Pierluigi Paganini
April 17, 2022
GitHub reported that threat actors used stolen OAuth user tokens to exfiltrate private data from several organizations. GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. Threat actors abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, […]
Pierluigi Paganini
April 15, 2022
The Conti ransomware gang has claimed responsibility for the recent attack against Nordex, one of the largest manufacturers of wind turbines. The Conti ransomware gang claimed responsibility for the cyberattack that hit the manufacturer of wind turbines Nordex on March 31, 2022. Nordex Group shut down “IT systems across multiple locations and business units” as […]
Pierluigi Paganini
April 15, 2022
Cybersecurity experts would have you believe that your organization’s employees have a crucial role in bolstering or damaging your company’s security initiatives. While you may disagree, data breach studies show that employees and negligence are the most typical causes of security breaches, yet these prevalent issues are least discussed. According to a recent industry report […]
Pierluigi Paganini
April 15, 2022
The analysis of a recent sample SunnyDay ransomware revealed some similarities with other ransomware, such as Ever101, Medusa Locker, Curator, and Payment45. Segurança-Informatica published an analysis of a recent sample of SunnyDay ransomware. As a result of the work, some similarities between other ransomware samples such as Ever101, Medusa Locker, Curator, and Payment45 were found. […]
Pierluigi Paganini
April 14, 2022
The U.S. CISA added the CVE-2022-24521 Microsoft Windows CLFS Driver Privilege Escalation Vulnerability to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-24521 privilege escalation vulnerability in Microsoft Windows Common Log File System (CLFS) Driver. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB […]
Pierluigi Paganini
April 13, 2022
China-linked Hafnium APT group started using a new piece of new malware to gain persistence on compromised Windows systems. The China-backed Hafnium cyberespionage group is likely behind a piece of a new malware, dubbed Tarrask, that’s used to maintain persistence on compromised Windows systems, reported Microsoft Threat Intelligence Center (MSTIC) experts. HAFNIUM primarily targets entities […]
Pierluigi Paganini
April 13, 2022
According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. One of the officials targeted with the infamous spyware there is Didier Reynders, a senior Belgian statesman who has served as the European Justice Commissioner since 2019. The report did not attribute the […]
Pierluigi Paganini
April 12, 2022
Microsoft Partch Tuesday security updates for April 2022 fixed 128 vulnerabilities, including an actively exploited zero-day reported by NSA. Microsoft Partch Tuesday security updates for April 2022 fixed 128 vulnerabilities in multiple products, including Microsoft Windows and Windows Components, Microsoft Defender and Defender for Endpoint, Microsoft Dynamics, Microsoft Edge (Chromium-based), Exchange Server, Office and Office […]
Pierluigi Paganini
April 12, 2022
The U.S. CISA added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, […]
Pierluigi Paganini
April 11, 2022
The Anonymous collective has hacked Russia’s Ministry of Culture and leaked 446 GB of data through the DDoSecrets platform. Data leak service DDoSecrets has published over 700 GB of data allegedly stolen from the Russian government, including over 500,000 emails. The dump includes three datasets, the largest one is related to the Ministry of Culture […]
