Pierluigi Paganini
December 11, 2024
Resecurity uncovered a large-scale fraud campaign in the UAE where scammers impersonate law enforcement to target consumers. Resecurity has identified a wide-scale fraudulent campaign targeting consumers in the UAE by impersonating law enforcement. Victims are asked to pay non-existent fines online (traffic tickets, parking violations, driving license renewals) following multiple phone calls made on behalf […]
Pierluigi Paganini
December 10, 2024
Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. Romanian energy supplier Electrica Group suffered a cyber attack that is impacting its operations. The company assured investors that the attack hadn’t affected its critical systems, but temporary disruptions in customer services might occur due to enhanced security protocols. These measures […]
Pierluigi Paganini
December 09, 2024
Mandiant revealed a technique to bypass browser isolation using QR codes, enabling command transmission from C2 servers. Browser isolation is a security measure that separates web browsing from the user’s device by running the browser in a secure environment (e.g., cloud or VM) and streaming visuals. Mandiant has identified a new technique for bypassing browser […]
Pierluigi Paganini
December 09, 2024
Anna Jaques Hospital revealed that the ransomware attack it suffered last year has exposed sensitive health data for over 316,000 patients. On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients. Anna Jaques Hospital is a not-for-profit community healthcare […]
Pierluigi Paganini
December 08, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. RedLine info-stealer campaign targets Russian businesses through pirated corporate software 8Base ransomware group hacked Croatia’s Port of Rijeka […]
Pierluigi Paganini
December 08, 2024
An ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. Since January 2024, Russian businesses using unlicensed software have been targeted by an ongoing RedLine info-stealer campaign. Pirated software is distributed via Russian online forums, attackers disguise the malware as a tool to bypass licensing for business automation software. Threat actors target […]
Pierluigi Paganini
December 07, 2024
The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.), Croatia’s largest dry cargo concessionaire, provides maritime traffic services, port operations, […]
Pierluigi Paganini
December 06, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CyberPanel flaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog. The getresetstatus vulnerability in CyberPanel (before commit 1c0c6cb) affects dns/views.py and ftp/views.py. Remote attackers could bypass authentication and execute […]
Pierluigi Paganini
December 05, 2024
Operation Destabilise: The U.K. National Crime Agency disrupted Russian money laundering networks tied to organized crime. The U.K. National Crime Agency (NCA) disrupted Russian money laundering networks linked to organized crime across the U.K., Middle East, Russia, and South America as part of an operation called “Operation Destabilise.” “An international NCA-led investigation – Operation Destabilise […]
Pierluigi Paganini
December 04, 2024
BT Group (formerly British Telecom)’s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. “We identified an attempt to compromise our BT Conferencing platform. This […]
