Pierluigi Paganini
August 17, 2022
A China-linked APT group named RedAlpha is behind a long-running mass credential theft campaign aimed at organizations worldwide. Recorded Future researchers attributed a long-running mass credential theft campaign to a Chinese nation-state actor tracked RedAlpha. The campaign targeted global humanitarian, think tank, and government organizations. Experts believe RedAlpha is a group of contractors conducting cyber-espionage activity on behalf of […]
Pierluigi Paganini
August 17, 2022
Researchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development. Recently, researchers from ThreatFabric discovered a previously undetected Android dropper, dubbed BugDrop, which is under active development and was designed to bypass security features that will be implemented in the next release of the Google OS. The experts noticed something unusual in the […]
Pierluigi Paganini
August 17, 2022
Google addressed a dozen vulnerabilities in the Chrome browser, including the fifth Chrome zero-day flaw exploited this year. Google this week released security updates to address a dozen vulnerabilities in its Chrome browser for desktops including an actively exploited high-severity zero-day flaw in the wild. The actively exploited flaw, tracked as CVE-2022-2856, is an Insufficient validation […]
Pierluigi Paganini
August 17, 2022
The North Korea-linked Lazarus Group has been observed targeting job seekers with macOS malware working also on Intel and M1 chipsets. ESET researchers continue to monitor a cyberespionage campaign, tracked as “Operation In(ter)ception,” that has been active at least since June 2020. The campaign targets employees working in the aerospace and military sectors and leverages […]
Pierluigi Paganini
August 17, 2022
Researchers uncovered a new flaw, dubbed ĂPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. The ĂPIC Leak (CVE-2022-21233) is the first architecturally CPU bug that could lead to the disclosure of sensitive data and impacts most 10th, 11th and 12th generation Intel CPUs. ĂPIC Leak works on […]
Pierluigi Paganini
August 17, 2022
Zoom addressed two high-severity vulnerabilities in its macOS app that were disclosed at the DEF CON conference. Zoom last week released macOS updates to fix two high-severity flaws in its macOS app that were disclosed at the DEF CON conference. Technical details of the vulnerabilities were disclosed at the DEF CON conference by security researcher […]
Pierluigi Paganini
August 16, 2022
A cyber attack disrupted the IT operations of South Staffordshire Water, a company supplying drinking water to 1.6M consumers daily. South Staffordshire Water has issued a statement confirming the security breach, the company pointed out that the attack did not impact the safety and water distribution systems. South Staffordshire Water plc known as South Staffs […]
Pierluigi Paganini
August 16, 2022
Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns. The Computer Emergency Response Team of Ukraine (CERT-UA) confirmed the ongoing cyber espionage campaign. Symantec and TrendMicro first discovered the Gamaredon […]
Pierluigi Paganini
August 16, 2022
For about 1,900 users, Twilio hackers could have attempted to re-register their number to another device or learned that their number was registered to Signal. Communication company Twilio provides Signal with phone number verification services, and recent security breach it has suffered had also impacted some users of the popular instant-messaging app. Twilio hackers could […]
Pierluigi Paganini
August 15, 2022
Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. The Microsoft Threat Intelligence Center (MSTIC) has disrupted activity by SEABORGIUM (aka ColdRiver, TA446), a Russia-linked threat actor that is behind a persistent hacking campaign targeting people and organizations in NATO countries. SEABORGIUM has been active since at least 2017, […]
