Pierluigi Paganini
May 07, 2021
The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka Cozy Bear). Today, UK NCSC and CISA-FBI-NSA cybersecurity agencies published a joint security advisory that warns organizations to patch systems immediately to mitigate the risk of attacks conducted by Russia-linked SVR group (aka APT29, Cozy Bear, and The Dukes)). The […]
Pierluigi Paganini
May 07, 2021
CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. Most organizations use databases to store sensitive information. This includes passwords, usernames, document scans, health records, bank account and credit card details, as well as other essential data, […]
Pierluigi Paganini
May 07, 2021
HideezKey- This is a deep-dive into a nice concept for a security token & password manager that turned into a horrible product due to lack of proper R&D and Threat Modeling. Prologue: After my first success in bypassing APPROTECT readout protection of the NRF52-based Slok smartlock with #PocketGlitcher (i.e. video below), I started looking around […]
Pierluigi Paganini
May 07, 2021
VMware has fixed a new critical RCE flaw in VMware vRealize Business for Cloud that was reported by sanctioned Russian firm Positive Technologies. VMware has addressed a critical remote code execution vulnerability, tracked as CVE-2021-21984, in VMware vRealize Business for Cloud. vRealize Business for Cloud is an automated cloud business management solution that allows customers to […]
Pierluigi Paganini
May 07, 2021
The Cuba Ransomware gang has partnered with the crooks behind the Hancitor malware in attacks aimed at corporate networks. The Hancitor downloader has been around for quite some time already. It is known since at least 2016 for dropping Pony and Vawtrak. As a loader, it has been used to download other malware families, such as Ficker […]
Pierluigi Paganini
May 07, 2021
Let’s look at what types of threats each layer of the TCP/IP protocol stack may be susceptible to. The task of a computer security system is to safeguard the information transmitted over the network and to adequately preserve the data stored in it. Excluding in this discussion threats due to natural disasters, we can classify […]
Pierluigi Paganini
May 06, 2021
Experts spotted a new malware, dubbed Moriya rootkit, that targets Windows systems as part of cyberespionage campaign dubbed TunnelSnake. An unclassified threat actor employed a new stealthy malware, dubbed Moriya rootkit, to compromise Windows systems. Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been […]
Pierluigi Paganini
May 06, 2021
A high severity flaw, tracked as CVE-2020-11292, affects Qualcomm Mobile Station Modem chips used by around 30% of all smartphones worldwide Researchers from Checkpoint have discovered a buffer overflow vulnerability, tracked as CVE-2020-11292, in the Qualcomm Mobile Station Modem that can be exploited by attackers to trigger memory corruption and execute arbitrary code on the […]
Pierluigi Paganini
May 06, 2021
Chinese military unit PLA Unit 61419 is suspected to be involved in cyber-espionage campaigns against multiple antivirus companies. Researchers from cybersecurity firm Recorded Future’s Insikt Group have discovered six procurement documents from official People’s Liberation Army (PLA) military websites and other sources that demonstrate that PLA Unit 61419 has sought to purchase antivirus solutions from […]
Pierluigi Paganini
May 06, 2021
A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since 2007. The malware QakBot, also known as Qbot, Pinkslipbot, and Quakbot is a banking trojan that has been made headlines since 2007. This piece of malware is focused on stealing banking credentials and victim’s secrets using […]
