Pierluigi Paganini
July 15, 2021
Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server Zero-day exploit broker Zerodium announced it is looking for zero-day exploits for VMware vCenter Server. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. The company will […]
Pierluigi Paganini
July 14, 2021
Google security experts revealed that Russia-linked APT group targeted LinkedIn users with Safari zero-day. Security researchers from Google Threat Analysis Group (TAG) and Google Project Zero revealed that four zero-day vulnerabilities have been exploited in the wild earlier this year. The four security flaws were discovered earlier this year and affect Google Chrome, Internet Explorer, and WebKit browser […]
Pierluigi Paganini
July 14, 2021
LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. Kaspersky experts uncovered an ongoing and large-scale cyber espionage campaign, tracked as LuminousMoth, aimed at government entities from Southeast Asia, including Myanmar and the Philippines government entities. The LuminousMoth campaign has been linked by […]
Pierluigi Paganini
July 14, 2021
Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]
Pierluigi Paganini
July 12, 2021
SolarWinds confirmed that a threat actor is actively exploiting a new zero-day vulnerability in Serv-U products and urges customers to fix it. SolarWinds addressed a zero-day remote code execution flaw in Serv-U products which is actively exploited in the wild by a single threat actor. SolarWinds was informed of the zero-day by Microsoft, the issue affects Serv-U Managed File Transfer […]
Pierluigi Paganini
July 11, 2021
President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir Putin. The recent wave of ransomware attacks carried out by Russian gangs like REvil and Darkside worries US authorities and was discussed by Presidents Biden and Putin during a phone call. The ransomware attacks against […]
Pierluigi Paganini
July 10, 2021
Iran’s railroad system was hit by a cyberattack, hackers posted fake messages about delays or cancellations of the trains on display boards at stations across the country. Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, […]
Pierluigi Paganini
July 10, 2021
Threat actors are conducting a spam campaign aimed at infecting Kaseya customers, posing as legitimate VSA security updates Kaseya is warning customers of threat actors attempting to exploit the recent massive supply chain ransomware attack suffered by the company. The software provider is warning of an ongoing malspam campaign aimed at delivering malware into their […]
Pierluigi Paganini
July 09, 2021
Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in malspam attacks. Most of the malspam campaigns leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. Now experts from McAfee Labs warn of a novel technique used by threat actors that […]
Pierluigi Paganini
July 09, 2021
Microsoft confirmed that the emergency security updates (KB5005010) correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527). Microsoft says that the emergency security patches released early this week correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527) for all supported Windows versions. Immediately after the release of the updates (KB5004945) multiple researchers questioned its efficiency and explained […]
