Uncategorized

Pierluigi Paganini July 07, 2024
Alabama State Department of Education suffered a data breach following a blocked attack

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped. Superintendent Eric Mackey, who disclosed the attack, […]

Pierluigi Paganini May 23, 2024
A consumer-grade spyware app found in check-in systems of 3 US hotels

A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported. Parents often use the app to monitor […]

Pierluigi Paganini April 29, 2024
Multiple Brocade SANnav SAN Management SW flaws allow device compromise

Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances. Multiple vulnerabilities found in the Brocade SANnav storage area network (SAN) management application could potentially compromise affected appliances. The following vulnerabilities, discovered by the security researcher Pierre Barre, impact all versions up to 2.3.0 (included): The most severe […]

Pierluigi Paganini April 10, 2024
Cybersecurity in the Evolving Threat Landscape

As technology evolves and our dependence on digital systems increases, the cybersecurity threat landscape also rapidly changes, posing fresh challenges for organizations striving to protect their assets and data. The battle between cybersecurity defenders and malicious actors rages on in the vast digital expanse of today’s interconnected world. As technology advances and our reliance on […]

Pierluigi Paganini March 18, 2024
The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats

Resecurity reported about the increasing wave of cyber incidents targeting the aerospace and aviation sectors. The experts emphasized the importance of rigorous cybersecurity risk assessments for airports and proactive threat intelligence in the context of the activity of major ransomware groups and advanced threat actors. As geopolitical tensions rise globally, there’s a heightened risk of […]

Pierluigi Paganini October 13, 2023
FBI and CISA published a new advisory on AvosLocker ransomware

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) published by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) provides known IOCs, TTPs, and detection methods associated with the AvosLocker ransomware variant employed […]

Pierluigi Paganini April 20, 2023
Multinational ICICI Bank leaks passports and credit card numbers

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national […]

Pierluigi Paganini January 01, 2023
Security Affairs newsletter Round 400 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Personal health information of 42M Americans leaked between 2016 and 2021 Malvertising campaign MasquerAds abuses Google […]

Pierluigi Paganini November 01, 2022
Experts warn of critical RCE in ConnectWise Server Backup Solution

ConnectWise has addressed a critical remote code execution vulnerability impacting Recover and R1Soft Server Backup Manager (SBM). According to the advisory published by ConnectWise, the vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component. An attacker can exploit the vulnerability to execute remote code or directly access confidential data. […]

Pierluigi Paganini September 28, 2022
Threat actors use Quantum Builder to deliver Agent Tesla malware

The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. “Quantum Builder (aka “Quantum Lnk Builder”) is used to create malicious shortcut […]