Pierluigi Paganini
August 28, 2023
Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. KmsdBot is an evasive Golang-based malware that was first detected by […]
Pierluigi Paganini
August 28, 2023
The recent wave of MOVEit attacks conducted by the Cl0p ransomware gang impacted 1,000 organizations, experts say. Cybersecurity firm Emsisoft shared disconcerting details about the recent, massive hacking campaign conducted by the Cl0p ransomware group that targeted the MOVEit Transfer file transfer platform designed by Progress Software Corporation. According to the experts, the attacks impacted approximately 1,000 Organizations and […]
Pierluigi Paganini
August 27, 2023
The Polish domestic security agency is investigating a hacking attack on the national railways, Polish media report. Poland’s Internal Security Agency (ABW) and national police have launched an investigation into a hacking attack on the state’s railway network. According to the Polish Press Agency, the attack disrupted the traffic overnight last week. Stanisław Zaryn, deputy […]
Pierluigi Paganini
August 27, 2023
The leak of the source code of the LockBit 3.0 ransomware builder in 2022 allowed threat actors to create new variants of the threat. Lockbit v3, aka Lockbit Black, was detected in June 2022, but in September 2022 a builder for this variant was leaked online. The availability of the builder allowed anyone to create their own […]
Pierluigi Paganini
August 26, 2023
The cloud and hosting provider Leaseweb suffered a security breach that impacted some “critical” systems of the company. Global hosting and cloud services provider Leaseweb has disabled some “critical” systems following a recent security breach. The company informed its customers that is now working on restoring these systems. According to a notice of incident sent […]
Pierluigi Paganini
August 25, 2023
China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with […]
Pierluigi Paganini
August 25, 2023
The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being hacked. The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868 in Barracuda Email Security Gateway (ESG) are “ineffective.” According to the feds, threat actors are still hacking the patched appliances in […]
Pierluigi Paganini
August 24, 2023
Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). This week the software company Ivanti released urgent security patches to address the critical-severity vulnerability CVE-2023-38035 impacting the Ivanti Sentry (formerly MobileIron Sentry) product. […]
Pierluigi Paganini
August 24, 2023
The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The North Korea-linked APT group Lazarus has been exploiting a critical vulnerability, tracked as CVE-2022-47966, in Zoho’s ManageEngine ServiceDesk in attacks aimed at the Internet backbone infrastructure provider and healthcare organizations. The state-sponsored hackers targeted entities […]
Pierluigi Paganini
August 24, 2023
An 18-year-old member of the Lapsus$ gang has been convicted of having helped hack multiple high-profile companies. A teenage member of the Lapsus$ data extortion group, Arion Kurtaj (18), was convicted by a London jury of having hacked multiple high-profile companies, including Uber, Revolut, and blackmailed the developers of the gaming firm Rockstar Games. Since September […]
