Pierluigi Paganini
August 31, 2021
Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang started its operations last month, recently it was spotted targeting Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the […]
Pierluigi Paganini
August 30, 2021
Who is behind the massive and prolonged Distributed Denial of Service (DDoS) attack that hit the Philippine human rights alliance Karapatan? The 25 days long DDoS attack against the website of Karapatan was launched by almost 30.000 IP addresses, whereas one third of the addresses originated from devices that there were not running âOpen Proxiesâ or âTor exitsâ. […]
Pierluigi Paganini
August 28, 2021
Boffins from the Swiss ETH Zurich university demonstrated PIN bypass attack on contactless cards from Mastercard and Maestro. A group of researchers from the Swiss ETH Zurich university has discovered a vulnerability that allowed them to bypass PIN codes on contactless cards from Mastercard and Maestro. Technically the researchers performed a Man-in-the-Middle (MitM) attack between […]
Pierluigi Paganini
August 27, 2021
Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical flaw affecting a video surveillance product made by Annke, a popular manufacturer of surveillance systems and solutions. The vulnerability, tracked as […]
Pierluigi Paganini
August 27, 2021
Researchers disclosed five vulnerabilities in B. Braun ‘s Infusomat Space Large Volume Pump and SpaceStation that could be remotely hacked. Cybersecurity researchers from McAfee disclosed five vulnerabilities in B. Braun’s Infusomat Space Large Volume Pump and SpaceStation that could be exploited by threat actors to alter medication doses. The flawed devices are uses in both […]
Pierluigi Paganini
August 26, 2021
VMware released security patches to address multiple vulnerabilities in vRealize Operations, including four high severity flaws. VMware addressed multiple vulnerabilities in vRealize Operations, including four high severity flaws. The most severe flaw, tracked as CVE-2021-22025 (CVSS score of 8.6), is a broken access control vulnerability in the vRealize Operations Manager API. An attacker could exploit […]
Pierluigi Paganini
August 23, 2021
Health organization Memorial Health System was hit by a disruptive cyber attack that forced it to cancel surgeries and divert patients last week. The Memorial Health System announced that was hit by a disruptive cyber attack that forced it to suspend some of its operations. The organization operates the Marietta Memorial Hospital, the Selby General […]
Pierluigi Paganini
August 19, 2021
North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. Experts from cybersecurity firm Volexity reported that North Korea-linked InkySquid group (aka ScarCruft, APT37, Group123, and Reaper) leverages two Internet Explorer exploits to deliver a custom backdoor in watering hole attacks aimed at the […]
Pierluigi Paganini
August 17, 2021
Fortinet addresses a command injection vulnerability that can allow attackers to take complete control of servers running vulnerable FortiWeb WAF installs. An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that […]
Pierluigi Paganini
August 15, 2021
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Four years after its takedown, AlphaBay marketplace revamped Classified documents from Lithuanian Ministry of Foreign Affairs are […]
Data Breach / November 27, 2025
