Pierluigi Paganini
May 19, 2023
Experts discovered two malicious packages in the npm package repository, both were laced with an open-source info-stealer called TurkoRat. ReversingLabs discovered two malicious packages, respectively named nodejs-encrypt-agent and nodejs-cookie-proxy-agent, in the npm package repository containing an open-source info-stealer called TurkoRat. TurkoRat is an information-stealing malware that can obtain a broad range of data from the infected machine, […]
Pierluigi Paganini
May 18, 2023
A researcher published a PoC tool to retrieve the master password from KeePass by exploiting the CVE-2023-32784 vulnerability. Security researcher Vdohney released a PoC tool called KeePass 2.X Master Password Dumper that allows retrieving the master password for KeePass. The tool exploits the unpatched KeePass vulnerability, tracked CVE-2023-32784, to retrieve the master password from the memory […]
Pierluigi Paganini
May 18, 2023
A US national has pleaded guilty to operating the carding site Skynet Market and selling financial information belonging to tens of thousands of US victims. The U.S. national Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, pleaded guilty to operating a carding site on the dark web called Skynet Market and selling financial […]
Pierluigi Paganini
May 17, 2023
Searchlight Cyber researchers warn of threat actors that are offering on the dark web access to energy sector organizations. Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious operations against energy organizations. The threat actors use the hidden part of the web to […]
Pierluigi Paganini
May 17, 2023
The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks. The DoJ unsealed two indictments charging the man […]
Pierluigi Paganini
May 17, 2023
Experts found multiple vulnerabilities in Teltonika industrial cellular routers that could expose OT networks to cyber attacks. A joint analysis conducted by industrial cybersecurity firms Claroty and Otorio discovered multiple flaws in Teltonika Networks’ IIoT products that can expose OT networks to remote attacks. Teltonika Networks is a leading manufacturer of networking solutions, widely adopted […]
Pierluigi Paganini
May 16, 2023
French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. The group designs and manufactures electronic equipment for its customers in […]
Pierluigi Paganini
May 16, 2023
China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. Since January 2023, Check Point Research monitored a series of targeted attacks aimed at European foreign affairs entities that have been linked to the China-linked cyberespionage group Mustang Panda (aka Camaro Dragon, RedDelta or “Bronze President). MustangPanda […]
Pierluigi Paganini
May 16, 2023
US Cybersecurity and Infrastructure Security Agency (CISA) added seven new flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog: CVE-2023-25717 – Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the […]
Pierluigi Paganini
May 13, 2023
Discord disclosed a data breach, the security breach was caused by the compromise of a third-party support agent’s account. Discord, the popular VoIP and instant messaging social platform, disclosed a data breach and is notifying the impacted users. The security breach resulted in unauthorized access to a third-party customer service agent’s support ticket queue. Due to the nature […]
