Pierluigi Paganini
May 10, 2022
Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting the critical remote code execution vulnerability, tracked as CVE-2022-1388, affecting F5 BIG-IP. Last week security and application delivery solutions provider F5 released its security notification to inform customers that it has released security updates from tens of vulnerabilities in its […]
Pierluigi Paganini
May 09, 2022
A few days after F5 addressed the critical CVE-2022-1388 Remote Code execution flaw in its BIG-IP products, researchers created exploits for it. Last week security and application delivery solutions provider F5 released its security notification to inform customers that it has released security updates from tens of vulnerabilities in its products. The company addressed a total of 43 […]
Pierluigi Paganini
May 08, 2022
The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply chain attacks. NIST has published the “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations” in response to the Executive Order […]
Pierluigi Paganini
May 08, 2022
The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The US Department of State offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the Conti ransomware gang. The reward is offered under the Department […]
Pierluigi Paganini
May 07, 2022
The U.S. Department of Treasury sanctioned cryptocurrency mixer Blender.io used by North Korea-linked Lazarus APT. The U.S. Department of Treasury sanctioned the cryptocurrency mixer Blender.io used by the North Korea-linked Lazarus APT to launder the funds stolen from Axie Infinity’s Ronin bridge. This is the first time ever, Treasury is sanctioning a virtual currency mixer. […]
Pierluigi Paganini
May 06, 2022
Experts investigate how stolen Facebook accounts are used as part of a well-established fraud industry inside Facebook. No eyebrows were raised in Quriums security operation center when the independent Philippine media outlet Bulatlat once again got DDoSed, as they are a frequent target of such digital attacks. However, when we noticed that the attack traffic came from […]
Pierluigi Paganini
May 06, 2022
QNAP addressed multiple vulnerabilities, including a critical remote execution flaw affecting the QVR video surveillance solution. QNAP has addressed multiple vulnerabilities, including a critical security issue, tracked as CVE-2022-27588 (CVSS score of 9.8), that could be exploited by a remote attacker to execute arbitrary commands on vulnerable QVR systems. QNAP QVR is a video surveillance […]
Pierluigi Paganini
May 05, 2022
Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw. Google has released the second part of the May Security Bulletin for Android, which includes a fix for an actively exploited Linux kernel vulnerability tracked as CVE-2021-22600. The CVE-2021-22600 is a privilege escalation issue that […]
Pierluigi Paganini
May 05, 2022
Cisco addresses three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could allow the compromise of the hosts. Cisco addressed three vulnerabilities, tracked as CVE-2022-20777, CVE-2022-20779, and CVE-2022-20780, affecting the Enterprise NFV Infrastructure Software (NFVIS) that could be exploited by attackers to take control over the hosts. “Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure […]
Pierluigi Paganini
May 05, 2022
Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne researcher Kasif Dekel discovered two high-severity security vulnerabilities, tracked as CVE-2022-26522 and CVE-2022-26523, that affect a driver used by Avast and AVG antivirus solutions. The bugs reside in the anti-rootkit kernel driver named aswArPot.sys which […]
APT / February 05, 2026
