Pierluigi Paganini
February 06, 2022
One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Like NSO Group, QuaDream develops […]
Pierluigi Paganini
February 06, 2022
A flaw in Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps. A zero-day vulnerability, tracked as CVE-2022-24348, in the Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps, including passwords and API keys. The flaw received a CVSS […]
Pierluigi Paganini
February 05, 2022
LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. The exchange is operated by global blockchain and IT services company HashCash. LockBit ransomware operators claim to have stolen customers’ data from the PayBito crypto exchange, […]
Pierluigi Paganini
February 04, 2022
American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat actor. American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat actor that took place in January. The attackers compromised one of the systems of the […]
Pierluigi Paganini
February 04, 2022
The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42 reported that the Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity operating in Ukraine in January, while geopolitical tensions between Russia and Ukraine have escalated dramatically. In Mid January the Ukrainian […]
Pierluigi Paganini
February 04, 2022
An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An alleged Chinese threat actor, tracked as TEMP_Heretic, is actively attempting to exploit a zero-day XSS vulnerability in the Zimbra open-source email platform. The zero-day vulnerability impacts almost any Zimbra install running version 8.8.15. Researchers from […]
Pierluigi Paganini
February 04, 2022
Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. The IT giant added has blocked more than 25.6 billion Azure AD […]
Pierluigi Paganini
February 03, 2022
Six years ago the Powerful Greek Army (PGA) appeared in the threat landscape. After a long breach the hacker collective is back. I have interviewed them in exclusive … enjoy it! Tell me about your hacker team, which is the motivation behind the attacks? We have many motivations and reasons. First of all, we started […]
Pierluigi Paganini
February 03, 2022
Cisco released security patches to address multiple flaws in its Small Business RV160, RV260, RV340, and RV345 series routers. Cisco announced patches for multiple issue affecting its Small Business RV160, RV260, RV340, and RV345 series routers. Some of the bugs fixed by the IT giant could lead to the execution of arbitrary code with root […]
Pierluigi Paganini
February 03, 2022
A China-linked APT group tracked as Antlion used a custom backdoor called xPack that was undetected for months. A China-linked APT group tracked as Antlion is using a custom backdoor called xPack in attacks aimed at financial organizations and manufacturing companies, Symantec researchers reported. The backdoor was undetected for at least 18 months in a […]
