Pierluigi Paganini
October 21, 2022
A new variant of the popular Ursnif malware is used as a backdoor to deliver next-stage payloads and steal sensitive data. Mandiant researchers warn of a significant shift from Ursnif‘s original purpose, the malware initially used in banking frauds is now used to deliver next-stage payloads and steal sensitive data. The new variant, first observed […]
Pierluigi Paganini
October 20, 2022
Cybersecurity researchers warn of a new PowerShell backdoor that disguises itself as part of the Windows update process to avoid detection. Cybersecurity researchers from SafeBreach a warning of a new PowerShell backdoor masqueraded as a Windows update process to avoid detection. The backdoor spreads via weaponized Word documents (âApply Form.docm.â) posing as a LinkedIn-based job […]
Pierluigi Paganini
October 20, 2022
Microsoft disclosed a data leak, sensitive data of some of its customers were exposed by a misconfigured Microsoft server accessible online. Microsoft announced that sensitive data belonging to some of its customers were exposed on the Internet due to a misconfigured Microsoft server. The data leak was discovered by the security threat intelligence firm SOCRadar […]
Pierluigi Paganini
October 20, 2022
While the Russian army is conducting coordinated missile and drone strikes in Ukraine experts observed Internet disruptions in the country. Starting on the morning of Monday, October 10, the Russian army is targeting several cities in Ukraine with coordinated missile and drone strikes. The escalation is a retaliation for the bombing of a bridge connecting […]
Pierluigi Paganini
October 20, 2022
The Federal Police of Brazil arrested an individual who is suspected of being a member of the notorious LAPSUS$ extortionist group. The Federal Police of Brazil yesterday announced the arrest of an individual suspected of being linked to the LAPSUS$ extortionist gang. The authorities did not disclose info about the individual, it seems that the […]
Pierluigi Paganini
October 19, 2022
Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote code execution vulnerability, tracked as CVE-2022-42889, in the open-source Apache Commons Text library. Apache Commons Text is a library focused on algorithms working on strings. The vulnerability, dubbed “Text4Shell,” is an unsafe script evaluation issue […]
Pierluigi Paganini
October 19, 2022
Cybersecurity researchers published technical details about a now-patched FabriXss flaw that impacts Azure Fabric Explorer. Orca Security researchers have released technical details about a now-patched FabriXss vulnerability, tracked as CVE-2022-35829 (CVSS 6.2), that impacts Azure Fabric Explorer. An attacker can exploit the vulnerability to gain administrator privileges on the cluster. In order to exploit this flaw, an […]
Pierluigi Paganini
October 19, 2022
A bug in the message encryption mechanism used by Microsoft in Office 365 can allow to access the contents of the messages. Researchers at the cybersecurity firm WithSecure discovered a bug in the message encryption mechanism used by Microsoft in Office 365 that can allow to access message contents due. The experts pointed out that Microsoft Office […]
Pierluigi Paganini
October 18, 2022
An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal cars. The French authorities in cooperation with their Spanish and Latvian peers, and with the support of Europol and Eurojust, have dismantled a cybercrime organization specializing in the theft of cars by hacking key fobs. […]
Pierluigi Paganini
October 18, 2022
China-linked threat actors APT41 (a.k.a. Winnti) targeted organizations in Hong Kong, in some cases remaining undetected for a year. Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41, Axiom, Barium, Blackfly) is a cyberespionage […]
Security / November 14, 2025
Security / November 14, 2025
