Pierluigi Paganini
July 21, 2021
Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware. FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is […]
Pierluigi Paganini
July 20, 2021
Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit to gain admin rights on systems. Researchers from SentinelOne discovered a 16-year-old security vulnerability in an HP, Xerox, and Samsung printers driver that can allow attackers to gain admin rights on systems running the flawed […]
Pierluigi Paganini
July 20, 2021
Microsoft has seized 17 malicious homoglyph domains used by crooks in a business email compromise (BEC) campaign targeting its users. Microsoft’s Digital Crimes Unit (DCU) has seized 17 domains that were used by scammers in a business email compromise (BEC) campaign aimed at its customers. The IT giant secured a court order that allowed it to take down “homoglyph” domains […]
Pierluigi Paganini
July 20, 2021
A recently discovered iPhone Wi-Fi bug that could crash the WiFi connectivity could be exploited by attackers to achieve remote code execution. In June, the researcher Carl Schou discovered a new bug in iPhone that can permanently break users’ WiFi by disabling it, the issue could be triggered by simply connecting to a rogue hotspot. Once an […]
Pierluigi Paganini
July 19, 2021
US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The U.S. Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope, TEMP.Jumper, and Leviathan) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. […]
Pierluigi Paganini
July 19, 2021
A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant, Saudi Aramco. Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale […]
Pierluigi Paganini
July 19, 2021
Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware. Pegasus is a surveillance malware developed by […]
Pierluigi Paganini
July 19, 2021
Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Security researchers at CyberArk Labs discovered a security bypass vulnerability, tracked as CVE-2021-34466, affecting the Windows Hello facial authentication process, An attacker could exploit the vulnerability to login systems running the Windows 10 OS. […]
Pierluigi Paganini
July 18, 2021
Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The Cyberspace Administration of China (CAC) has issued a new exacerbated vulnerability disclosure regulation that requires white hat hackers uncovering critical zero-day flaws in computer systems to first report them to the government authorities within two […]
Pierluigi Paganini
July 17, 2021
Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. An attacker could exploit the flaws to execute arbitrary code on unpatched routers, crash the devices, or gain access […]
APT / February 05, 2026
