Pierluigi Paganini
October 28, 2021
Microsoft finds a flaw in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP). Microsoft discovered a vulnerability in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP) and perform malicious activities, such as gaining root privileges and installing rootkits on vulnerable devices. System Integrity Protection (also referred to […]
Pierluigi Paganini
October 28, 2021
A vulnerability in the popular the OptinMonster plugin allows unauthorized API access and sensitive information disclosure. A high-severity vulnerability (CVE-2021-39341) in The OptinMonster plugin can allow unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. The flaw was discovered by Wordfence researcher Chloe Chamberland on September 28, 2021, and the development […]
Pierluigi Paganini
October 28, 2021
ESET researchers discovered a previously undescribed loader for Windows binaries, tracked as Wslink, that runs as a server and executes modules in memory. ESET researchers discovered Wslink, a previously undescribed loader for Windows binaries that, unlike similar loaders, runs as a server and executes modules in memory. The name Wslink comes from one of its […]
Pierluigi Paganini
October 28, 2021
AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu, with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e. Amazon Appstore and the Samsung Galaxy Store). The malware […]
Pierluigi Paganini
October 28, 2021
German authorities have identified a Russian man named Nikolay K. who is suspected to be a prominent member of the REvil ransomware gang. REvil ransomware gang is one of the most successful ransomware operations, the group and its affiliated hit hundreds of organizations worldwide. On July 2, the gang hit the Kaseya cloud-based MSP platform impacting MSPs and their […]
Pierluigi Paganini
October 28, 2021
Threat actors have stolen $130 million worth of cryptocurrency assets from the Cream Finance decentralized finance (DeFi) platform. C.R.E.A.M. Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial services. It promises earnings to users who are passively holding ETH or wBTC. Threat actors have stolen $130 million worth of cryptocurrency […]
Pierluigi Paganini
October 27, 2021
Security firm Avast released today decryptors for AtomSilo and LockFile ransomware that allow victims to recover their files for free. Cyber security firm Avast has released today decryption utilities for AtomSilo and LockFile ransomware that allow the victims to recover their files for free. Experts pointed out that AtomSilo and LockFile ransomware only have a […]
Pierluigi Paganini
October 27, 2021
Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their leak site. Grief ransomware operators announced to have hacked US National Rifle Association (NRA) and threaten to leak the stolen data. The NRA was added to the list of compromised organizations on the leak site […]
Pierluigi Paganini
October 27, 2021
Researchers from cybersecurity firm Avast released a decryption tool for Babuk ransomware that allows victims to recover their files for free. Cybersecurity firm Avast has released a decryption tool for Babuk ransomware that allows victims to recover their files for free. The decryptor was created using the leaked source code and decryption keys. Babuk is […]
Pierluigi Paganini
October 27, 2021
North Korea-linked Lazarus APT group is extending its operations and started targeting the IT supply chain on new targets. North Korea-linked Lazarus APT group is now targeting also IT supply chain, researchers from Kaspersky Lab warns. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. […]
Hacking / November 06, 2025
