Pierluigi Paganini
March 26, 2022
The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security. The Federal Communications Commission (FCC) added multiple Kaspersky products and services to its Covered List saying that they pose unacceptable risks to U.S. national security. “The Federal Communications Commission’s Public Safety and Homeland Security Bureau […]
Pierluigi Paganini
March 25, 2022
Google addresses an actively exploited zero-day flaw with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google fixed an actively exploited high-severity zero-day vulnerability with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug, tracked […]
Pierluigi Paganini
March 24, 2022
VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform. VMware released this week, software updates to address two critical security vulnerabilities, CVE-2022-22951 and CVE-2022-22952 (both received a CVSS score of 10), affecting its Carbon Black App Control platform that could be exploited by a threat actor to execute arbitrary […]
Pierluigi Paganini
March 23, 2022
The FBI is warning of risks related to cyber attacks aimed at energy companies of Russia-linked threat actors. The FBI is warning energy companies of the risks of cyber attacks carried out by Russia-linked threat actors, reported The Associated Press. The Associated Press has access to a security advisory issued by the FBI that reports […]
Pierluigi Paganini
March 22, 2022
Three critical RCE flaws affect hundreds of HP LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. HP issued a security bulletin warning of a buffer overflow vulnerability, tracked as CVE-2022-3942 (CVSS score 8.4), that could lead to remote code execution on vulnerable devices. “Certain HP Print products and Digital Sending products may […]
Pierluigi Paganini
March 22, 2022
The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […]
Pierluigi Paganini
March 21, 2022
Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Over the last months, the gang compromised other prominent companies such as NVIDIA, Samsung, Ubisoft, Mercado […]
Pierluigi Paganini
March 19, 2022
Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation. Initial access brokers play an essential role in the cybercrime ecosystem, they provide access to previously […]
Pierluigi Paganini
March 18, 2022
Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945). The China-linked hacking group has been active since at least 2016, according […]
Pierluigi Paganini
March 18, 2022
TIM Red Team Research (RTR) researchers discovered a new flaw on Ericsson Network Manager, aka Ericsson flagship network product. TIM Red Team Research (RTR) team discovered a new vulnerability affecting Ericsson Network Manager, which is known as Ericsson flagship network product. Ericsson Network Manager and network OSS As mentioned, we’re talking about an Ericsson flagship […]
