hacking news

Pierluigi Paganini July 17, 2023
Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

The admins of the darkweb Genesis Market announced the sale of their platform to a threat actor that will restart operations next month. In April, the FBI seized the Genesis Market, a black marketplace for stolen credentials that was launched in 2017. Genesis Market was an invite-only marketplace, but it was not complex to find invite […]

Pierluigi Paganini July 17, 2023
Cisco fixed a critical flaw in SD-WAN vManage

Cisco warns of a critical unauthenticated REST API access vulnerability, tracked as CVE-2023-20214, impacting its SD-WAN vManage. Cisco addressed a critical unauthenticated REST API access vulnerability, tracked as CVE-2023-20214 (CVSS Score 9.1), impacting its SD-WAN vManage. An unauthenticated, remote attacker can exploit the vulnerability to gain read permissions or limited write permissions to the configuration […]

Pierluigi Paganini July 17, 2023
Pompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornography

The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges. The owner of the BreachForums Conor Brian Fitzpatrick agrees to plead guilty to a three-count criminal information charging the defendant with conspiracy to commit access device fraud, solicitation for the purpose of offering access devices, and possession of child pornography. […]

Pierluigi Paganini July 15, 2023
Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial […]

Pierluigi Paganini July 14, 2023
The source code of the BlackLotus UEFI Bootkit was leaked on GitHub

The source code for the BlackLotus UEFI bootkit has been published on GitHub and experts warn of the risks of proliferation of custom versions. Researchers from ESET discovered in March a new stealthy Unified Extensible Firmware Interface (UEFI) bootkit, named BlackLotus, that is able to bypass Secure Boot on Windows 11. Secure Boot is a security feature of the […]

Pierluigi Paganini July 14, 2023
US CISA warns of Rockwell Automation ControlLogix flaws

The U.S. CISA warns of two flaws impacting Rockwell Automation ControlLogix that can lead to remote code execution and DoS attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of two vulnerabilities affecting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models that could be exploited to achieve remote code execution and trigger a […]

Pierluigi Paganini July 14, 2023
Indexing Over 15 Million WordPress Websites with PWNPress

Sicuranex’s PWNPress platform indexed over 15 million WordPress websites, it collects data related to vulnerabilities and misconfigurations Leveraging the extensive Common Crawl dataset and pushing the boundaries of data analysis, cybersecurity firm Sicuranex successfully indexed over 15 million WordPress websites using the PWNPress service. This endeavor involved parsing the entire Web Archive Text (WAT) database, a […]

Pierluigi Paganini July 14, 2023
New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

A new malware dubbed AVrecon targets small office/home office (SOHO) routers, it infected over 70,000 devices from 20 countries. Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. The malware was spotted the first time in May 2021, but has been operating under the radar for […]

Pierluigi Paganini July 13, 2023
Apple re-released Rapid Security Response to fix recently disclosed zero-day

Apple re-released its Rapid Security Response updates for iOS and macOS after fixing browsing issues on certain websites caused by the first RSR. Apple has re-released its Rapid Security Response updates to address the CVE-2023-37450 flaw in iOS and macOS after fixing browsing issues on certain websites caused by the first RSR issued by the […]

Pierluigi Paganini July 13, 2023
Zimbra urges customers to manually fix actively exploited zero-day reported by Google TAG

Zimbra has released updates to address a zero-day vulnerability actively exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Zimbra urges customers to manually install updates to fix a zero-day vulnerability that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers. Zimbra Collaboration Suite is a comprehensive open-source messaging and […]