Pierluigi Paganini
November 14, 2020
Schneider Electric is warning customers of the Drovorub Linux malware that was also analyzed recently by the NSA and the FBI. Schneider Electric published a security bulletin to warn customers of the Drovorub Linux malware, the malware was analyzed in a joint alert published in August by NSA and the FBI. According to the US […]
Pierluigi Paganini
November 13, 2020
TroubleGrabber is a recently discovered credential stealer that spreads via Discord attachments and uses Discord webhooks to exfiltrate data Netskope security researchers have spotted a new credential stealer dubbed TroubleGrabber that spreads via Discord attachments and uses Discord webhooks to transfer stolen data to its operators. The malware the same functionalities used by other malware that target […]
Pierluigi Paganini
November 13, 2020
Threat actors have stolen $2 million worth of Dai cryptocurrency from the cryptocurrency borrowing and lending service Akropolis. Cryptocurrency borrowing and lending service Akropolis disclosed a “flash loan” attack, hackers have stolen roughly $2 million worth of Dai cryptocurrency. The attack took place on November 12, in response to the attack the platform halted all […]
Pierluigi Paganini
November 13, 2020
At least the three nation-state actors have targeted seven COVID-19 vaccine makers, they are Strontium, Lazarus Group, and Cerium, Microsoft warns. Microsoft revealed that at least three APT groups have targeted seven companies involved in COVID-19 vaccines research and treatments. “In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly […]
Pierluigi Paganini
November 13, 2020
Schneider Electric released advisories for multiple flaws, including issues that can allow taking control of Modicon M221 PLCs. Schneider Electric released security advisories for multiple vulnerabilities impacting various products, including four issues that can be exploited by attackers to take control of Modicon M221 programmable logic controllers (PLCs). Four encryption and authentication issues in Modicon […]
Pierluigi Paganini
November 12, 2020
The popular children’s online playground Animal Jam has suffered a data breach that affected more than 46 million accounts. Animal Jam is a safe, award-winning online playground for kids created by WildWorks. Kids aging 7 through 11 can play games, personalize their favorite animal, learn fun facts, and so much more. Animal Jam currently has […]
Pierluigi Paganini
November 12, 2020
CostaRicto APT is targeting South Asian financial institutions and global entertainment companies with undocumented malware. Blackberry researchers have documented the activity of a hackers-for-hire group, dubbed CostaRicto, that has been spotted using a previously undocumented piece of malware to target South Asian financial institutions and global entertainment companies. “During the past six months, the BlackBerry Research […]
Pierluigi Paganini
November 12, 2020
Cybersecurity researchers spotted a new modular PoS malware, dubbed ModPipe, that targets PoS restaurant management software from Oracle. ESET researchers discovered a new modular backdoor, dubbed ModPipe, that was designed to target PoS systems running ORACLE MICROS Restaurant Enterprise Series (RES) 3700, which is a management suite widely used in restaurant and hospitality sectors. The backdoor outstands […]
Pierluigi Paganini
November 12, 2020
Google has released Chrome version 86.0.4240.198 that addresses two additional zero-day vulnerabilities that were exploited in the wild. Google has addressed two zero-day vulnerabilities, actively exploited in the wild, with the release of Chrome version 86.0.4240.198. The IT giant has fixed a total of five Chrome zero-day vulnerabilities in only three weeks. Both zero-day flaws, […]
Pierluigi Paganini
November 11, 2020
The alleged decompiled source code for the Cobalt Strike post-exploitation toolkit has been leaked online in a GitHub repository. The decompiled source code for the Cobalt Strike post-exploitation toolkit has allegedly been leaked online in a GitHub repository. Cobalt Strike is a legitimate penetration testing toolkit and threat emulation software that allows attackers to deploy […]
