Pierluigi Paganini
November 03, 2024
Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcherĀ Gi7w0rm. In September 2024, […]
Pierluigi Paganini
November 02, 2024
A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe. The FBI arrested the man last week, falsely declaring […]
Pierluigi Paganini
November 01, 2024
LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Player software in a supply chain attack. Lottie-Player is a web component from LottieFiles designed to render Lottie animations, which are lightweight, vector-based animations in JSON format. These animations are […]
Pierluigi Paganini
October 31, 2024
Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank, formally theĀ Banco Internacional del PerĆŗ Service Holding S.A.A. is aĀ leading PeruvianĀ provider of financial services has over 2 million customers. Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen […]
Pierluigi Paganini
October 31, 2024
The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and redirects them to the attacker’s phone number. The malware allows operators to steal bank users’ […]
Pierluigi Paganini
October 29, 2024
A global law enforcement operation disrupted RedLine and Meta infostealers, seizing their infrastructure and making arrests. The Dutch police announced it has dismantled infrastructure used by RedLine and Meta infostealers as part of an international law enforcement operation led by Eurojust that was code-named Operation Magnus. RedLineĀ andĀ META targeted millions of victims worldwide, according to Eurojust […]
Pierluigi Paganini
October 29, 2024
Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. CVE-2024-40766Ā Ā is an Improper Access Control Vulnerability impacting SonicWall SonicOS, the company addressed it in August […]
Pierluigi Paganini
October 28, 2024
French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. The company is the second-largest ISP in France with over 22.9 million mobile and fixed subscribers. Free disclosed a cyber attack over the […]
Pierluigi Paganini
October 28, 2024
Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individuals as part of an investigation into alleged illegal access to state databases. The police are also investigating dozens of other individuals, including the son of Luxottica founder Leonardo Maria […]
Pierluigi Paganini
October 28, 2024
A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. Identity-related attack vectors are a significant concern, with a substantial percentage of cyberattacksāoften cited as over 70%āinvolving compromised credentials or identity theft. However, this problem primarily stems from a lack of visibility. Do you […]
