Pierluigi Paganini
December 17, 2020
Microsoft, FireEye, and GoDaddy have partnered to create a kill switch for the Sunburst backdoor that was employed in the recent SolarWinds hack. Microsoft, FireEye, and GoDaddy have created a kill switch for the Sunburst backdoor that was used in SolarWinds supply chain attack. Last week, Russia-linked hackers breached SolarWinds, the attackers had used a trojanized […]
Pierluigi Paganini
December 16, 2020
Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected devices and […]
Pierluigi Paganini
December 16, 2020
Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing. Microsoft partnered with other cybersecurity firms to seize the primary domain used in the SolarWinds attack (avsvmcloud[.]com) in an attempt to identify all victims and prevent other systems from being served malicious software. The domain […]
Pierluigi Paganini
December 16, 2020
Experts discovered a new Windows info-stealer, named PyMICROPSIA, linked to AridViper group that is rapidly evolving to target other platforms. Experts from Palo Alto Networks’s Unit 42 discovered a new Windows info-stealing malware, named PyMICROPSIA, that might be used soon to also target Linux and macOS systems. Experts spotted the PyMICROPSIA info stealer while investigating […]
Pierluigi Paganini
December 15, 2020
Experts reported flaws in Medtronic ’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. MyCareLink Smart […]
Pierluigi Paganini
December 15, 2020
Sophos and ReversingLabs released SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10M malware samples. Sophos and ReversingLabs announced the release of SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10 million malware samples. The SoReL-20M database includes a set of curated and labeled samples and security-relevant metadata that […]
Pierluigi Paganini
December 14, 2020
18,000 SolarWinds customers may have been impacted by the attack against its supply chain, the company said in a SEC filing. SolarWinds revealed that 18,000 customers might have been impacted by the cyber attack against its supply chain. The alarming data emerged in a filing with the Securities and Exchange Commission (SEC) on Monday. “On December […]
Pierluigi Paganini
December 14, 2020
Security experts from Cyble discovered that the details of 1.9 million members of the Chinese Communist Party were leaked on a hacking forum. During routine Dark web monitoring, the experts from Cyble found a post on a Russian-speaking forum offering the details of 1.9 million members of Chinese Communist Party. The huge trove of data, […]
Pierluigi Paganini
December 14, 2020
Hackers broke into the networks of federal agencies and FireEye by compromising SolarWinds’ Orion Network Management Products. The cyber espionage group has tampered with updates released by IT company SolarWinds, which provides its products to government agencies, military, and intelligence offices, two people familiar with the matter told the Reuters agency. Nation-state actors, allegedly Russia-linked […]
Pierluigi Paganini
December 13, 2020
Pay2Key ransomware operators claim to have compromised the network of the Intel-owned chipmaker Habana Labs and have stolen data. Intel-owned AI chipmaker Habana Labs was hacked by Pay2key ransomware operators who claim to have stolen from the company. The group announced the hack on Twitter, they claim to have stolen sensitive data, including information about […]
