Pierluigi Paganini
March 09, 2022
Threat actors hacked Russian federal agencies’ websites in a supply chain attack involving the compromise of a stats widget. Some Russian federal agencies’ websites were compromised in a supply chain attack, threat actors compromised the stats widget used to track the number of visitors by several government agencies. Threat actors were able to deface the […]
Pierluigi Paganini
March 09, 2022
The collective Anonymous has hacked public cameras in Russia and transmitted their live feed on a website, it also announced a clamorous leak. Anonymous and other hacker groups continue to target Russia, in a recent attack the collective has taken over more than 400 Russian cameras in support of Ukraine. The hacktivist shared the live feed […]
Pierluigi Paganini
March 09, 2022
Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. An attacker can exploit these vulnerabilities to implant a firmware that survives […]
Pierluigi Paganini
March 09, 2022
Samsung confirmed that threat actors had access to the source code of its Galaxy smartphones in recent security breach. Samsung this week disclosed a data breach, threat actors had access to internal company data, including the source code of Galaxy models. Last week the Lapsus$ ransomware gang claimed to have stolen a huge trove of sensitive data […]
Pierluigi Paganini
March 09, 2022
Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including 3 zero-days. Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including Microsoft Windows components, Azure and Azure DevOps, Azure Sphere, Internet Explorer and Edge (EdgeHTML), Exchange Server, Office and Office Services and Web Apps, SharePoint Server, […]
Pierluigi Paganini
March 08, 2022
Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google Threat Analysis Group (TAG), which focuses on the analysis of nation-state threat actors, revealed to have blocked attacks against hundreds of Ukrainians conducted by Belarus and Russian state-sponsored hackers. The attacks have been attributed to the Russia-linked […]
Pierluigi Paganini
March 08, 2022
Many IoT and medical devices are affected by seven serious flaws, collectively tracked as Access:7, in widely used Axeda platform. Researchers from medical device cybersecurity company CyberMDX have discovered seven serious flaws, collectively tracked as Access:7, in the widely used Axeda platform of IIoT solutions provider PTC. “Access:7 could enable hackers to remotely execute malicious […]
Pierluigi Paganini
March 08, 2022
Ukraine’s CERT-UA warned citizens of new phishing attacks launched through compromised email accounts belonging to Indian entities. Ukraine’s Computer Emergency Response Team (CERT-UA) is warning of new phishing attacks targeting Ukrainian citizens through compromised email accounts belonging to three different Indian entities. The attacks were aimed at stealing sensitive information from compromised accounts. The malicious […]
Pierluigi Paganini
March 08, 2022
Dirty Pipe is a Linux vulnerability, tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. Security expert Max Kellermann discovered a Linux flaw, dubbed Dirty Pipe and tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. The vulnerability affects Linux Kernel […]
Pierluigi Paganini
March 07, 2022
SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. SharkBot is a banking trojan that has been active since October 2021, it allows to steal banking account credentials and bypass multi-factor authentication mechanisms. The malware was spotted at the end of October by researchers from cyber security firms […]
APT / February 05, 2026
