Cyber Crime

Pierluigi Paganini August 27, 2024
Critical flaw in WPML WordPress plugin impacts 1M websites

A critical flaw in the WPML WordPress plugin, which is installed on 1 million websites, could allow potential compromise of affected sites. The WPML Multilingual CMS Plugin for WordPress is installed on over 1 million sites. An authenticated (Contributor+) Remote Code Execution (RCE) vulnerability, tracked CVE-2024-6386 (CVSS score of 9.9), in WPML Plugin potentially allows […]

Pierluigi Paganini August 27, 2024
Researchers unmasked the notorious threat actor USDoD

CrowdStrike researchers have identified the notorious hacker USDoD who is behind several high-profile data leaks. The notorious hacker USDoD (aka EquationCorp), who is known for high-profile data leaks, is a man from Brazil, according to a CrowdStrike investigation. The news was first reported by the Brazilian website TecMundo who received a CrowdStrike report via an anonymous […]

Pierluigi Paganini August 26, 2024
A cyberattack impacted operations at the Port of Seattle and Sea-Tac Airport

A cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted. Media reported that the Port of Seattle, which also operates the Seattle-Tacoma International Airport, has suffered a cyber attack that impacted the websites, email and phone services. According to The Seattle Times, the cyber […]

Pierluigi Paganini August 26, 2024
Linux malware sedexp uses udev rules for persistence and evasion

Researchers spotted a new stealthy Linux malware named sedexp that uses Linux udev rules to achieve persistence and evade detection. Aon’s Cyber Solutions spotted a new malware family, called sedexp, that relies on a lesser-known Linux persistence technique. The malware has been active since at least 2022 but remained largely undetected for years. The experts […]

Pierluigi Paganini August 25, 2024
France police arrested Telegram CEO Pavel Durov

French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity. Pavel Durov, the founder and CEO of Telegram, was arrested at Bourget airport near Paris on Saturday evening. According to the media, the arrest is linked to an investigation in France concerning the lack […]

Pierluigi Paganini August 24, 2024
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT

A Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the Argentine Federal Police (PFA) arrested a Russian national for laundering proceeds from illicit actors and seized millions of dollars in assets from his Argentinian-based operation. The cybercriminal facilitated money laundering by accepting illicit cryptocurrency […]

Pierluigi Paganini August 23, 2024
Qilin ransomware steals credentials stored in Google Chrome

Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where operators stole credentials stored in Google Chrome browsers of a limited number of compromised endpoints. The experts pointed out that the credential harvesting activity is usually not […]

Pierluigi Paganini August 23, 2024
Phishing attacks target mobile users via progressive web applications (PWA)

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The threat actors used fake apps almost indistinguishable from real banking apps on both iOS and Android. The technique was first disclosed in Poland in […]

Pierluigi Paganini August 23, 2024
New malware Cthulhu Stealer targets Apple macOS users

Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. Cthulhu Stealer targets macOS users via an Apple disk image (DMG) that disguises itself as legitimate software. The researchers spotted […]

Pierluigi Paganini August 22, 2024
A cyberattack disrupted operations of US chipmaker Microchip Technology

Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. U.S. chipmaker Microchip Technology suffered a cyberattack that disrupted operations at several of its manufacturing plants. The company detected potentially suspicious activity involving its IT infrastructure on August 17, 2024. The attack severely impacted the production capacity of the company that shut […]