Pierluigi Paganini
February 03, 2022
Trend Micro recently addressed two high-severity flaws affecting some of its hybrid cloud security products. Trend Micro released security updates to fix two high-severity vulnerabilities, tracked as CVE-2022-23119 and CVE-2022-23120, affecting some of its hybrid cloud security products. The vulnerabilities affect Deep Security and Cloud One workload security solutions. The flaws were reported by the cybersecurity […]
Pierluigi Paganini
February 02, 2022
Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The cyber threat team at retail giant Walmart has analyzed a new ransomware family dubbed Sugar, which is offered through a ransomware-as-a-service (RaaS) model. Unlike other ransomware operations, Sugar ransomware appears to primarily focus on individual […]
Pierluigi Paganini
February 02, 2022
Antivirus firm ESET addressed a local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. Antivirus firm ESET released security patches to address a high severity local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. An attacker can exploit the vulnerability to misuse the AMSI scanning feature to elevate privileges in specific scenarios. “According […]
Pierluigi Paganini
February 02, 2022
The Cybereason Nocturnus Team reported a spike in the activity of the Iran-linked APT group APT35 (aka Phosphorus or Charming Kitten). The Cybereason Nocturnus Team observed a spike in the activity of the Iran-linked APT group APT35 (aka ‘Charming Kitten‘, ‘Phosphorus‘, Newscaster, and Ajax Security Team) The Phosphorus group made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized […]
Pierluigi Paganini
February 02, 2022
Researchers discovered tens of vulnerabilities in UEFI firmware code used by the major device manufacturers. Researchers at firmware security company Binarly have discovered 23 vulnerabilities in UEFI firmware code used by the major device makers. The vulnerabilities could impact millions of enterprise devices, including laptops, servers, routers, and industrial control systems (ICS). All these vulnerabilities […]
Pierluigi Paganini
February 01, 2022
Personal information belonging to British Council students was exposed online via an unsecured repository. The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries: promoting a wider knowledge of the United Kingdom and the English language; encouraging cultural, scientific, technological and educational co-operation with the […]
Pierluigi Paganini
February 01, 2022
The Iran-linked MuddyWater APT group is targeting private Turkish organizations and governmental institutions. Researchers from Cisco Talos have uncovered a cyber espionage campaign carried out by the Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros) and targeting private Turkish organizations and governmental institutions. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. The experts called the […]
Pierluigi Paganini
January 31, 2022
The US CISA added eight more flaws to its Known Exploited Vulnerabilities Catalog that are known to be used in attacks in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to the Known Exploited Vulnerabilities Catalog. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that […]
Pierluigi Paganini
January 31, 2022
A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […]
Pierluigi Paganini
January 31, 2022
The administrator of the DeepDotWeb (DDW) has received a sentence of 97 months in prison for money laundering. Tal Prihar (37), an Israeli national who operated DeepDotWeb (DDW), was sentenced to 97 months in prison and was ordered to forfeit $8,414,173. DeepDotWeb (DDW) was a website that connected internet users with Darknet marketplaces, where they […]
