MUST READ

Google sues cybercriminal group Smishing Triad

 | 

New Danabot Windows version appears in the threat landscape after May disruption

 | 

Australia’s spy chief warns of China-linked threats to critical infrastructure

 | 

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

 | 

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

 | 

Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug

 | 

SAP fixed a maximum severity flaw in SQL Anywhere Monitor

 | 

Fantasy Hub: Russian-sold Android RAT boasts full device espionage as MaaS

 | 

North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors

 | 

U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

 | 

Critical Triofox bug exploited to run malicious payloads via AV configuration

 | 

GlassWorm malware has resurfaced on the Open VSX registry

 | 

Denmark and Norway investigate Yutong bus security flaw amid rising tech fears

 | 

Agentic AI in Cybersecurity: Beyond Triage to Strategic Threat Hunting

 | 

Nine NuGet packages disrupt DBs and industrial systems with time-delayed payloads

 | 

QNAP fixed multiple zero-days in its software demonstrated at Pwn2Own 2025

 | 

AI chat privacy at risk: Microsoft details Whisper Leak side-channel attack

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70

 | 

Security Affairs newsletter Round 549 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

China-linked hackers target U.S. non-profit in long-term espionage campaign

 | 

cyber espionage

Pierluigi Paganini December 09, 2014
Detected the first samples of Penquin Turla for Linux systems

Security experts at Kaspersky Lab have detected the first strain of Turla malware that was designed to infect Linux system and so called Penquin Turla. Security Experts at Kaspersky have discovered a new variant of Turla malware which was designed to hit Linux systems and for this reason, it was called the Penquin Turla. The investigation […]

Pierluigi Paganini December 03, 2014
Operation Cleaver – Iranian hackers target industries worldwide

Security firm Cylance revealed that Iranian hackers target airlines, energy, defense companies worldwide as part of the Operation Cleaver campaign. Security firm Cylance released a detailed report on the hacking Operation Cleaver that was run by state-sponsored hackers linked to the Iran. The Iranian hackers targeted critical infrastructure worldwide, ten of which are located in the United States. Experts at Cylance are cautions […]

Pierluigi Paganini December 01, 2014
Is it possible to attribute the backdoor Regin to the cybercrime?

The popular cyber security expert Raoul Chiesa commented the hypothesis that backdoor Regin is a product of organized cybercrime. Excerpt from a detailed analysis published on the Infosec Institute In this phase it is quite impossible to attribute precisely the development of the Regin malware to a specific category of threat actors. Until now we […]

Pierluigi Paganini November 26, 2014
APT3 Operation Double Tap is targeting recently disclosed Windows vulnerabilities

FireEye discovered that the Group of hackers dubbed APT3 that managed the Op Clandestine Fox is now running a new campaign dubbed Operation Double Tap. Researchers at FireEye have uncovered a new advanced persistent threat crew dubbed APT3, which is using exploits targeting recently disclosed vulnerabilities in Windows. The experts at FireEye believe that APT3 is the same […]

Pierluigi Paganini November 25, 2014
Regin backdoor used to compromise the GSM Networks

Security experts at Kaspersky Lab issued a detailed paper on the analysis of the backdoor Regin focusing on the attacker’s activity against the GSM networks. The day after the disclosure of the Regin Backdoor by Symantec, which provided the details the new sophisticated cyber espionage tool,the principal security firms published the results of their investigation. As […]

Pierluigi Paganini November 24, 2014
Regin – Highly advanced spying tool discovered by Symantec

Symantec has uncovered the backdoor Regin, a highly advanced spying tool used in cyber espionage campaigns against governments and infrastructure operators. Backdoor Regin, is the name assigned by the experts at Symantec to an advanced spying tool that has been used in cyber espionage campaigns against governments, infrastructure operators, private companies, researchers, and private individuals. Regin appears […]

Pierluigi Paganini November 23, 2014
Ecuadorean President Correa claims attacks on his private computers and accounts

Ecuadorean President Correa has publicly denounced the US Intelligence continuous cyber attacks against his private internet accounts and computers. Ecuadorean President Rafael Correa has publicly denounced the US Intelligence of “systematic, high-tech” cyber attacks on his private internet accounts and computers. The President Rafael Correa also revealed that the last attack occurred  on Thursday, November 20th, was […]

Pierluigi Paganini November 19, 2014
The US energy industry is constantly under cyber attacks

Data related to the number of incidents occurred to national infrastructure confirms that the US Government energy industry is constantly under attack. The US Government is aware that nation’s energy grid is constantly under attack by state-sponsored hackers and cyber criminals. Recently The Department of Homeland Security (DHS) revealed that Russian hackers have infiltrated several critical […]

Pierluigi Paganini November 19, 2014
Gh0st RAT used in targeted attacks against Tibetan activists

APT actors trying to use the G20 2014 summit as a lure to compromise Tibetan nongovernmental organizations (NGOs) with Gh0st RAT. Security experts at ESET uncovered a new series of cyber attacks that targeted Tibetan nongovernmental organizations (NGOs) concurrently with the G20 2014 summit in Brisbane, Australia. The experts discovered that APTs behind the attacks used a strain of the Gh0st RAT characterized […]

Pierluigi Paganini November 12, 2014
MS14-066 – A critical bug potentially affects all Windows versions. Patch it!

MS14-066 – A critical vulnerability affects all versions of Microsoft Windows systems, its exploitation could have catastrophic consequences. Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems, the flaw is particularly dangerous for users that servers that expose website. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Google sues cybercriminal group Smishing Triad

Cyber Crime / November 12, 2025

New Danabot Windows version appears in the threat landscape after May disruption

Malware / November 12, 2025

Australia’s spy chief warns of China-linked threats to critical infrastructure

Intelligence / November 12, 2025

Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025

Security / November 12, 2025

$7.3B crypto laundering: ‘Bitcoin Queen’ sentenced to 11 Years in UK

Cyber Crime / November 12, 2025