Pierluigi Paganini
October 27, 2021
North Korea-linked Lazarus APT group is extending its operations and started targeting the IT supply chain on new targets. North Korea-linked Lazarus APT group is now targeting also IT supply chain, researchers from Kaspersky Lab warns. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. […]
Pierluigi Paganini
October 27, 2021
A cyberattack has disrupted gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) across Iran. A cyber attack has disrupted gas stations from the state-owned National Iranian Oil Products Distribution Company (NIOPDC) across Iran. The attack also defaced the screens at the gas pumps and gas price billboards. In multiple cities, the billboards […]
Pierluigi Paganini
October 26, 2021
A researcher from the security firm CyberArk has managed to crack 70% of Tel Aviv’s Wifi Networks starting from a sample of 5,000 gathered WiFi. CyberArk security researcher Ido Hoorvitch demonstrated how it is possible to crack WiFi at scale by exploiting a vulnerability that allows retrieving a PMKID hash. Hoorvitch has managed to crack […]
Pierluigi Paganini
October 26, 2021
The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised tens of US companies. The FBI published a flash alert to warn of Ranzy Locker ransomware operations that had already compromised at least 30 US companies this year. The gang has been active since at […]
Pierluigi Paganini
October 26, 2021
UltimaSMS, a massive fraud campaign is using Android apps with million of downloads to subscribe victims to premium subscription services. Researchers from Avast have uncovered a widespread premium SMS scam on the Google Play Store, tracked as UltimaSMS, the name comes from the first apps they discovered called Ultima Keyboard 3D Pro. Threat actors used at […]
Pierluigi Paganini
October 25, 2021
US CISA urges administrators to address a critical remote code execution flaw, tracked as CVE-2021-41163, in Discourse installs. Discourse is a popular open-source Internet forum and mailing list management software application. The US CISA published a security advisory to urge administrators to fix a critical remote code execution flaw, tracked as CVE-2021-41163, in Discourse installs. The […]
Pierluigi Paganini
October 25, 2021
The Red Team Research (RTR), the bug’s research division from Italian Telecommunication firm TIM, found 2 new vulnerabilities affecting the Ericsson OSS-RC. What is the OSS (Operations Support System)? The Operations Support System – Radio and Core (OSS-RC) provides a centralized interface into the radio and core components. The Operations Support Systems are all those […]
Pierluigi Paganini
October 25, 2021
Russia-linked Nobelium APT group has breached at least 14 managed service providers (MSPs) and cloud service providers since May 2021. The SolarWinds security breach was not isolated, Russia-linked Nobelium APT group has targeted140 managed service providers (MSPs) and cloud service providers and successfully breached 14 of them since May 2021. The NOBELIUM APT (APT29, Cozy Bear, and […]
Pierluigi Paganini
October 25, 2021
Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018 to June 2021. The iPhone of New York Times journalist Ben Hubbard was repeatedly infected with NSO Group’s Pegasus spyware. The device was compromised two times, in July 2020 and June 2021. The attacks were […]
Pierluigi Paganini
October 24, 2021
Microsoft uncovered an extensive series of credential phishing campaigns that employed a custom phishing kit tracked as TodayZoo. Microsoft researchers uncovered a custom phishing kit, dubbed TodayZoo, that was used in an extensive series of credential phishing campaigns. A “phishing kit” is a set of software or services aimed at facilitating phishing campaigns, In most […]
Hacking / November 10, 2025
Hacking / November 09, 2025
