Pierluigi Paganini
November 04, 2021
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of 306 actively exploited vulnerabilities and has issued a binding operational directive ordering US federal agencies to address […]
Pierluigi Paganini
November 03, 2021
Google’s Android November 2021 security updates address a zero-day vulnerability in the Kernel that is actively exploited in the wild. Google’s Android November 2021 security updates addressed 18 vulnerabilities in the framework and system components and 18 issues in the kernel and vendor components. One of these issues, tracked as CVE-2021-1048, is a use-after-free (UAF) vulnerability […]
Pierluigi Paganini
November 02, 2021
The FBI warns of ransomware attacks on businesses involved in “time-sensitive financial events” such as corporate mergers and acquisitions. The Federal Bureau of Investigation (FBI) published a new private industry notification (PIN) to warn organizations of targeted ransomware attacks aimed at companies involved in “time-sensitive financial events” such as corporate mergers and acquisitions. Ransomware gangs target these […]
Pierluigi Paganini
November 01, 2021
The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). The U.S. Federal Bureau of Investigation (FBI) has sent out a flash alert warning private industry of a new feature of the HelloKitty ransomware gang (aka FiveHands). According to the alert, the ransomware gang is […]
Pierluigi Paganini
October 30, 2021
MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. The list was published with the intent of raising awareness of […]
Pierluigi Paganini
October 29, 2021
The US NSA and CISA published a security advisory to warn about threat actors compromising 5G networks via cloud infrastructure. The US National Security Agency and the US Cybersecurity Infrastructure and Security Agency have published a security advisory to warn of attacks on 5G networks through the hijacking of a provider’s cloud resources. The report […]
Pierluigi Paganini
October 29, 2021
Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to address two actively exploited zero-day vulnerabilities. Google has released Chrome 95.0.4638.69 for Windows, Mac, and Linux to address two zero-day vulnerabilities, tracked as CVE-2021-38000 and CVE-2021-38003, actively exploited in attacks in the wild. Google fixed a total of seven vulnerabilities with the latest release […]
Pierluigi Paganini
October 28, 2021
AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu, with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e. Amazon Appstore and the Samsung Galaxy Store). The malware […]
Pierluigi Paganini
October 27, 2021
I’m proud to announce the release of the 9th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2021 (ETL) report, which is the annual analysis on the state of the cybersecurity threat landscape. This edition reports events and analyses […]
Pierluigi Paganini
October 26, 2021
A researcher from the security firm CyberArk has managed to crack 70% of Tel Aviv’s Wifi Networks starting from a sample of 5,000 gathered WiFi. CyberArk security researcher Ido Hoorvitch demonstrated how it is possible to crack WiFi at scale by exploiting a vulnerability that allows retrieving a PMKID hash. Hoorvitch has managed to crack […]
