Hacking

Pierluigi Paganini March 02, 2021
French multinational dairy Lactalis hit by a cyber attack

French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy giant Lactalis announced that it was hit by a cyber attack, but claimed that it had found no evidence of a data breach. Lactalis employs more than 80,000 people worldwide, at more than 230 production […]

Pierluigi Paganini March 01, 2021
Gootkit delivery platform Gootloader used to deliver additional payloads

The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost […]

Pierluigi Paganini February 28, 2021
New Zealand-based cryptocurrency exchange Cryptopia hacked again

The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million […]

Pierluigi Paganini February 27, 2021
Experts found a critical authentication bypass flaw in Rockwell Automation software

A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University […]

Pierluigi Paganini February 27, 2021
T-Mobile customers were hit with SIM swapping attacks

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks. Crooks conduct SIM swapping attacks to take control of victims’ […]

Pierluigi Paganini February 26, 2021
Microsoft releases open-source CodeQL queries to assess Solorigate compromise

Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack Microsoft has announced the availability of open-source CodeQL queries that the IT giant used during its investigation into the SolarWinds attack. In early 2021, the US agencies FBI, CISA, ODNI, and the NSA released a joint […]

Pierluigi Paganini February 26, 2021
Hackers are selling access to Biochemical systems at Oxford University Lab

Hackers have broken into the biochemical systems of an Oxford University lab where researchers are working on the study of Covid-19. Hackers compromised the systems at one of the most advanced biology labs at the Oxford University that is involved in the research on the Covid-19 pandemic. The news was disclosed by Forbes and the […]

Pierluigi Paganini February 26, 2021
China-linked TA413 group target Tibetan organizations

The Chinese hacking group, tracked as TA413, used a malicious Firefox add-on in a cyberespionage campaign aimed at Tibetans. China-linked cyberespionage group TA413 targeted Tibetan organizations across the world using a malicious Firefox add-on, dubbed FriarFox, that allowed them to steal Gmail and Firefox browser data and deliver malware on infected systems. “We attribute this […]

Pierluigi Paganini February 25, 2021
North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. The state-sponsored hackers targeted organizations from more than a dozen countries. The experts discovered the custom backdoor while investigating an […]

Pierluigi Paganini February 25, 2021
Google discloses technical details of Windows CVE-2021-24093 RCE flaw

Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed the details of a recently patched Windows vulnerability, tracked as CVE-2021-24093, that can be exploited for remote code execution in the context of the DirectWrite client. DirectWrite […]