauthorized access to certain […]
Pierluigi Paganini
January 25, 2023
Google addressed six security vulnerabilities in its web browser Chrome, none of them actively exploited in the wild. Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities. Four of the addressed flaws were reported by external researchers that were awarded for more than $26,500 for their […]
Pierluigi Paganini
January 25, 2023
Prestigious club Stade Français potentially endangered its fans for over a year after leaking its website’s source code. Stade Français is a professional rugby union club based in Paris. Founded in 1883 and competing in France’s premier rugby league, Top 14, it has established itself as one of the most successful teams in the country, […]
Pierluigi Paganini
January 25, 2023
Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]
Pierluigi Paganini
January 24, 2023
A critical vulnerability in VMware vRealize Log Insight appliance can allow an unauthenticated attacker to take full control of a target system. VMware addressed multiple vulnerabilities, tracked as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711, in its vRealize Log Insight appliance. VRealize Log Insight is a log collection and analytics virtual appliance that enables administrators to collect, view, […]
Pierluigi Paganini
January 24, 2023
Pakistan suffered a nationwide blackout, local authorities are investigating the cause and suspect it was the result of a cyberattack. On Monday, a nationwide blackout in Pakistan left millions of people in the darkness, and the authorities are investigating if it was caused by a cyberattack. The power outage impacted all the major cities in […]
Pierluigi Paganini
January 24, 2023
GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. GoTo, formerly LogMeIn Inc, is a flexible-work provider of software as a service (SaaS) and cloud-based remote work tools for collaboration and IT management, The company is warning customers that threat actors breached its development environment in November 2022 and stole encrypted […]
Pierluigi Paganini
January 24, 2023
Meta Platforms announced the implementation of more features into its end-to-end encrypted Messanger App. Meta Platforms started gradually expanding testing default end-to-end encryption for Messenger. The company announced that over the next few months, its users will continue to see some of their chats gradually being upgraded with end-to-end encryption. “We will notify people in […]
