Hacking

Pierluigi Paganini October 24, 2022
Cuba ransomware affiliate targets Ukraine, CERT-UA warns

The Ukraine Computer Emergency Response Team (CERT-UA) warns of Cuba Ransomware attacks against critical networks in the country. The Ukraine Computer Emergency Response Team (CERT-UA) warns of potential Cuba Ransomware attacks against local critical infrastructure. On October 21, 2022, the Ukraine CERT-UA uncovered a phishing campaign impersonating the Press Service of the General Staff of […]

Pierluigi Paganini October 24, 2022
Norway PM warns of Russia cyber threat to oil and gas industry

Norway ’s prime minister warned last week that Russia poses “a real and serious threat” to the country’s oil and gas industry. Norway ’s prime minister Jonas Gahr Støre warned that Russia poses “a real and serious threat” to the country’s oil and gas industry. The minister claims its country is going slow in adopting […]

Pierluigi Paganini October 24, 2022
Security experts targeted with malicious CVE PoC exploits on GitHub

Researchers discovered thousands of GitHub repositories that offer fake proof-of-concept (PoC) exploits for various flaws used to distribute malware. A team of researchers at the Leiden Institute of Advanced Computer Science (Soufian El Yadmani, Robin The, Olga Gadyatskaya) discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for multiple vulnerabilities. The experts analyzed PoCs shared on […]

Pierluigi Paganini October 23, 2022
Hackers stole sensitive data from Iran’s atomic energy agency

Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system. Iran’s atomic energy agency revealed on Sunday that a nation-state actor had access to a subsidiary’s network and free access to its email system, the Associated Press reports. The Iranian government has yet to attribute the attack to a specific The […]

Pierluigi Paganini October 23, 2022
Wholesale giant METRO confirmed to have suffered a cyberattack

International cash and carry giant METRO suffered this week IT infrastructure outages following a cyberattack. International cash and carry giant METRO was hit by a cyberattack that caused IT infrastructure outages. Metro employs more than 95,000 people in 681 stores worldwide, most of them in Germany, its sales reached 24.8 billion euros in 2020. The […]

Pierluigi Paganini October 22, 2022
Daixin Team targets health organizations with ransomware, US agencies warn

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. Healthcare and Public Health sector with ransomware. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. businesses, mainly in the Healthcare and Public Health (HPH) Sector, […]

Pierluigi Paganini October 22, 2022
Threat actors exploit critical flaw in VMware Workspace ONE Access to drop ransomware, miners

Threat actors are exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access in attacks in the wild. Threat actors are actively exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access to deliver cryptocurrency miners and ransomware. The issue causes server-side template injection due to because of the lack of […]

Pierluigi Paganini October 21, 2022
EnergyAustralia Electricity company discloses security breach

Electricity company EnergyAustralia suffered a security breach, threat actors had access to information on 323 customers. Another Australian organization was hit by a severe cyber attack, this time the victim is the Electricity company EnergyAustralia. EnergyAustralia is the country’s third-largest energy retailer. The company confirmed that threat actors had access to information on 323 residential and […]

Pierluigi Paganini October 21, 2022
Experts warn of CVE-2022-42889 Text4Shell exploit attempts

Wordfence researchers warn of exploitation attempts targeting the recently disclosed flaw in Apache Commons Text dubbed Text4Shell. Experts at WordPress security firm Wordfence reported exploitation attempts targeting the recently disclosed flaw in Apache Commons Text dubbed Text4Shell. GitHub’s threat analyst Alvaro Munoz this week disclosed a remote code execution vulnerability, tracked as CVE-2022-42889 (CVSS score 9.8), in the open-source Apache Commons […]

Pierluigi Paganini October 21, 2022
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients

Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based hospital healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The company is notifying the impacted individuals. The healthcare system operates 26 hospitals in Wisconsin and […]