1193 results
Pierluigi Paganini
October 04, 2022
North Korea-linked Lazarus APT has been spotted deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver. The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by relying on exploit in a Dell firmware driver dbutil_2_3.sys, ESET researchers warn. The discovery was made by ESET researchers while […]
Pierluigi Paganini
September 13, 2022
A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting government and state-owned organizations in multiple Asian countries as parts of a cyber espionage campaign that remained under the radar since early 2021. “A distinct group of espionage attackers who were formerly associated with the […]
Pierluigi Paganini
September 10, 2022
China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks researchers reported that China-linked APT group BRONZE PRESIDENT conducted a new campaign aimed at government officials in Europe, the Middle East, and South America with the PlugX malware. Attacks part of this campaign were spotted […]
Pierluigi Paganini
September 03, 2022
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Google rolled out emergency fixes to address actively exploited Chrome zero-day Samsung discloses a second data […]
Pierluigi Paganini
August 10, 2022
70% of Large enterprises that previously addressed the Log4j flaw are still struggling to patch Log4j-vulnerable assets. INTRODUCTION In December 2021 security teams scrambled to find Log4j-vulnerable assets and patch them. Eight months later many Global 2000 firms are still fighting to mitigate the digital assets and business risks associated with Log4j. The ease of […]
Pierluigi Paganini
August 05, 2022
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch reported that a threat actor, tracked as TAC-040, has likely exploited the CVE-2022-26134 flaw in Atlassian Confluence servers to deploy a previously undetected backdoor dubbed Ljl Backdoor. The attackers exploited the flaw in an attack […]
Pierluigi Paganini
August 01, 2022
The ALPHV/BlackCat ransomware gang claims to have breached the European gas pipeline Creos Luxembourg S.A. The ALPHV/BlackCat ransomware gang claims to have hacked the European gas pipeline Creos Luxembourg S.A. Creos Luxembourg S.A. owns and manages electricity networks and natural gas pipelines in the Grand Duchy of Luxembourg. In this capacity, the company plans, constructs […]
Pierluigi Paganini
July 28, 2022
Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. The […]
Pierluigi Paganini
July 21, 2022
Threat actors targeted a large software development company in Ukraine using the GoMet backdoor. Researchers from Cisco Talos discovered an uncommon piece of malware that was employed in an attack against a large Ukrainian software development company. The software development company produces software that is used by various state organizations in Ukraine. Researchers believe that […]
Pierluigi Paganini
July 18, 2022
Cybercriminals released a new MLNK Builder 4.2 tool for malicious shortcuts (LNK) generation with an improved Powershell and VBS Obfuscator Resecurity, Inc. (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, has detected an update of one of the most popular tools used by cybercriminals to generate malicious LNK files, so frequently used for […]
