MUST READ

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

Researchers expose MalTerminal, an LLM-enabled malware pioneer

 | 

Beware: GitHub repos distributing Atomic Infostealer on macOS

 | 

ESET uncovers Gamaredon–Turla collaboration in Ukraine cyberattacks

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 63

 | 

Security Affairs newsletter Round 542 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

A cyberattack on Collins Aerospace disrupted operations at major European airports

 | 

Fortra addressed a maximum severity flaw in GoAnywhere MFT software

 | 

UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London

 | 

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

 | 

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

 | 

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

 | 

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

 | 

Hacking

Pierluigi Paganini February 13, 2016
BlackEnergy infected also Ukrainian Mining and Railway Systems

Experts at Trend Micro discovered strains of BlackEnergy malware involved in the recent attacks against Ukrainian Mining and Railway Systems. BlackEnergy was in the headlines when the security industry examined the power outage occurred in Ukraine in December 2015. The BlackEnergy malware is a threat improved to target SCADA systems, the latest variant includes the KillDisk component developed to wipe […]

Pierluigi Paganini February 12, 2016
UK police arrested teenage hacker who allegedly hacked CIA and FBI officials

UK Police and FBI have arrested a teenager suspected to be Cracka, the hacker who hacked the CIA Director John Brennan. The Federal Bureau of Investigation (FBI) and British law enforcement have identified and arrested a teenage hacker alleged member of the hacking crew “Cracka with Attitude.” The Cracka with Attitude is the group of […]

Pierluigi Paganini February 12, 2016
The FBI requests $38 Million to counter the threat of Going Dark

The FBI requests $38 Million to counter the threat of Going Dark, in particular asking more economic resources to break encryption when needed. The FBI Director James Comey has highlighted in different occasions the difficulties faced by law enforcement when dealing with encryption during their investigations. Now, the FBI is making its request for budget […]

Pierluigi Paganini February 12, 2016
A replica of AlphaBay market used to steal login credentials

Fraudsters operating on the AlphaBay darknet market have deployed a replica of the popular marketplace to steal login credentials from peers. Paul Mutton, security experts at Netcraft, discovered a fake version of the Alphabay Market (pwoah7foa6au2pul.onion), one of the most popular black markets hosted in the dark web. Paul Mutton speculates that fraudsters have deployed […]

Pierluigi Paganini February 12, 2016
Interview with Troels Oerting on cybersecurity in modern organizations

An interview with Troels Oerting on the cyber security in modern organizations and the importance of the role of the Chief Information Security Officer. The role of the chief information security officer (CISO) has profoundly changed over the years, from IT security management to high-level risk management. Today a CISO is a crucial figure in […]

Pierluigi Paganini February 11, 2016
Once again identity thieves use stolen SSNs in IRS attack

The IRS detected roughly unauthorized attempts using 464,000 unique SSNs, and 101,000 attempts allowed crooks in generating PINs. The U.S. Internal Revenue Service (IRS) recently confirmed that cyber criminals abused the Electronic Filing PIN application. The Electronic Filing PIN application is running on irs.gov and allows taxpayers to generate a PIN that they can use to file tax […]

Pierluigi Paganini February 11, 2016
Million CISCO ASA Firewalls potentially vulnerable to attacks

A flaw in Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. It’s a bad period for IT manufacturers, recently the security community has discovered serious and anomalous  vulnerabilities affecting popular products like Juniper equipment and Fortinet Forti OS firewalls. Now, it is now the […]

Pierluigi Paganini February 10, 2016
Crooks are offering Apple employees up to $23,000 for their login credentials

According to former Apple employees interviewed by the Business Insider, cyber criminals are offering Apple staffers in Ireland up to $23,000 for their login details. Insiders are one of the greatest security problems for any organizations, working from the inside they can operate under the radar for a log time stealing information and sabotaging processes and infrastructures. […]

Pierluigi Paganini February 09, 2016
Are you searching for a Facebook Hacking Tool? Be careful!

Security Experts at ESET security firm discovered a new variant of a known trojan disguised as a Facebook Hacking Tool. Security researchers at ESET have published an interesting post about a new Facebook hacking tool. I receive every week dozen emails requesting me instruction to hack Facebook accounts. The hacking tool recently discovered is not […]

Pierluigi Paganini February 09, 2016
Carbanak cybergang is back and it is not alone

Experts at Kaspersky Lab discovered that Carbanak cybergang is back and other groups are adopting similar APT-style techniques to steal money. Security researchers at the 2016 edition of SAS in Tenerife revealed that the infamous Carbanak gang is back, and it is not the unique group that is adopting APT-style techniques to steal money from banks. […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

Security / September 23, 2025

US Secret Service dismantled covert communications network near the U.N. in New York

Intelligence / September 23, 2025

A suspected Scattered Spider member suspect detained for casino network attacks

Cyber Crime / September 23, 2025

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

Security / September 23, 2025

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

Cyber Crime / September 23, 2025