Pierluigi Paganini
January 02, 2023
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […]
Pierluigi Paganini
December 31, 2022
Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. Researchers from Jama Network analyzed trends in ransomware attacks […]
Pierluigi Paganini
December 30, 2022
Netgear addressed a high-severity bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC. Netgear fixed a bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged […]
Pierluigi Paganini
December 30, 2022
US CISA added TIBCO Software’s JasperReports vulnerabilities to its Known Exploited Vulnerabilities Catalog. US CISA added TIBCO Software’s JasperReports vulnerabilities, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), to its Known Exploited Vulnerabilities (KEV) catalog,. TIBCO JasperReports is an open-source Java reporting tool for creating and managing reports and dashboards. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB […]
Pierluigi Paganini
December 29, 2022
The Lake Charles Memorial Health System (LCMHS) suffered a ransomware attack that impacted 270,000 patients. The Lake Charles Memorial Health System (LCMHS) disclosed a data breach that affected almost 270,000 patients at its medical centers. The Lake Charles Memorial Health System is the largest not-for-profit community healthcare system in Southwest Louisiana. LCMHS reported the incident to the secretary of the U.S. […]
Pierluigi Paganini
December 28, 2022
The chief executive of insurance giant Zurich warns that cyber attacks, rather than natural catastrophes, will become uninsurable. Mario Greco, chief executive of insurer giant Zurich, has warned that cyber attacks will become soon âuninsurable.â The attacks are becoming even more frequent and the damage they are causing continues to grow. âWhat will become uninsurable […]
Pierluigi Paganini
December 27, 2022
Facebook (Meta) has agreed to pay $725 million to settle the class-action lawsuit filed in 2018 over the Cambridge Analytica data leak. Facebook (Meta) has agreed to pay $725 million to settle a class-action lawsuit filed in 2018 over the Cambridge Analytica data leak. According to Reuters, the lawyers for the plaintiffs defined the proposed […]
Pierluigi Paganini
December 25, 2022
Experts warn of a critical Linux Kernel vulnerability (CVSS score of 10) impacting SMB servers that can lead to remote code execution. A critical Linux kernel vulnerability (CVSS score of 10) exposes SMB servers with ksmbd enabled to hack. KSMBD is a Linux kernel server that implements SMB3 protocol in kernel space for sharing files […]
Pierluigi Paganini
December 19, 2022
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild. Cisco has updated multiple security advisories to warn of the active exploitation of several old vulnerabilities impacting its products. The bugs, some of which are rated as âcriticalâ severity, impact Cisco IOS, NX-OS, and HyperFlex software. Below are […]
Pierluigi Paganini
December 18, 2022
Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client. Google announced end-to-end encryption for Gmail (E2EE), with Gmail client-side encryption beta, users can send and receive encrypted emails within their domain and outside of their domain. Google E2EE was already available for users of Google […]
