Hacking Archives - Page 279 of 967

Pierluigi Paganini March 09, 2022

HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. An attacker can exploit these vulnerabilities to implant a firmware that survives […]

Pierluigi Paganini March 09, 2022

Samsung data breach: Lapsus$ gang stole Galaxy devices’ source code

Samsung confirmed that threat actors had access to the source code of its Galaxy smartphones in recent security breach. Samsung this week disclosed a data breach, threat actors had access to internal company data, including the source code of Galaxy models. Last week the Lapsus$ ransomware gang claimed to have stolen a huge trove of sensitive data […]

Pierluigi Paganini March 09, 2022

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including 3 zero-days. Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including Microsoft Windows components, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office and Office Services and Web Apps, SharePoint Server, […]

Pierluigi Paganini March 08, 2022

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google Threat Analysis Group (TAG), which focuses on the analysis of nation-state threat actors, revealed to have blocked attacks against hundreds of Ukrainians conducted by Belarus and Russian state-sponsored hackers. The attacks have been attributed to the Russia-linked […]

Pierluigi Paganini March 08, 2022

Access:7 flaws impact +150 device models from over 100 manufacturers

Many IoT and medical devices are affected by seven serious flaws, collectively tracked as Access:7, in widely used Axeda platform. Researchers from medical device cybersecurity company CyberMDX have discovered seven serious flaws, collectively tracked as Access:7, in the widely used Axeda platform of IIoT solutions provider PTC. “Access:7 could enable hackers to remotely execute malicious […]

Pierluigi Paganini March 08, 2022

Ukraine’s CERT-UA warns of phishing attacks against Ukrainian citizens

Ukraine’s CERT-UA warned citizens of new phishing attacks launched through compromised email accounts belonging to Indian entities. Ukraine’s Computer Emergency Response Team (CERT-UA) is warning of new phishing attacks targeting Ukrainian citizens through compromised email accounts belonging to three different Indian entities. The attacks were aimed at stealing sensitive information from compromised accounts. The malicious […]

Pierluigi Paganini March 08, 2022

Dirty Pipe Linux flaw allows gaining root privileges on major distros

Dirty Pipe is a Linux vulnerability, tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. Security expert Max Kellermann discovered a Linux flaw, dubbed Dirty Pipe and tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. The vulnerability affects Linux Kernel […]

Pierluigi Paganini March 07, 2022

SharkBot, the new generation banking Trojan distributed via Play Store

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. SharkBot is a banking trojan that has been active since October 2021, it allows to steal banking account credentials and bypass multi-factor authentication mechanisms. The malware was spotted at the end of October by researchers from cyber security firms […]

Pierluigi Paganini March 07, 2022

Anonymous hacked Russian streaming services to broadcast war footage

Anonymous hacked into the most popular Russian streaming services to broadcast war footage from Ukraine. The popular hacker collective Anonymous continues to target Russian entities, a few hours ago the group hacked into the most popular Russian streaming services to broadcast war footage from Ukraine and demonstrate to Russians the atrocity of the invasion ordered […]

Pierluigi Paganini March 07, 2022

Mozilla addresses two actively exploited zero-day flaws in Firefox

Mozilla fixed two critical actively exploited zero-day bugs in Firefox with the release of 97.0.2, ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0. Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to address a couple of critical zero-day vulnerabilities, tracked as CVE-2022-26485 and CVE-2022-26485, actively exploited in […]

Hacking

HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

Samsung data breach: Lapsus$ gang stole Galaxy devices’ source code

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Access:7 flaws impact +150 device models from over 100 manufacturers

Ukraine’s CERT-UA warns of phishing attacks against Ukrainian citizens

Dirty Pipe Linux flaw allows gaining root privileges on major distros

SharkBot, the new generation banking Trojan distributed via Play Store

Anonymous hacked Russian streaming services to broadcast war footage

Mozilla addresses two actively exploited zero-day flaws in Firefox

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

DoJ resentenced former BreachForums admin to three years in prison

Apple backports fix for actively exploited CVE-2025-43300

New supply chain attack hits npm registry, compromising 40+ packages

Cybercrime group accessed Google Law Enforcement Request System (LERS)

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!