Pierluigi Paganini
March 09, 2022
Threat actors hacked Russian federal agencies’ websites in a supply chain attack involving the compromise of a stats widget. Some Russian federal agencies’ websites were compromised in a supply chain attack, threat actors compromised the stats widget used to track the number of visitors by several government agencies. Threat actors were able to deface the […]
Pierluigi Paganini
March 09, 2022
The collective Anonymous has hacked public cameras in Russia and transmitted their live feed on a website, it also announced a clamorous leak. Anonymous and other hacker groups continue to target Russia, in a recent attack the collective has taken over more than 400 Russian cameras in support of Ukraine. The hacktivist shared the live feed […]
Pierluigi Paganini
March 09, 2022
Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. An attacker can exploit these vulnerabilities to implant a firmware that survives […]
Pierluigi Paganini
March 09, 2022
Samsung confirmed that threat actors had access to the source code of its Galaxy smartphones in recent security breach. Samsung this week disclosed a data breach, threat actors had access to internal company data, including the source code of Galaxy models. Last week the Lapsus$ ransomware gang claimed to have stolen a huge trove of sensitive data […]
Pierluigi Paganini
March 08, 2022
Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google Threat Analysis Group (TAG), which focuses on the analysis of nation-state threat actors, revealed to have blocked attacks against hundreds of Ukrainians conducted by Belarus and Russian state-sponsored hackers. The attacks have been attributed to the Russia-linked […]
Pierluigi Paganini
March 08, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added two critical security vulnerabilities in Mozilla firefox, tracked as CVE-2022-26485 and CVE-2022-26486, to its Known Exploited Vulnerabilities Catalog. The US agency has ordered federal civilian agencies to address both issues by […]
Pierluigi Paganini
March 08, 2022
Dirty Pipe is a Linux vulnerability, tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. Security expert Max Kellermann discovered a Linux flaw, dubbed Dirty Pipe and tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. The vulnerability affects Linux Kernel […]
Pierluigi Paganini
March 07, 2022
Coinbase announced that it’s blocking access to more than 25,000 blockchain addresses linked to Russian individuals and entities. The popular cryptocurrency exchange Coinbase announced today that it’s blocking access to more than 25,000 blockchain addresses linked to Russian people and entities. Coinbase chief legal officer Paul Grewal explained that its company is complying with sanctions […]
Pierluigi Paganini
March 07, 2022
Anonymous hacked into the most popular Russian streaming services to broadcast war footage from Ukraine. The popular hacker collective Anonymous continues to target Russian entities, a few hours ago the group hacked into the most popular Russian streaming services to broadcast war footage from Ukraine and demonstrate to Russians the atrocity of the invasion ordered […]
Pierluigi Paganini
March 07, 2022
Mozilla fixed two critical actively exploited zero-day bugs in Firefox with the release of 97.0.2, ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0. Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to address a couple of critical zero-day vulnerabilities, tracked as CVE-2022-26485 and CVE-2022-26485, actively exploited in […]
