Pierluigi Paganini
August 12, 2023
A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek Hosted is a bulletproof hosting service provider used to facilitate the distribution of information-stealing malware, and also to launch DDoS (distributed denial of service) attacks, manage fictitious online shops, manage botnet servers and distribute spam messages […]
Pierluigi Paganini
August 12, 2023
A severe vulnerability in the Python URL parsing function can be exploited to gain arbitrary file reads and command execution. Researchers warn of a high-severity security vulnerability, tracked as CVE-2023-24329 (CVSS score of 7.5), has been disclosed in the Python URL parsing function that could be exploited to bypass blocklisting methods. Successful exploitation of the vulnerability […]
Pierluigi Paganini
August 12, 2023
Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. Researchers from Kaspersky’s Global Research and Analysis Team (GReAT) reported that an unknown threat actor used a new variant of the SystemBC proxy malware, named DroxiDat, in an attack against a power generation company in southern Africa. SystemBC was […]
Pierluigi Paganini
August 11, 2023
Researchers warn that the Gafgyt botnet is actively exploiting a vulnerability impacting the end-of-life Zyxel P660HN-T1A router. A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. The flaw is a command injection vulnerability that resides in the Remote System Log […]
Pierluigi Paganini
August 11, 2023
Germany’s Federal Office for the Protection of the Constitution (BfV) warns that the Charming Kitten APT group targeted Iranian dissidents in the country. The Federal Office for the Protection of the Constitution (BfV) is warning that an alleged nation-state actor targeted Iranian dissident organizations and individuals in the country. The intelligence agency attributes the attack […]
Pierluigi Paganini
August 10, 2023
Experts warn that a new info-stealer named Statc Stealer is infecting Windows devices to steal a broad range of sensitive information. Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, […]
Pierluigi Paganini
August 10, 2023
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) observed a new backdoor, named Whirlpool, in attacks on Barracuda ESG appliances. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor, named Whirlpool, that was employed in attacks targeting Barracuda ESG devices. At the end of May, the network security solutions provider Barracuda warned […]
Pierluigi Paganini
August 09, 2023
The Balada Injector is still at large and still evading security software by utilizing new domain names and using new obfuscation. During a routine web monitoring operation, we discovered an address that led us down a rabbit hole of WordPress-orientated “hack waves” caused by the Balada Injector malware. This evidence suggests that the malware is […]
Pierluigi Paganini
August 09, 2023
Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months. Most of the attacks targeted high-ranking executives. The researchers estimated […]
Pierluigi Paganini
August 09, 2023
Google researcher Daniel Moghimi devised a new side-channel attack technique, named Downfall, against Intel CPU. Google researcher Daniel Moghimi devised a new side-channel attack technique Intel CPU, named Downfall, that relies on a flaw tracked as CVE-2022-40982. An attacker can exploit this vulnerability to access and steal data from other users who share the same […]
Hacking / December 06, 2025
