Pierluigi Paganini
June 21, 2022
Experts discovered a new kind of Windows NTLM relay attack dubbed DFSCoerce that allows taking control over a Windows domain. Researchers warn of a new Windows NTLM relay attack dubbed DFSCoerce that can be exploited by threat actors to take control over a Windows domain. The DFSCoerce attack relies on the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to […]
Pierluigi Paganini
June 21, 2022
Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonate various services […]
Pierluigi Paganini
June 20, 2022
The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for the Russia-linked APT28. The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek (aka “blabla1234565” and “kazak”) who is accused to have carried out a cyber espionage attack against the NATO […]
Pierluigi Paganini
June 20, 2022
Google Project Zero experts disclosed details of a 5-Year-Old Apple Safari flaw actively exploited in the wild. Researchers from the Google Project Zero team have disclosed details of a vulnerability in Apple Safari that was actively exploited in the wild. The vulnerability, tracked as CVE-2022-22620, was fixed for the first time in 2013, but in […]
Pierluigi Paganini
June 20, 2022
The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented more features to make their attacks stealthy. The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to […]
Pierluigi Paganini
June 19, 2022
A critical vulnerability in Ninja Forms plugin potentially impacted more than one million WordPress websites In middle June, the Wordfence Threat Intelligence team noticed a back-ported security update in the popular WordPress plugin Ninja Forms, which has over one million active installations. The analysis of the updates revealed that they patched a code injection vulnerability […]
Pierluigi Paganini
June 18, 2022
The U.S. Department of Justice (DoJ) announced to have shut down the infrastructure associated with the Russian botnet RSOCKS. The U.S. Department of Justice (DoJ) announced to have shut down the infrastructure associated with the Russian botnet RSOCKS as part of an international police operation that involved law enforcement partners from Germany, the Netherlands, and […]
Pierluigi Paganini
June 18, 2022
Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. The experts documented attacks against multiple banks, including UniCredit, Santander, CaixaBank, and CartaBCC. […]
Pierluigi Paganini
June 17, 2022
China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. Volexity researchers discovered that the zero-day vulnerability, tracked as CVE-2022-1040, in Sophos Firewall was exploited by Chinese threat actors to compromise a company and cloud-hosted web servers it was operating. The vulnerability was exploited by […]
Pierluigi Paganini
June 17, 2022
Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. The latest samples of this spyware were detected by the researchers in April 2022, four […]
Malware / September 13, 2025
