Pierluigi Paganini
July 07, 2022
The development team behind the OpenSSL project fixed a high-severity bug in the library that could potentially lead to remote code execution. The maintainers of the OpenSSL project fixed a high-severity heap memory corruption issue, tracked as CVE-2022-2274, affecting the popular library. This bug makes the RSA implementation with 2048 bit private keys incorrect on such machines and triggers […]
Pierluigi Paganini
July 06, 2022
Hotel chain Marriott International suffered a new data breach, a threat actor has stolen 20GB from the company. Hotel chain Marriott International confirmed it has suffered a new data breach after a threat actor stole 20GB of files from one of its properties. The attacker compromised the network at the BWI Airport Marriott Maryland (BWIA), […]
Pierluigi Paganini
July 06, 2022
Threat actors are abusing legitimate adversary simulation software BRc4 in their campaigns to evade detection. Researchers from Palo Alto Networks Unit 42 discovered that a sample uploaded to the VirusTotal database on May 19, 2022 and considered benign by almost all the antivirus, was containing a payload associated with Brute Ratel C4 (BRc4), a new red-teaming and […]
Pierluigi Paganini
July 06, 2022
Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn. “The upgrades in the latest variant are effectively […]
Pierluigi Paganini
July 05, 2022
The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks. The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks. The crooks created more than 400 phishing sites for obtaining the banking data of […]
Pierluigi Paganini
July 05, 2022
Threat actors compromised the Twitter and YouTube accounts of the British Army to promote online crypto scams. The Twitter and YouTube accounts of the British Army were used to promote NFT and other crypto scams. The YouTube account was used to transmit an older Elon Musk clip that attempts to trick users into visiting cryptocurrency scam […]
Pierluigi Paganini
July 05, 2022
AstraLocker ransomware operators told BleepingComputer they’re shutting down their operations and are releasing decryptors. AstraLocker ransomware operators told BleepingComputer they’re shutting down the operation and provided decryptors to the VirusTotal malware analysis platform. AstraLocker is based on the source code of the Babuk Locker (Babyk) ransomware that was leaked online on June 2021. BleepingComputer tested the […]
Pierluigi Paganini
July 04, 2022
The development team behind the Django Project has addressed a high-severity SQL Injection flaw in its framework. Django is a free and open-source, Python-based web framework that follows the model–template–views (MTV) architectural pattern. Django is maintained by the independent organization Django Software Foundation. The latest releases of the framework, Django 4.0.6 and 3.2.14, addressed a high-severity SQL […]
Pierluigi Paganini
July 04, 2022
Bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted to claim additional bounties The vulnerability coordination and bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted by white-hat hackers to claim additional bounties. The investigation started on June 22nd, 2022, when a customer asked the […]
Pierluigi Paganini
July 04, 2022
The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is supported by a […]
APT / February 05, 2026
