MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

search

Date range
Filters

17526 results

Pierluigi Paganini October 30, 2018
The author of the Mirai botnet gets six months of house arrest

Paras Jha (22), the author of the Mirai botnet has been sentenced to six months of house arrest and ordered to pay $8.6 million in compensation for DDoS attacks against the systems of Rutgers University. A New Jersey court sentenced the author of the Mirai botnet, Paras Jha, 22, of Fanwood, after pleading guilty to violating […]

Pierluigi Paganini October 30, 2018
Recently discovered DemonBot Botnet targets Hadoop servers

Security experts from Radware have spotted a new botnet dubbed DemonBot that it targeting Hadoop clusters to launch DDoS attacks against third parties. Operators behind the DemonBot botnet target an unauthenticated remote command execution in Hadoop YARN (Yet Another Resource Negotiator). DemonBot bot only infects central servers, at the time of the report experts found over 70 active exploit servers […]

Pierluigi Paganini October 29, 2018
IBM buys Red Hat for $34 Billion, it is largest software transaction in history

IBM announced it is going to buy the open source company Red Hat for $34bn with the intent to enhance its cloud offerings. This is the biggest tech merger in history involving a software company. Red Hat was founded in 1993, it currently operates in 35 countries and employs some 12,000 people. The company achieved a net profit of […]

Pierluigi Paganini October 29, 2018
Systemd flaw could cause the crash or hijack of vulnerable Linux machines

Systemd is affected by a security vulnerability that can be exploited to crash a vulnerable Linux machine, and in the worst case to execute malicious code. An attacker can trigger the vulnerability using maliciously crafted DHCPv6 packets and modifying portions of memory of the vulnerable systems, potentially causing remote code execution. The flaw, tracked as CVE-2018-15688, […]

Pierluigi Paganini October 29, 2018
Crooks continue to abuse exposed Docker APIs for Cryptojacking

Cybercriminals continue to abuse unprotected Docker APIs to create new containers used for cryptojacking, Trend Micro warns. Crooks continue to abuse unprotected Docker APIs to create new containers used for cryptojacking. Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. A container is […]

Pierluigi Paganini October 28, 2018
Security Affairs newsletter Round 186 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      DarkPulsar and other NSA hacking tools used […]

Pierluigi Paganini October 28, 2018
How to deliver malware using weaponized Microsoft Office docs embedding YouTube video

Researchers at Cymulate security firm devised a new stealthy technique to deliver malware leveraging videos embedded into weaponized Microsoft Office Documents. The technique could be used to execute JavaScript code when a user clicks on a weaponized YouTube video thumbnail embedded in a Weaponized Office document. Experts pointed out that no message is displayed by […]

Pierluigi Paganini October 28, 2018
The Belgacom hack was the work of the UK GCHQ intelligence agency

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT  infrastructure had suffered a malware-based attack. Here we are again to speak about this incident after […]

Pierluigi Paganini October 27, 2018
Apple and Samsung fined millions for “planned obsolescence” of old smartphones

Italian Competition Authority AGCM fined Apple and Samsung a 5 million Euros and 10 million Euros for “planned obsolescence” of their mobile devices. After a long investigation conducted by the Italian Competition Authority AGCM, the agency has fined Apple and Samsung a 5 million Euros ($5.8 Million) and 10 million Euros ($11.5 Million) for “planned obsolescence” of their mobile devices. According to […]

Pierluigi Paganini October 27, 2018
A few dollars to bring down sites with new Bushido-based DDoS-for-hire service

Security researchers at FortiGuard Labs have discovered a new DDoS-for-hire service called “0x-booter” built with leaked code that implements an easy to use interface. “0x-booter” first appeared on October 17, 2018,  a post published on Facebook advertises over 500 Gbps of power and 20,000 bots. “During our regular monitoring, the FortiGuard Labs team recently discovered a new platform […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025