Hacking

Pierluigi Paganini June 12, 2024
CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-4610 is a use-after-free issue issue that impacts Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) and Valhall […]

Pierluigi Paganini June 12, 2024
Ukraine Police arrested a hacker who developed a crypter used by Conti and LockBit ransomware operation

The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (28) for his role in developing a crypter used in Conti and LockBit ransomware operations. The man was arrested in Kyiv on April 18, 2024, as part of […]

Pierluigi Paganini June 11, 2024
Cylance confirms the legitimacy of data offered for sale in the dark web

A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000. A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen data for $750,000. The data includes 34 million customer and employee emails, customer / prospect email and PII, products used by organizations, sales prospect list […]

Pierluigi Paganini June 11, 2024
Arm zero-day in Mali GPU Drivers actively exploited in the wild

Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, tracked as CVE-2024-4610, in Mali GPU Kernel Driver. The vulnerability is a use-after-free issue issue that impacts Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) and Valhall GPU Kernel […]

Pierluigi Paganini June 11, 2024
Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. Patch it now!

A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 and a proof of concept exploit for this issue. The flaw CVE-2024-29849 is a critical vulnerability (CVSS score: 9.8) in Veeam Backup Enterprise Manager that could […]

Pierluigi Paganini June 10, 2024
Japanese video-sharing platform Niconico was victim of a cyber attack

The Japanese video-sharing platform, Niconico, was forced to suspend its services following a cybersecurity incident. The Japanese video-sharing platform, Niconico, temporarily suspended its services following a large-scale cyberattack on June 8, 2024. “Due to the effects of a large-scale cyber attack, Niconico has been unavailable since early morning on June 8th” reads the incident notice […]

Pierluigi Paganini June 10, 2024
Christie’s data breach impacted 45,798 individuals

Auction house Christie’s revealed that the data breach caused by the recent ransomware attack impacted 45,000 individuals. At the end of May, the auction house Christie’s disclosed a data breach after the ransomware group RansomHub threatened to leak stolen data. The security breach occurred in early May and the website of the auction house was unreachable after […]

Pierluigi Paganini June 10, 2024
Sticky Werewolf targets the aviation industry in Russia and Belarus

Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023, initially targeting public organizations in Russia and Belarus. The group has expanded its operations to various sectors, including a pharmaceutical company and a Russian research institute […]

Pierluigi Paganini June 09, 2024
PHP addressed critical RCE flaw potentially impacting millions of servers

A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE discovered a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-4577, in the PHP programming language. An unauthenticated attacker can exploit the flaw to take full control of affected servers. PHP is […]

Pierluigi Paganini June 07, 2024
Pandabuy was extorted twice by the same threat actor

Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pandabuy demonstrates that paying a ransom to an extortion group is risky to the victims. BleepingComputer first reported that Pandabuy had previously paid a ransom […]