Uncategorized

Pierluigi Paganini September 06, 2022
The Los Angeles Unified School District hit by a ransomware attack

One of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack during the weekend. The Los Angeles Unified School District is one of the largest school distinct in the US, it was hit by a ransomware attack during the Labor Day weekend. The security breach took place a few […]

Pierluigi Paganini March 01, 2022
China-linked APT used Daxin, one of the most sophisticated backdoor even seen

Daxin is the most advanced backdoor in the arsenal of China-linked threat actors designed to avoid the detection of sophisticated defense systems. ​Symantec researchers discovered a highly sophisticated backdoor, named Daxin, which is being used by China-linked threat actors to avoid advanced threat detection capabilities. The malicious code was likely designed for long-running espionage campaigns […]

Pierluigi Paganini January 28, 2022
Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits

Zero-day exploit broker Zerodium announced it will pay $400,000 for zero-day RCE in Microsoft Outlook email client. The zero-day exploit broker Zerodium has announced it will pay $400,000 for zero-day remote code execution (RCE) vulnerabilities in the Microsoft Outlook email client. The company pointed out that the increased payout for this specific vulnerability exploit is […]

Pierluigi Paganini December 06, 2021
330 SPAR stores close or switch to cash-only payments after a cyberattack

A cyber attack hit the international supermarket franchise SPAR forcing 330 shops in North East England to shut down. A cyberattack hit the international supermarket franchise SPAR impacting the operations at 330 shops in North East England. Many stores were forced to close or switch to cash-only payments after the attack. SPAR operates 13,320 stores […]

Pierluigi Paganini July 07, 2021
Microsoft rolled out emergency update for Windows PrintNightmare zero-day

Microsoft rolled out KB5004945 emergency update to address the actively exploited PrintNightmare zero-day vulnerability (CVE-2021-34527) in Print Spooler service. Microsoft has released the KB5004945 emergency security update to address the actively exploited CVE-2021-34527 zero-day vulnerability, aka PrintNightmare. “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An […]

Pierluigi Paganini June 23, 2021
The European Commission proposed to launch the new Joint Cyber Unit

The European Union Agency for Cybersecurity welcomes the European Commission proposal to launch the new Joint Cyber Unit. The European Commission proposed on Wednesday the creation of a new Joint Cyber Unit that aims at providing a coordinated response to large-scale cyber attacks and crises. The idea of establishing a Joint Cyber Unit (JCU) was […]

Pierluigi Paganini June 22, 2021
Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers. The ransomware uses OpenSSL’s […]

Pierluigi Paganini April 13, 2021
Microsoft fixes 2 critical Exchange Server flaws reported by the NSA

Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. Microsoft patch Tuesday security updates released today have addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some of these flaws were reported by the U.S. National Security Agency (NSA). All the […]

Pierluigi Paganini April 04, 2021
Clop Ransomware operators plunder US universities

Clop ransomware gang leaked online data stolen from Stanford Medicine, University of Maryland Baltimore, and the University of California. Clop ransomware operators have leaked the personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California.. Data were stolen by the ransomware gang by compromising the Accellion File […]

Pierluigi Paganini March 16, 2021
New Mirai variant appears in the threat landscape

Palo Alto researchers uncovered a series of ongoing attacks to spread a variant of the infamous Mirai bot exploiting multiple vulnerabilities. Security experts at Palo Alto Networks disclosed a series of attacks aimed at delivering a Mirai variant leveraging multiple vulnerabilities. Below the list of vulnerabilities exploited in the attacks, three of which were unknown issues: […]