Pierluigi Paganini
November 07, 2023
Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January. Iran-linked Agonizing Serpens group (aka Agrius, BlackShadow, Pink Sandstorm, DEV-0022) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks since January 2023. Palo Alto Networks’ s Unit 42 researchers reported that threat actors first attempt to steal sensitive […]
Pierluigi Paganini
November 06, 2023
Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server. Over the weekend threat actors started exploiting a recently disclosed vulnerability (CVE-2023-22518) in all versions of Atlassian Confluence Data Center and Confluence Server. Atlassian last week warned of the CVE-2023-22518 (CVSS score 9.1), the issue is an […]
Pierluigi Paganini
November 06, 2023
Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices. Taiwanese vendor QNAP Systems addressed two critical command injection vulnerabilities, tracked as CVE-2023-23368 and CVE-2023-23369, that impact the QTS operating system and applications on its network-attached storage (NAS) devices. The vulnerability CVE-2023-23368 (CVSS score […]
Pierluigi Paganini
November 06, 2023
Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host command-and-control (C2) infrastructure. Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it […]
Pierluigi Paganini
November 06, 2023
Threat actors infected more than 10,000 devices worldwide with the ‘PrivateLoader’ and ‘Amadey’ loaders to recruit them into the proxy botnet ‘Socks5Systemz.’ Bitsight researchers uncovered a proxy botnet delivered, tracked as Socks5Systemz, which was delivered by PrivateLoader and Amadey loaders. The name Socks5Systemz comes from the name of the unique login panel consistently present in […]
Pierluigi Paganini
November 05, 2023
The Treasury Department sanctioned a Russian woman accused of laundering virtual currency on behalf of cybercriminals. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Friday sanctioned Ekaterina Zhdanova, a Russian national, for her role in laundering and managing virtual currency on behalf of Russian elites, ransomware operators, and other threat actors. “Through […]
Pierluigi Paganini
November 05, 2023
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Kinsing threat actors probed the Looney Tunables flaws in recent attacks ZDI discloses four zero-day flaws […]
Pierluigi Paganini
November 05, 2023
North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs. “KandyKorn is an advanced implant with a variety of capabilities to monitor, interact with, and avoid detection. It utilizes […]
Pierluigi Paganini
November 03, 2023
Threat actors who breached the Okta customer support system also gained access to files belonging to 134 customers. Threat actors who breached the Okta customer support system in October gained access to files belonging to 134 customers, the company revealed. Some of the files accessed by the attackers are HAR files that contained session tokens. […]
Pierluigi Paganini
November 03, 2023
Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users. These modifications can serve various purposes, such as adding new features, customizing the app’s […]
