Pierluigi Paganini
April 08, 2022
The popular hacking Anonymous and the IT ARMY of Ukraine continue to target Russian government entities and private businesses. This week Anonymous claimed to have hacked multiple private businesses and leaked their data through the DDoSecrets platform. The list of recently compromised businesses includes: Forest – The hacktivists leaked 37,500 emails stolen from the company […]
Pierluigi Paganini
April 08, 2022
A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. Denys Iarmak, a Ukrainian national (32), has been sentenced to five years in prison in the U.S. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). The man […]
Pierluigi Paganini
April 08, 2022
Microsoft obtained a court order to take over seven domains used by the Russia-linked APT28 group to target Ukraine. Microsoft on Thursday announced it has obtained a court order to take over seven domains used by Russia-linked cyberespionage group APT28 in attacks against Ukraine. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) has been active since at least 2007 […]
Pierluigi Paganini
April 07, 2022
Experts discovered a vulnerability, tracked as CVE-2022-22292, which can be exploited to compromise Android 9, 10, 11, and 12 devices. Researchers from mobile cybersecurity firm Kryptowire discovered a vulnerability, tracked as CVE-2022-22292, in Android 9, 10, 11, and 12 devices. The vulnerability resides in the pre-installed Phone app that executes with system privileges on Samsung […]
Pierluigi Paganini
April 07, 2022
Palo Alto Networks plans to fix CVE-2022-0778 OpenSSL flaw in some of its firewall, VPN, and XDR, products during April 2022. In Mid March, OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero […]
Pierluigi Paganini
April 06, 2022
The U.S. government announced the disruption of the Cyclops Blink botnet operated by the Russia-linked Sandworm APT group. The U.S. government announced that it had dismantled the Cyclops Blink botnet operated by the Russia-linked Sandworm APT group. “The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet […]
Pierluigi Paganini
April 06, 2022
Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts. The Ukrainian CERT attributes the hacking campaign to threat actors […]
Pierluigi Paganini
April 06, 2022
Block disclosed a data breach related to the Cash App investing app and is notifying 8.2 million current and former US customers. The data breach involved a former employee that downloaded some unspecified reports of its Cash App Investing app that contained some U.S. customer information. Cash App is an app that allows users to […]
Pierluigi Paganini
April 05, 2022
Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon, Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” the campaign aims at […]
Pierluigi Paganini
April 05, 2022
Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported. The fake data breach notification emails urged Trezort customers to reset the PIN of […]
Malware / September 13, 2025
Data Breach / September 12, 2025
