Pierluigi Paganini
October 24, 2020
US Treasury Department announced sanctions against Russia’s Central Scientific Research Institute of Chemistry and Mechanics behind Triton malware. The US Treasury Department announced sanctions against a Russian research institute for its alleged role in the development of the Triton malware. “Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated, pursuant to […]
Pierluigi Paganini
October 23, 2020
French IT outsourcer Sopra Steria hit by ‘cyberattack’, Ryuk ransomware suspected French IT outsourcer Sopra Steria has been hit by a ransomware attack, while the company did not reveal the family of malware that infected its systems, local media speculate the involvement of the Ryuk ransomware. “A cyber attack was detected on the Sopra Steria […]
Pierluigi Paganini
October 23, 2020
The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. The Energetic Bear […]
Pierluigi Paganini
October 22, 2020
Taiwanese vendor QNAP published an advisory to warn customers that certain versions of its NAS OS (QTS) are affected by the Zerologon vulnerability. The Taiwanese vendor QNAP has published an advisory to warn customers that certain versions of the operating system for its network-attached storage (NAS) devices, also known as of QTS, are affected by […]
Pierluigi Paganini
October 22, 2020
According to the ENISA Threat Landscape Report 2020, cyberattacks are becoming more sophisticated, targeted, and in many cases undetected. I’m proud to present the ENISA Threat Landscape Report 2020, the annual report published by the ENISA that provides insights on the evolution of cyber threats for the period January 2019-April 2020. The 8th annual ENISA Threat Landscape […]
Pierluigi Paganini
October 21, 2020
Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […]
Pierluigi Paganini
October 21, 2020
Cisco warns of attacks attempting to exploit the CVE-2020-3118 vulnerability that affects multiple carrier-grade routers running Cisco IOS XR Software. Cisco is warning of attacks targeting the CVE-2020-3118 high severity vulnerability that affects multiple carrier-grade routers running the Cisco IOS XR Software. The flaw resides in the Cisco Discovery Protocol implementation for Cisco IOS XR […]
Pierluigi Paganini
October 20, 2020
The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The US National Security Agency (NSA) has published a report that includes details of the top 25 vulnerabilities that are currently being exploited by China-linked APT groups in attacks in the […]
Pierluigi Paganini
October 20, 2020
The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass […]
Pierluigi Paganini
October 20, 2020
The U.S. DoJ announced charges against six Russian intelligence officers for their role in several major cyberattacks carried out over the last years. The U.S. Department of Justice announced charges against six members of Russia’s GRU military intelligence agency for their alleged role in several major cyberattacks conducted over the past years. The defendants are Yuriy […]
