Pierluigi Paganini
July 04, 2023
Poly Network platform suspended its services during the weekend due to a cyber attack that resulted in the theft of millions of dollars in crypto assets. Threat actors have stolen millions of dollars worth of crypto assets from the Poly Network platform during the weekend. The platform suspended its services due to the cyber attack […]
Pierluigi Paganini
July 04, 2023
Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. In Mid-June Fortinet addressed a critical flaw, tracked as CVE-2023-27997 (CVSS score: 9.2), in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. “A heap-based buffer overflow vulnerability […]
Pierluigi Paganini
July 03, 2023
Microsoft denied the data breach after the collective of hacktivists known as Anonymous Sudan claimed to have hacked the company. In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing apps, and the cloud computing infrastructure Azure. A collective known as Anonymous Sudan (aka Storm-1359) claimed responsibility for […]
Pierluigi Paganini
July 03, 2023
China-linked APT group was spotted using HTML smuggling in attacks aimed at Foreign Affairs ministries and embassies in Europe. A China-linked APT group was observed using HTML smuggling in attacks against Foreign Affairs ministries and embassies in Europe, reports the cybersecurity firm Check Point. The researchers tracked the campaign as SmugX and reported that it […]
Pierluigi Paganini
July 03, 2023
Researchers spotted a new Windows information stealer called Meduza Stealer, the authors employ sophisticated marketing strategies to promote it. The Meduza Stealer can steal browsing activities and extract a wide array of browser-related data, including login credentials, browsing history and bookmarks. The malware also targets crypto wallet extensions, password managers, and 2FA extensions. The authors are […]
Pierluigi Paganini
July 02, 2023
Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts. Hackers are actively exploiting a critical unpatched WordPress Plugin flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), to create secret admin accounts. Ultimate Member is a popular user profile and membership plugin for WordPress, it allows admins to […]
Pierluigi Paganini
July 01, 2023
The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company (TSMC) and $70 million ransom. TSMC is the world’s biggest contract manufacturer of chips for tech giants, including Apple and Qualcomm Inc. As reported by BleepingComputer, on Wednesday, […]
Pierluigi Paganini
June 30, 2023
Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) group using an updated version of the PowerShell backdoor POWERSTAR in a spear-phishing campaign. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued […]
Pierluigi Paganini
June 30, 2023
A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. Wordfence researchers discovered an authentication bypass vulnerability in miniOrange’s WordPress Social Login and Register plugin, that can allow an unauthenticated attacker to gain access to any account on a site by knowing the associated email […]
Pierluigi Paganini
June 30, 2023
North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government. The […]
