Pierluigi Paganini
July 10, 2023
A zero-day vulnerability in the Revolut payment systems allowed threat actors to steal more than $20 million in early 2022. In early 2022, threat actors exploited a zero-day flaw in Revolut payment systems to steal more than $20 million, reported the Financial Times quoting multiple unnamed sources. The issue resulted from differences between American and […]
Pierluigi Paganini
July 09, 2023
Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 million users. Both applications are file management apps from the same […]
Pierluigi Paganini
July 08, 2023
Iran-linked APT group tracked TA453 has been linked to a new malware campaign targeting both Windows and macOS systems. The Iran-linked threat actor TA453 has been linked to a malware campaign that targets both Windows and macOS. TA453 is a nation-state actor that overlaps with activity tracked as Charming Kitten, PHOSPHORUS, and APT42. TA453 in May 2023 started […]
Pierluigi Paganini
July 07, 2023
A man from Tracy, California, has been charged with a computer attack on the Discovery Bay water treatment facility. Rambler Gallo (53), a man from Tracy (California) has been charged with intentionally causing damage to a computer after he allegedly breached the network of the Discovery Bay Water Treatment Facility. The man targeted the water […]
Pierluigi Paganini
July 07, 2023
CISA and the FBI warned today of a new Truebot variant employed in attacks against organizations in the United States and Canada. A new variant of the Truebot malware was used in attacks against organizations in the United States and Canada. Threat actors compromised target networks by exploiting a critical remote code execution (RCE) vulnerability in […]
Pierluigi Paganini
July 06, 2023
StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system. A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 through 6.4. The issue, tracked as CVE-2023-3269, (CVSS score: 7.8), is a privilege escalation issue that resides in the memory management subsystem. An unprivileged […]
Pierluigi Paganini
July 06, 2023
A vulnerability in SolarView product can be exploited in attacks targeting organizations in the energy sector. Researchers from the cybersecurity firm VulnCheck reported that the vulnerability CVE-2022-29303 in the solar power monitoring Contec SolarView product can be exploited in attacks targeting organizations in the energy sector. CVE-2022-29303 is an unauthenticated and remote command injection vulnerability […]
Pierluigi Paganini
July 05, 2023
RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors. The malware allows operators to steal information from various browsers, it also supports ransomware capabilities. […]
Pierluigi Paganini
July 05, 2023
The DDoSia attack tool received an upgrade, it supports a new security mechanism to conceal the list of targets. Researchers at the cybersecurity firm Sekoia analyzed an updated variant of the DDoSia attack tool that was developed and used by the pro-Russia collective NoName(057)16. The tool was employed in attacks against Ukraine and NATO countries, including the Eastern Flank (Lithuania, […]
Pierluigi Paganini
July 04, 2023
A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. A joint study conducted by vx-underground and SentinelOne recently revealed that a Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting financial institutions worldwide. The case was […]
