Pierluigi Paganini
May 03, 2022
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of all versions of the uClibc-ng […]
Pierluigi Paganini
May 03, 2022
A new APT group, tracked as UNC3524, uses IP cameras to deploy backdoors and steal Microsoft Exchange emails. Mandiant researchers discovered a new APT group, tracked as UNC3524, that heavily targets the emails of employees that focus on corporate development, mergers and acquisitions, and large corporate transactions. Once gained initial access to the target systems, […]
Pierluigi Paganini
May 03, 2022
The Open Source Security Foundation (OpenSSF) is working on a tool to conduct a dynamic analysis of packages uploaded to popular open-source repositories. The Open Source Security Foundation (OpenSSF) announced the release of the first version of a new tool, dubbed Package Analysis, to perform dynamic analysis of the packages uploaded to popular open-source repositories. […]
Pierluigi Paganini
May 02, 2022
The car rental company Sixt announced it was hit by a cyberattack that is causing temporary business disruptions at customer care centers and selective branches. The car rental company Sixt detected IT anomalies on April 29th, 2022 and immediately activated the incident response procedures. Later, the company confirmed that it was hit by a cyber-attack […]
Pierluigi Paganini
May 02, 2022
The latest executive order from the Italian ACN agency recommends government agencies to replace Group IB solutions with alternatives as a diversification measure. The latest executive order from the Italian ACN agency advised to replace solutions from Group-IB, a Russian-led cybersecurity firm, on alternatives in the government sector, including 2 other companies – Kaspersky Labs […]
Pierluigi Paganini
May 02, 2022
IoT gizmos make our lives easier, but we forget that these doohickeys are IP endpoints that act as mini-radios. They continuously send and receive data via the internet and can be the easiest way for a hacker to access your home network. IoT devices can spy on people, steal data, or bring down vast swathes […]
Pierluigi Paganini
May 01, 2022
Synology warns customers that some of its NAS devices are affected by multiple critical Netatalk vulnerabilities. Synology has warned customers that multiple critical Netatalk vulnerabilities affect some of its network-attached storage (NAS) devices. Netatalk is a free, open-source implementation of the Apple Filing Protocol that allows Unix-like operating systems to serve as a file server for macOS computers. QNAP NAS devices support the AFP protocol to […]
Pierluigi Paganini
April 30, 2022
Researchers discovered flaws in the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. Microsoft addressed a couple of vulnerabilities impacting the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. The vulnerabilities were discovered by researchers at cloud […]
Pierluigi Paganini
April 28, 2022
Cloudflare has mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second (RPS). Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at 15.3 million request-per-second (RPS), which is one of the largest HTTPS DDoS attacks blocked by the company. The company blocked the attack earlier this month, the experts […]
Pierluigi Paganini
April 27, 2022
The U.S. government offers up to $10 million for info that allows to identify or locate six Russian GRU hackers who are members of the Sandworm APT group. The US Department of State is offering up to $10 million for info that allows to identify or locate six Russian GRU hackers who are members of […]
