Security

Pierluigi Paganini January 15, 2025
CVE-2024-44243 macOS flaw allows persistent malware installation

Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection (SIP). SIP in macOS safeguards the system by […]

Pierluigi Paganini January 14, 2025
FBI deleted China-linked PlugX malware from over 4,200 US computers

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation. The malware was operated […]

Pierluigi Paganini January 14, 2025
Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cyber espionage campaign to gather economic and political intelligence in Central Asia. The Computer Emergency Response Team of Ukraine (CERT-UA) first detailed the activity of UAC-0063 in early 2023. […]

Pierluigi Paganini January 13, 2025
U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-12686 (CVSS score of 6.6) The flaw is an OS Command Injection Vulnerability in BeyondTrust […]

Pierluigi Paganini January 13, 2025
Inexperienced actors developed the FunkSec ransomware using AI tools

FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late 2024, the gang published over 85 victims in December 2024. The group likely used AI-based systems to quickly develop advanced tools, blending hacktivism and cybercrime. However, […]

Pierluigi Paganini January 10, 2025
Banshee macOS stealer supports new evasion mechanisms

Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called […]

Pierluigi Paganini January 09, 2025
U.S. Medical billing provider Medusind suffered a sata breach

Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. Medusind is a company that provides medical billing, coding, and revenue cycle management (RCM) services to healthcare organizations, including medical practices, dental practices, and other providers. The company disclosed a data breach discovered on December 29, […]

Pierluigi Paganini January 09, 2025
U.S. CISA adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure, and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti Connect Secure Vulnerability, tracked as CVE-2025-0282 (CVSS score: 9.0) to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability Ivanti impacted Ivanti Connect […]

Pierluigi Paganini January 09, 2025
SOC Scalability: How AI Supports Growth Without Overloading Analysts

Scaling up a security operations center (SOC) is inevitable for many organizations. How AI supports growth without overloading analysts. Scaling up a security operations center (SOC) is inevitable for many organizations. Although it might sting, keeping pace with business growth, increased threat volume and complexity, or compliance and regulatory demands requires enhancing and expanding SOC […]

Pierluigi Paganini January 08, 2025
SonicWall warns of an exploitable SonicOS vulnerability

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” SonicWall is urging customers to upgrade the SonicOS firmware of their firewalls to patch an authentication bypass vulnerability tracked as CVE-2024-53704 (CVSS score of 8.2). The vulnerability resides in SSL VPN and SSH management and according […]