Pierluigi Paganini
December 19, 2022
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild. Cisco has updated multiple security advisories to warn of the active exploitation of several old vulnerabilities impacting its products. The bugs, some of which are rated as ‘critical’ severity, impact Cisco IOS, NX-OS, and HyperFlex software. Below are […]
Pierluigi Paganini
December 18, 2022
Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web client. Google announced end-to-end encryption for Gmail (E2EE), with Gmail client-side encryption beta, users can send and receive encrypted emails within their domain and outside of their domain. Google E2EE was already available for users of Google […]
Pierluigi Paganini
December 18, 2022
The fire and rescue service in the state of Victoria, Australia, has shut down its network and turned to operating manually after a cyberattack. The fire and rescue service in the state of Victoria (FRV), Australia, has shut down its network after a cyber attack launched by “an external third party.” Fire Rescue Victoria acting […]
Pierluigi Paganini
December 17, 2022
Samba released updates to address multiple vulnerabilities that can be exploited to take control of impacted systems. Samba released updates to address multiple vulnerabilities, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, that can be exploited to take control of impacted systems. On December 15, 2022, Samba announced the 4.17.4, 4.16.8 and 4.15.13 security releases to address […]
Pierluigi Paganini
December 16, 2022
An ex Twitter employee has been sentenced to three-and-a-half years in prison for spying on individuals on behalf of Saudi Arabia. On august 2022, the former Twitter employee, Ahmad Abouammo (44), was found guilty of gathering private information of certain Twitter users and passing them to Saudi Arabia. Now Abouammo was has been sentenced to three-and-a-half years […]
Pierluigi Paganini
December 16, 2022
Social media analytics service Social Blade disclosed a security breach after a database containing allegedly stolen data from the company was offered for sale. Social Blade is an American social media analytics platform, the company disclosed the security breach after a database containing company data was offered for sale on a hacker forum this week. “On December 14th […]
Pierluigi Paganini
December 16, 2022
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote code execution. The CVE-2022-37958 was […]
Pierluigi Paganini
December 15, 2022
A Chinese-speaking APT group, tracked as MirrorFace, is behind a spear-phishing campaign targeting Japanese political entities. ESET researchers recently discovered a spear-phishing campaign targeting Japanese political entities and attributed it to the Chinese-speaking APT group tracked as MirrorFace. The experts tracked the campaign as Operation LiberalFace, it aimed at Japanese political entities, especially the members of […]
Pierluigi Paganini
December 15, 2022
The U.S. Department of Justice (DoJ) seized forty-eight domains that offered DDoS-for-Hire Service Platforms to crooks. The U.S. Department of Justice (DoJ) this week announced the seizure of 48 domains associated with the DDoS-for-Hire Service platforms (aka Booter services) used by threat actors. Below is the list of domains seized by the FBI: The authorities […]
Pierluigi Paganini
December 14, 2022
Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates addressed 52 vulnerabilities in Microsoft Windows and Windows Components; Azure; Office and Office Components; SysInternals; Microsoft Edge (Chromium-based); SharePoint Server; and the .NET framework. 12 of these vulnerabilities were submitted through the ZDI program. Six vulnerabilities […]
