Pierluigi Paganini
August 19, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)Â added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability, tracked as CVE-2024-23897Â (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. In January 2024, researchers […]
Pierluigi Paganini
August 19, 2024
Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potentially linked to the cybercrime group FIN7. The team collaborated with the cybersecurity experts of Silent Push and Stark Industries Solutions who shared their findings. FIN7 is a Russian criminal group (aka Carbanak) […]
Pierluigi Paganini
August 19, 2024
Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit attempt based on the public proof of concept (PoC) for the Ivanti vTM bug, CVE-2024-7593. In Mid-August, Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-7593 (CVSS […]
Pierluigi Paganini
August 19, 2024
Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), which has been exploited by the North Korea-linked Lazarus APT group. The vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), is a privilege escalation issue that resides in the Windows Ancillary Function Driver (AFD.sys) for […]
Pierluigi Paganini
August 19, 2024
New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a new ransomware group called Mad Liberator is exploiting the remote-access application Anydesk for their attacks. The group was also spotted running a fake Microsoft Windows update […]
Pierluigi Paganini
August 18, 2024
Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using ‘MasterPrints, ‘which are fingerprints that can match multiple other prints. A team of researchers from US universities demonstrated how to deceive fingerprint recognition systems through dictionary attacks using ‘MasterPrints,’ which are fingerprints that can match multiple other prints. The experts introduced DeepMasterPrints, which […]
Pierluigi Paganini
August 18, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Large-scale extortion campaign targets publicly accessible environment variable files (.env) OpenAI dismantled an Iranian influence operation targeting the […]
Pierluigi Paganini
August 18, 2024
A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extortion campaign that successfully compromised and extorted multiple victim organizations by leveraging exposed environment variable files (.env files). The exposed files contained sensitive variables such as credentials belonging to various applications. This extortion […]
Pierluigi Paganini
August 17, 2024
FortiGuard Labs researchers uncovered an ongoing ValleyRAT malware campaign that is targeting Chinese-speaking users. ValleyRAT is a multi-stage malware that supports multiple techniques to monitor and control compromised devices. The malicious code is also used to deploy arbitrary plugins on the infected systems. A noteworthy characteristic of ValleyRAT malware is the heavy usage of shellcode […]
Pierluigi Paganini
August 16, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)Â added SolarWinds Web Help Desk deserialization of untrusted data vulnerability, tracked as CVE-2024-28986Â (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week SolarWinds fixed the […]
Malware / September 13, 2025
Data Breach / September 12, 2025
