Pierluigi Paganini
October 19, 2022
Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote code execution vulnerability, tracked as CVE-2022-42889, in the open-source Apache Commons Text library. Apache Commons Text is a library focused on algorithms working on strings. The vulnerability, dubbed “Text4Shell,” is an unsafe script evaluation issue […]
Pierluigi Paganini
October 19, 2022
Cybersecurity researchers published technical details about a now-patched FabriXss flaw that impacts Azure Fabric Explorer. Orca Security researchers have released technical details about a now-patched FabriXss vulnerability, tracked as CVE-2022-35829 (CVSS 6.2), that impacts Azure Fabric Explorer. An attacker can exploit the vulnerability to gain administrator privileges on the cluster. In order to exploit this flaw, an […]
Pierluigi Paganini
October 19, 2022
Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at Palo Alto Network’s Unit 42 have linked the relatively new Ransom Cartel ransomware operation with the notorious REvil cybercrime gang. The REvil group was one of the most active ransomware gangs in the first half […]
Pierluigi Paganini
October 18, 2022
An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal cars. The French authorities in cooperation with their Spanish and Latvian peers, and with the support of Europol and Eurojust, have dismantled a cybercrime organization specializing in the theft of cars by hacking key fobs. […]
Pierluigi Paganini
October 18, 2022
HelpSystems, the company that developed the Cobalt Strike platform, addressed a critical remote code execution vulnerability in its software. HelpSystems, the company that developed the commercial post-exploitation toolkit Cobalt Strike, addressed a critical remote code execution vulnerability, tracked as CVE-2022-42948, in its platform. The company released an out-of-band security update to address the remote code […]
Pierluigi Paganini
October 18, 2022
Fortinet confirmed that many systems are still vulnerable to attacks exploiting the CVE-2022-40684 zero-day vulnerability. Fortinet is urging customers to address the recently discovered CVE-2022-40684 zero-day vulnerability. Unfortunately, the number of devices that have yet to be patched is still high. “After multiple notifications from Fortinet over the past week, there are still a significant number of […]
Pierluigi Paganini
October 17, 2022
The IT infrastructure of the Japanese tech company Oomiya was infected with the LockBit 3.0 ransomware. One of the affiliates for the LockBit 3.0 RaaS hit the Japanese tech company Oomiya. Oomiya is focused on designing and manufacturing microelectronics and facility system equipment. The business of Omiya Kasei is divided into four major areas, manufacturing and designing […]
Pierluigi Paganini
October 17, 2022
Government institutions in Bulgaria have been hit by a cyber attack during the weekend, experts believe it was launched by Russian threat actors. The infrastructure of government institutions in Bulgaria has been hit by a massive DDoS attack. The attack started on Saturday and experts believe that it was orchestrated by Russian threat actors. The […]
Pierluigi Paganini
October 16, 2022
Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. The Prestige ransomware first appeared in the threat landscape on October 11 in attacks occurring within an hour […]
Pierluigi Paganini
October 16, 2022
Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […]
