MUST READ

New supply chain attack hits npm registry, compromising 40+ packages

 | 

Cybercrime group accessed Google Law Enforcement Request System (LERS)

 | 

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

 | 

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

 | 

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

 | 

Fairmont Federal Credit Union 2023 data breach impacted 187K people

 | 

UK ICO finds students behind majority of school data breaches

 | 

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 62

 | 

Security Affairs newsletter Round 541 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ShinyHunters Attack National Credit Information Center of Vietnam

 | 

FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups

 | 

HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya

 | 

Cisco fixes high-severity IOS XR flaws enabling image bypass and DoS

 | 

Samsung fixed actively exploited zero-day

 | 

UK train operator LNER (London North Eastern Railway) discloses a data breach

 | 

U.S. CISA adds Dassault Systèmes DELMIA Apriso flaw to its Known Exploited Vulnerabilities catalog

 | 

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

 | 

Google fixes critical Chrome flaw, researcher earns $43K

 | 

Kosovo man pleads guilty to running online criminal marketplace BlackDB

 | 

search

Date range
Filters

17489 results

Pierluigi Paganini April 17, 2018
UK GCHQ spy agency warns telcos of the risks of using ZTE equipment and services

The UK GCHQ intelligence agency warns UK telcos firms of the risks of using ZTE equipment and services for their infrastructure. The alert was issued by the National Cyber Security Centre that said the Chinese firm “would present risk to UK national security that could not be mitigated effectively or practicably”. Let’s remind that the ZTE […]

Pierluigi Paganini April 16, 2018
Massive Ransomware attack cost City of Atlanta $2.7 million

According to Channel 2 Action News that investigated the incident, the ransomware attack on the City of Atlanta cost it at least $2.7 million. In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta. The ransomware infection has caused the interruption of several city’s online services, including “various internal […]

Pierluigi Paganini April 16, 2018
Talos experts found many high severity flaws in Moxa EDR-810 industrial routers

Security experts at Cisco’s Talos group have discovered a total of 17 vulnerabilities in Moxa EDR-810 industrial routers manufactured by Moxa. The Moxa EDR-810 is an integrated industrial multiport router that implements firewall, NAT, VPN and managed Layer 2 switch capabilities. These devices are used in industrial environments to protect systems such as PLC and SCADA systems […]

Pierluigi Paganini April 16, 2018
Bitcoin web wallet addresses generated with a flawed library are exposed to brute-force attacks

Multiple vulnerabilities in the SecureRandom() function expose Bitcoin web wallet addresses generated by the flawed library to brute-force attacks. Old Bitcoin web wallet addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic vulnerability that could be exploited b attackers to steal funds. According to the experts, the popular  […]

Pierluigi Paganini April 16, 2018
Attackers exfiltrated a casino’s high-roller list through a connected fish tank

Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby fish tank. Internet of things devices are enlarging our attack surface, smart devices are increasingly targeted by hackers in the wild. The case we are going to discuss demonstrate […]

Pierluigi Paganini April 15, 2018
Microsoft engineer charged with money laundering linked to Reveton ransomware

The Microsoft network engineer Raymond Uadiale (41)  is facing federal charges in Florida for the alleged involvement in Reveton Ransomware case. The man is suspected to have had a role in helping launder money obtained from victims of the Reventon ransomware. Uadiale currently works at Microsoft site in Seattle since 2014, according to Florida police between October […]

Pierluigi Paganini April 15, 2018
UK GCHQ director confirmed major cyberattack on Islamic State

GCHQ director Jeremy Fleming announced this week that the U.K. has launched a major cyberattack on the Islamic State (IS) terrorist organization. According to the spy chief, the GCHQ the attack was launched in collaboration with the U.K. Ministry of Defence and has distributed operations of the Islamic State. The UK intelligence believes this is the first […]

Pierluigi Paganini April 15, 2018
Security Affairs newsletter Round 158 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·      ATMJackpot, a new strain of ATM Malware discovered by experts ·      Auth0 authentication […]

Pierluigi Paganini April 15, 2018
TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak

TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak, 46000 people’s data store on an AWS bucked were left on accessible online, including driving licenses and passports. Let’s speak about a new data breach, this time the victim is TrueMove H, the biggest 4G mobile operator in Thailand. The operator exposed online […]

Pierluigi Paganini April 14, 2018
Malware researcher have dismantled the EITest Network composed of 52,000

Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it. Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS). The network was used to redirect users to compromised domains hosting exploit kits, delivering […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

New supply chain attack hits npm registry, compromising 40+ packages

Malware / September 16, 2025

Cybercrime group accessed Google Law Enforcement Request System (LERS)

Security / September 16, 2025

China-linked Mustang Panda deploys advanced SnakeDisk USB worm

APT / September 16, 2025

Insider breach at FinWise Bank exposes data of 689,000 AFF customers

Data Breach / September 16, 2025

Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records

Cyber Crime / September 15, 2025