hacking news

Pierluigi Paganini August 09, 2023
Balada Injector still at large – new domains discovered

The Balada Injector is still at large and still evading security software by utilizing new domain names and using new obfuscation. During a routine web monitoring operation, we discovered an address that led us down a rabbit hole of WordPress-orientated “hack waves” caused by the Balada Injector malware. This evidence suggests that the malware is […]

Pierluigi Paganini August 09, 2023
EvilProxy used in massive cloud account takeover scheme

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months. Most of the attacks targeted high-ranking executives. The researchers estimated […]

Pierluigi Paganini August 09, 2023
Downfall Intel CPU side-channel attack exposes sensitive data

Google researcher Daniel Moghimi devised a new side-channel attack technique, named Downfall, against Intel CPU. Google researcher Daniel Moghimi devised a new side-channel attack technique Intel CPU, named Downfall, that relies on a flaw tracked as CVE-2022-40982. An attacker can exploit this vulnerability to access and steal data from other users who share the same […]

Pierluigi Paganini August 09, 2023
LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems. The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. Varian Medical Systems, Inc. designs, manufactures, sells, and services medical devices and software products […]

Pierluigi Paganini August 08, 2023
43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off. Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off. The experts pointed out that this behavior […]

Pierluigi Paganini August 07, 2023
Zoom trains its AI model with some user data, without giving them an opt-out option

Zoom changed its terms of service requiring users to allow AI to train on all their data without giving them an opt-out option. Zoom updated its terms of service and informed users that it will train its artificial intelligence models using some of its data. The update will be effective as of July 27, and accepting […]

Pierluigi Paganini August 07, 2023
North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya. Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military […]

Pierluigi Paganini August 07, 2023
A new sophisticated SkidMap variant targets unsecured Redis servers

A new campaign targets Redis servers, this time the malware employed in the attacks is a new variant of the SkidMap malware. Skidmap is a piece of crypto-miner detected by Trend Micro in September 2019 while it was targeting Linux machines. The malicious code used kernel-mode rootkits to evade detection, it differs from similar miners because […]

Pierluigi Paganini August 07, 2023
The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Senior official reports a quadruple increase in ransomware attacks against Finland since it started the process to join NATO. The number of ransomware attacks targeting Finland has increased fourfold since the country began the process of joining NATO in 2023. The news was reported by Recorded Future News which interviewed Sauli Pahlman, the deputy director […]

Pierluigi Paganini August 06, 2023
Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach. CDHE did not disclose the number of impacted individuals. CDHE discovered the ransomware […]