Pierluigi Paganini
April 13, 2023
Knowing that insider threats are a risk is one thing. Knowing how to fight them off is entirely another. Dealing with issues of insider cyber risk can be different and nuanced. It’s hard to admit that someone from within the company could ‘not be who they say they are’, and it takes a group effort […]
Pierluigi Paganini
April 12, 2023
SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform. SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. The most critical vulnerabilities are: The complete list of the notes is reported in the latest security bulletin: SAP administrators are urged to […]
Pierluigi Paganini
April 12, 2023
AI company OpenAI launched a bug bounty program and announced payouts of up to $20,000 for security flaws in its ChatGPT chatbot service. OpenAI launched a bug bounty program and it is offering up to $20,000 to bug hunters that will report vulnerabilities in its ChatGPT chatbot service. The company explained that ChatGPT is in […]
Pierluigi Paganini
April 10, 2023
US Cybersecurity and Infrastructure Security Agency (CISA) added two flaws in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: This week Apple has released emergency security updates to address the above actively exploited zero-day […]
Pierluigi Paganini
April 10, 2023
Belgian HR giant SD Worx was forced to shut down its IT infrastructure for its UK and Ireland services after a cyber attack. HR and payroll management firm SD Worx shut down its IT systems for its UK and Ireland services after a cyber attack. The company employs more than 7,000 HR professionals and serves over […]
Pierluigi Paganini
April 10, 2023
Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw that can lead to code execution. Cybersecurity vendor Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw, tracked as CVE-2023-1671 (CVSS score of 9.8), that can lead to code execution. The CVE-2023-1671 flaw is a pre-auth command injection issue that […]
Pierluigi Paganini
April 10, 2023
Samsung employees have unwittingly leaked top secret data by providing them to the popular chatbot service ChatGPT. Samsung employees have shared internal documents, including meeting notes and source code, with the popular chatbot service ChatGPT. ChatGPT uses data provided by the users to train itself and build its experience, with the risk that this data […]
Pierluigi Paganini
April 09, 2023
The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed a critical vulnerability, tracked as CVE-2023-29017 (CVSS score 9.8), that could be exploited to execute arbitrary shellcode. vm2 is a sandbox that can run untrusted code in an isolated context […]
Pierluigi Paganini
April 09, 2023
Andrey Shevlyakov, an Estonian national, was charged in the US with conspiracy and other charges related to acquiring U.S.-made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. The defendant was arrested in Estonia on […]
Pierluigi Paganini
April 08, 2023
US CISA has added Veritas Backup Exec flaws, which were exploited in ransomware attacks, to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: This week Mandiant researchers reported that an affiliate of the ALPHV/BlackCat ransomware gang, tracked as UNC4466, was observed […]
Security / November 12, 2025
Cyber Crime / November 12, 2025
