Pierluigi Paganini
April 02, 2021
FBI and CISA published a joint alert to warn of advanced persistent threat (APT) groups targeting Fortinet FortiOS to access networks of multiple organizations. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint alert to warn of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. The […]
Pierluigi Paganini
April 02, 2021
Researchers from TIM’s Red Team Research discovered five new vulnerabilities affecting the CA eHealth Performance Manager product. Researchers from TIM’s Red Team Research led by Massimiliano Brolli, discovered 5 new vulnerabilities affecting the CA eHealth Performance Manager product. CA Technologies is an American multinational corporation specialized in business-to-business (B2B) software with a product portfolio focused […]
Pierluigi Paganini
April 02, 2021
Unpatched vulnerabilities in QNAP small office/home office (SOHO) network-attached storage (NAS) devices could be exploited by remote attackers to remotely execute arbitrary code. Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on […]
Pierluigi Paganini
April 02, 2021
Ransomware gang demanded a $40,000,000 ransom to the Broward County Public Schools district, Florida. It is just the last attack of a long string against the sector. Ransomware operators continue to target organizations worldwide and school districts particularly exposed to these malicious campaigns. Recently the Broward County Public Schools district announced that it was victim […]
Pierluigi Paganini
April 02, 2021
PrivacySavvy experts discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. A team of security researchers from PrivacySavvy recently discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. Fortunately, the company has successfully fixed the security loopholes, but the […]
Pierluigi Paganini
April 02, 2021
The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in their infrastructure within five days. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify Microsoft Exchange servers in their environments impacted by […]
Pierluigi Paganini
April 02, 2021
The United States Department of Justice (DoJ) charged a Kansas man, for accessing and tampering with a public water system. The United States Department of Justice charged Wyatt A. Travnichek (22), of Ellsworth County, Kansas, for accessing and tampering with the computer system of the Ellsworth County Rural Water District. Travnichek accessed the computer system of […]
Pierluigi Paganini
April 01, 2021
VMware has addressed a critical authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. VMware has addressed a critical vulnerability, tracked as CVE-2021-21982, in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication. Carbon Black Cloud Workload is a data center security product that protects customers’ workloads […]
Pierluigi Paganini
April 01, 2021
One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the marketplaces. One of the administrators for the DeepDotWeb dark web portal, Tal Prihar (37), pleads guilty to receiving kickbacks from the operators of the marketplaces for the sale of illegals products. Tal Prihar is a […]
Pierluigi Paganini
April 01, 2021
VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks The vROps delivers self-driving IT operations management for private, hybrid, and multi-cloud environments in a unified, AI-powered platform. Security researcher Egor Dimitrenko from Positive Technologies discovered a server-side request forgery (SSRF) vulnerability tracked as CVE-2021-21975 […]
Security / December 19, 2025
