Pierluigi Paganini
November 23, 2021
A researcher has released a proof-of-concept exploit code for an actively exploited vulnerability affecting Microsoft Exchange servers. The researcher Janggggg has published on Sunday a proof-of-concept exploit code for an actively exploited vulnerability, tracked as CVE-2021-42321, in Microsoft Exchange servers. The CVE-2021-42321 is a high-severity remote code execution issue that occurs due to improper validation of […]
Pierluigi Paganini
November 23, 2021
A researcher publicly disclosed an exploit for a new Windows zero-day local privilege elevation that can allow gaining admin privileges. A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that can be exploited by threat actors to achieve admin privileges in Windows 10, Windows 11, and Windows […]
Pierluigi Paganini
November 23, 2021
US CISA and the FBI issued a joint alert to warn critical infrastructure partners and public/private organizations of ransomware attacks during holidays. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warn critical infrastructure partners of ransomware attacks during the holiday season. During this period offices are often closed and employees are at home, […]
Pierluigi Paganini
November 22, 2021
Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for the attack. Iranian private airline Mahan Air has foiled a cyber attack over the weekend, Iranian state media reported. The airliner’s flight schedule was not affected by the cyberattack. “Our international and domestic flights are […]
Pierluigi Paganini
November 22, 2021
The Securities and Exchange Commission (SEC) warns investors of attacks impersonating its officials in government impersonator schemes. The Securities and Exchange Commission (SEC) is warning investors of scammers impersonating SEC officials in fraudulent schemes. According to the alert issued by the SEC’s Office of Investor Education and Advocacy (OIEA), crooks are contacting investors via phone […]
Pierluigi Paganini
November 21, 2021
Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks. JFrog researchers have discovered 11 malicious Python packages in the Python Package Index (PyPI) repository that can steal Discord access tokens, passwords, and even carry out dependency confusion attacks. Below is the list of malicious […]
Pierluigi Paganini
November 21, 2021
A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails. A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails to avoid detection. The campaign was uncovered by TrendMicro researchers that detailed the technique used to trick […]
Pierluigi Paganini
November 19, 2021
North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint revealed that the North Korea-linked TA406 APT group (Kimsuky, Thallium, and Konni, Black Banshee, Velvet Chollima) has intensified its operations in 2021. The TA406 cyber espionage group was first spotted by Kaspersky researchers in 2013. At the end of October […]
Pierluigi Paganini
November 19, 2021
Researchers revealed that Conti ransomware operators earned at least $25.5 million from ransom payments since July 2021. A study conducted by Swiss security firm Prodaft with the support of blockchain analysis firm Elliptic revealed that the operators of the Conti ransomware have earned at least $25.5 million from attacks and subsequent ransoms carried out since […]
Pierluigi Paganini
November 18, 2021
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores. Security researchers from Sansec Threat Research Team discovered a Linux backdoor during an investigation into the compromised of an e-commerce server with a software skimmer. The attackers initially conducted a reconnaissance phase by probing the […]
Data Breach / September 12, 2025
Cyber Crime / September 11, 2025
