Pierluigi Paganini
February 07, 2022
Microsoft temporarily disabled the ms-appinstaller protocol for MSIX because it was abused by malware, such as Emotet. Microsoft announced to have temporarily disabled the ms-appinstaller protocol for MSIX because it was abused by malware, such as Emotet. In December, Microsoft addressed a vulnerability, tracked as CVE-2021-43890, in AppX installer that affects Microsoft Windows which is under active exploitation. “We have […]
Pierluigi Paganini
February 07, 2022
The Federal Communications Commission (FCC) says that small telecom providers have requested $5.6 billion to replace Chinese gear. The U.S. government has requested telecom providers to replace Chinese equipment in their networks due to security issues and allocated $1.9 billion to support the companies in the transaction. The Federal Communications Commission (FCC) said that the […]
Pierluigi Paganini
February 07, 2022
An unnamed Chinese-language-speaking hacking group compromised systems at National Games of China in 2021. Researchers at cybersecurity firm Avast discovered that a Chinese-language-speaking threat actor has compromised systems at National Games of China in 2021. The event took place on September 15, 2021 in Shaanxi (China), it is a national version of the Olympics with only local […]
Pierluigi Paganini
February 06, 2022
One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Like NSO Group, QuaDream develops […]
Pierluigi Paganini
February 06, 2022
A flaw in Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps. A zero-day vulnerability, tracked as CVE-2022-24348, in the Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps, including passwords and API keys. The flaw received a CVSS […]
Pierluigi Paganini
February 06, 2022
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued […]
Pierluigi Paganini
February 05, 2022
LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. The exchange is operated by global blockchain and IT services company HashCash. LockBit ransomware operators claim to have stolen customers’ data from the PayBito crypto exchange, […]
Pierluigi Paganini
February 05, 2022
The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation (FBI) has issued a flash alert containing technical details and indicators of compromise associated with LockBit ransomware operations. The LockBit ransomware gang has been active since September 2019, in June 2021 the group announced the LockBit 2.0 RaaS. Like […]
Pierluigi Paganini
February 05, 2022
US CISA ordered federal agencies to patch their systems against actively exploited CVE-2022-21882 Windows flaw. The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to address their systems against an actively exploited Windows vulnerability tracked as CVE-2022-21882. “CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence that threat […]
Pierluigi Paganini
February 04, 2022
Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services company Morley was victim of a ransomware attack that may have resulted in a data breach impacting more than 500,000 individuals. Morley Companies is a United States corporation that provides business services to Fortune 500 and Global 100 clients; contact […]
