Pierluigi Paganini
October 17, 2022
Government institutions in Bulgaria have been hit by a cyber attack during the weekend, experts believe it was launched by Russian threat actors. The infrastructure of government institutions in Bulgaria has been hit by a massive DDoS attack. The attack started on Saturday and experts believe that it was orchestrated by Russian threat actors. The […]
Pierluigi Paganini
October 16, 2022
Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. The Prestige ransomware first appeared in the threat landscape on October 11 in attacks occurring within an hour […]
Pierluigi Paganini
October 16, 2022
Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […]
Pierluigi Paganini
October 15, 2022
Tata Power Company Limited, India’s largest power generation company, announced it was hit by a cyberattack. Tata Power on Friday announced that was hit by a cyber attack. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of its IT systems.” “The Tata Power Company […]
Pierluigi Paganini
October 14, 2022
Researchers disclosed details of a now-patched flaw, tracked as CVE-2022-37969, in Windows Common Log File System (CLFS). The CVE-2022-37969 (CVSS score: 7.8) flaw is a Windows Common Log File System Driver Elevation of Privilege Vulnerability. The Common Log File System (CLFS) is a general-purpose logging subsystem that can be used by applications running in both kernel mode […]
Pierluigi Paganini
October 14, 2022
Chinese-speaking threat actor, tracked as WIP19, is targeting telecommunications and IT service providers in the Middle East and Asia. SentinelOne researchers uncovered a new threat cluster, tracked as WIP19, which has been targeting telecommunications and IT service providers in the Middle East and Asia. The experts believe the group operated for cyber espionage purposes and is […]
Pierluigi Paganini
October 14, 2022
Experts released the PoC exploit code for the authentication bypass flaw CVE-2022-40684 in FortiGate firewalls and FortiProxy web proxies. A proof-of-concept (PoC) exploit code for the authentication bypass vulnerability CVE-2022-40684 (CVSS score: 9.6) in FortiGate firewalls and FortiProxy web proxies has been released online. The vulnerability impacts FortiOS versions from 7.0.0 to 7.0.6 and from […]
Pierluigi Paganini
October 13, 2022
The Budworm espionage group resurfaced targeting a U.S.-based organization for the first time, Symantec Threat Hunter team reported. The Budworm cyber espionage group (aka APT27, Bronze Union, Emissary Panda, Lucky Mouse, TG-3390, and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of […]
Pierluigi Paganini
October 13, 2022
Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. Cloudflare announced it has mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. The Cloudflare DDoS threat report 2022 Q3 states that multi-terabit massive DDoS attacks have become increasingly frequent. In Q3, the […]
Pierluigi Paganini
October 13, 2022
Experts discovered a new attack framework, including a C2 tool dubbed Alchimist, used in attacks against Windows, macOS, and Linux systems. Researchers from Cisco Talos discovered a new, previously undocumented attack framework that included a C2 dubbed Alchimist. The framework is likely being used in attacks aimed at Windows, macOS, and Linux systems. The experts […]
