Pierluigi Paganini
April 01, 2022
Researchers spotted a new destructive wiper, tracked as AcidRain, that is likely linked to the recent attack against Viasat. Security researchers at SentinelLabs have spotted a previously undetected destructive wiper, tracked as AcidRain, that hit routers and modems and that was suspected to be linked to the Viasat KA-SAT attack that took place on February […]
Pierluigi Paganini
April 01, 2022
Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. The vulnerability can be exploited to take control of the […]
Pierluigi Paganini
April 01, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed CVE-2022-1040 flaw in the Sophos firewall, along with seven other issues, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational […]
Pierluigi Paganini
April 01, 2022
Wyze Cam devices are affected by three security vulnerabilities that can allow attackers to takeover them and access camera feeds. Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. The three flaws reported by the cybersecurity firm […]
Pierluigi Paganini
March 31, 2022
Apple released emergency patches to address two zero-day vulnerabilities actively exploited to compromise iPhones, iPads, and Macs. Apple has released emergency security patches to address two zero-day vulnerabilities actively exploited to hack iPhones, iPads, and Macs. The first zero-day, tracked as CVE-2022-22674, is an out-of-bounds read issue that resides in the Intel Graphics Driver that could […]
Pierluigi Paganini
March 31, 2022
The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. The Google Threat Analysis Group (TAG) provided an update about nation-state attacks related ongoing Russian invasion of Ukraine, the experts spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine The researchers uncovered a phishing campaign conducted by a […]
Pierluigi Paganini
March 31, 2022
The Anonymous collective hacked the Russian investment firm Thozis Corp, but it’s a mystery the attack against the Russian Civil Aviation Authority Rosaviatsia. Anonymous continues to target Russian organizations and private foreign businesses the are still operating in the country. The popular collective claims to have hacked the Russian investment firm Thozis Corp, which is […]
Pierluigi Paganini
March 31, 2022
An unauthenticated zero-day RCE vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed. Researchers disclosed a zero-day vulnerability, dubbed Spring4Shell, in the Spring Core Java framework called ‘Spring4Shell.’ An unauthenticated, remote attacker could trigger the vulnerability to execute arbitrary code on the target system. The framework is currently maintained by Spring.io […]
Pierluigi Paganini
March 31, 2022
The Morphisec Labs researchers analyzed a new malware, tracked as Mars stealer, which is based on the older Oski Stealer. Morphisec Labs recently discovered the Mars stealer that was spreading masqueraded as malicious software cracks and keygens. The Mars stealer is available for sale on several underground forums, researchers pointed out that it is under constant […]
Pierluigi Paganini
March 30, 2022
SonicWall released security updates to address a remote code execution vulnerability that affects multiple firewall appliances. SonicWall has released security updates to address a critical vulnerability (CVE-2022-22274) that impacts multiple firewall appliances that could be exploited by an unauthenticated, remote attacker to execute arbitrary code and trigger a denial-of-service (DoS) condition. The CVE-2022-22274 is a […]
APT / February 05, 2026
