Pierluigi Paganini
May 11, 2024
A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country. Ascension is one of the largest private healthcare systems in the United States, ranking second in the United States by the number of hospitals as of 2019. The organization was hit by a ransomware attack that severely impacted operations at hospitals […]
Pierluigi Paganini
May 10, 2024
Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address a zero-day flaw, tracked as CVE-2024-4671, in Chrome browser. The vulnerability is the fifth zero-day flaw in the Google browser that is exploited in the […]
Pierluigi Paganini
May 10, 2024
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked APT28 group. The attribution of the attacks to the Russian APT is based on similarities with […]
Pierluigi Paganini
May 09, 2024
Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. In early January, the software firm reported that threat actors are exploiting two […]
Pierluigi Paganini
May 09, 2024
Cybersecurity firm Zscaler is investigating claims of a data breach after hackers offered access to its network. Cybersecurity firm Zscaler is investigating allegations of a data breach following reports that threat actors are offering for sale access to its network. The company confirmed that there is no impact or compromise to its customer, production and […]
Pierluigi Paganini
May 08, 2024
The LockBit ransomware group has added the City of Wichita to its Tor leak site and threatened to publish stolen data. Last week, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. Wichita is the most populous city in the U.S. state of […]
Pierluigi Paganini
May 08, 2024
TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. A threat actor can use this technique to force a target user’s traffic off their VPN tunnel using built-in features […]
Pierluigi Paganini
May 08, 2024
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites. WPScan researchers reported that threat actors are exploiting a high-severity vulnerability in LiteSpeed Cache plugin for WordPress. LiteSpeed Cache for WordPress (LSCWP) is an all-in-one site acceleration plugin, featuring an exclusive server-level cache and a collection […]
Pierluigi Paganini
May 08, 2024
A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. Researchers from Cisco Talos reported a use-after-free vulnerability in the HTTP Connection Headers parsing of Tinyproxy 1.11.1 and Tinyproxy 1.10.0. The issue is tracked as CVE-2023-49606 and received a CVSS score of 9.8. The exploitation of the issue can potentially lead […]
Pierluigi Paganini
May 08, 2024
The UK Ministry of Defense disclosed a data breach at a third-party payroll system that exposed data of armed forces personnel and veterans. The UK Ministry of Defense disclosed a data breach impacting a third-party payroll system that exposed data of approximately 272,000 armed forces personnel and veterans. The Ministry of Defence revealed that a […]
