Pierluigi Paganini
February 24, 2023
Researchers warn of an evasive cryptojacking malware targeting macOS which spreads through pirated applications Jamf Threat Labs researchers reported that an evasive cryptojacking malware targeting macOS was spotted spreading under the guise of the Apple-developed video editing software, Final Cut Pro. Trojanized versions of legitimate applications are being used to deploy XMRig cryptocurrency miner on […]
Pierluigi Paganini
February 24, 2023
Experts warn of threat actors actively exploiting the critical CVE-2022-47966 (CVSS score: 9.8) flaw in Zoho ManageEngine. Multiple threat actors are actively exploiting the Zoho ManageEngine CVE-2022-47966 (CVSS score: 9.8) in attacks in the wild, Bitdefender Labs reported. “Starting on January 20 2023, Bitdefender Labs started to notice a global increase in attacks using the ManageEngine exploit CVE-2022-47966.” reads the […]
Pierluigi Paganini
February 23, 2023
Threat actors are actively exploiting the Fortinet FortiNAC vulnerability CVE-2022-39952 a few hours after the publication of the PoC exploit code. This week, researchers at Horizon3 cybersecurity firm have released a proof-of-concept exploit for a critical-severity vulnerability, tracked as CVE-2022-39952, in Fortinet’s FortiNAC network access control solution. Last week, Fortinet has released security updates to address two […]
Pierluigi Paganini
February 23, 2023
Dutch intelligence revealed that many cyber operations attributed to Russia against Ukraine and NATO members have yet to be publicly disclosed. According to a joint report published by the Dutch General Intelligence and Security Service (AIVD), and the Military Intelligence and Security Service (MIVD), many cyber operations conducted by Russia-linked hackers against Ukraine and NATO […]
Pierluigi Paganini
February 22, 2023
Researchers warn that the MyloBot botnet is rapidly spreading and it is infecting thousands of systems worldwide. The MyloBot botnet has been active since 2017 and was first detailed by cybersecurity firm Deep Instinct in 2018. MyloBot is a highly evasive Windows botnet that supports advanced anti-analysis techniques. The first sample of the bot analyzed by the […]
Pierluigi Paganini
February 21, 2023
Researchers released a proof-of-concept exploit code for the critical CVE-2022-39952 vulnerability in the Fortinet FortiNAC network access control solution. Researchers at Horizon3 cybersecurity firm have released a proof-of-concept exploit for a critical-severity vulnerability, tracked as CVE-2022-39952, in Fortinet’s FortiNAC network access control solution. Last week, Fortinet has released security updates to address two critical vulnerabilities in FortiNAC […]
Pierluigi Paganini
February 21, 2023
Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost. The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. The gang threatens victims of further attacks if their ransom […]
Pierluigi Paganini
February 21, 2023
Resecurity warns about the increase of malicious cyber activity targeting data center service providers globally. According to the detailed report recently released by the California-based cybersecurity company, during September 2021, Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. Such organizations act as a critical part of the enterprise […]
Pierluigi Paganini
February 21, 2023
Researchers spotted a new information stealer, called Stealc, which supports a wide set of stealing capabilities. In January 2023, researchers at SEKOIA.IO discovered a new information stealer, dubbed Stealc, which was advertised in the dark web forums. The malware was developed by a threat actor that uses the moniker Plymouth who claims the info-stealer supports a […]
Pierluigi Paganini
February 20, 2023
The Coinbase cryptocurrency exchange was the victim of a sophisticated cyberattack, experts believe is was targeted by Twilio hackers. A sophisticated threat actor launched a smishing campaign against the employees of the cryptocurrency exchange Coinbase. According to the company, on February 5, 2023, some of its employees received text messages requesting them to urgently log […]
