MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

 | 

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

 | 

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

 | 

Maximum-severity XXE vulnerability discovered in Apache Tika

 | 

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

 | 

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

 | 

U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog

 | 

Marquis data breach impacted more than 780,000 individuals

 | 

ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm

 | 

Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

 | 

King Addons flaw lets anyone become WordPress admin

 | 

University of Pennsylvania and University of Phoenix disclose data breaches

 | 

Researchers spotted Lazarus’s remote IT workers in action

 | 

India mandates SIM-linked messaging apps to fight rising fraud

 | 

U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog

 | 

MuddyWater strikes Israel with advanced MuddyViper malware

 | 

'Korea’s Amazon' Coupang discloses a data breach impacting 34M customers

 | 

Google’s latest Android security update fixes two actively exploited flaws

 | 

Law enforcement shuts down Cryptomixer in major crypto crime takedown

 | 

Hacking

Pierluigi Paganini July 27, 2017
Experts found critical flaws in Diebold Opteva ATM that allow to vend notes from the machine

Experts at the US firm IOActive have discovered a critical physical and authentication bypass vulnerability in the Diebold Opteva ATM. The researchers have found two vulnerabilities in the Diebold Opteva ATM machines with the AFD platform that could be chained to allow an unauthorized user to vend notes from the device. “IOActive has discovered two vulnerabilities in Opteva […]

Pierluigi Paganini July 26, 2017
UniCredit bank breach – Data of 400,000 loan applicants exposed due to the hack of a partner

UniCredit bank breach – Data of 400,000 loan applicants exposed due to the hack of a partner. Italian media outlets downplay the risk, is it correct? The Italian bank UniCredit admitted a series of security breaches occurred in the last year, personal data of 400,000 loan applicants have been exposed. The Italian bank confirmed that […]

Pierluigi Paganini July 26, 2017
Chinese Police dismantled the behind the Fireball adware campaign that infected more than 250 Million PCs

Chinese authorities arrested eleven members of the gang behind the Fireball adware campaign that infected more than 250 Million PCs. Chinese police have identified and arrested individuals suspected to be the operators behind the massive adware campaign that infected more than 250 Million computers across the world earlier this year. In June, researchers at security firm Check Point discovered the […]

Pierluigi Paganini July 26, 2017
New CowerSnail Windows Backdoor linked to SHELLBIND SambaCry Linux Malware

Malware researchers at Kaspersky Lab have found a new Windows Backdoor dubbed CowerSnail linked to the recently discovered SHELLBIND SambaCry Linux malware. Security experts at Kaspersky Lab have spotted a new Windows Backdoor dubbed CowerSnail linked to the recently discovered SHELLBIND SambaCry Linux malware. SHELLBIND has infected most network-attached storage (NAS) appliances, it exploits the Samba vulnerability (also known as SambaCry and EternalRed) to upload a shared […]

Pierluigi Paganini July 25, 2017
Veritaseum – Hacker Steals $8.4 Million in Ethereum, for the second time during the ICO

Veritaseum – An unknown hacker has stolen nearly $8.4 Million worth of Ethereum cryptocurrency, for the second time during the ICO. A clamorous cyber heist makes the headlines, an unknown hacker has stolen nearly $8.4 Million worth of Ethereum cryptocurrency, the hack hit Veritaseum Initial Coin Offering (ICO). This is the fourth Ethereum cyber heist this […]

Pierluigi Paganini July 25, 2017
Fruitfly macOS and OS X backdoor remained undetected for years

A new mysterious strain of macOS and OS X malware dubbed Fruitfly went undetected by malware researchers and security software for at least five years. Fruitfly is a backdoor that could be used by attackers to gain full control over the infected systems by implementing many spying features. Fruitfly has the ability to capture screenshots, keystrokes, […]

Pierluigi Paganini July 23, 2017
Hacker BestBuy pleads guilty to hijacking more than 900k Deutsche Telekom routers

The hacker BestBuy pleaded guilty in court on Friday to hijacking more than 900,000 routers from the network of Deutsche Telekom The notorious hacker BestBuy, also known as Popopret, pleaded guilty in court on Friday to hijacking more than 900,000 routers from the network of Deutsche Telekom. The 29-year-old man, whom name wasn’t revealed by authorities. used a custom version of […]

Pierluigi Paganini July 22, 2017
Lloyd’s of London: A massive cyber attack could cause an average of $53 billion of economic losses

A major global cyber attack has the potential to trigger $53 billion of economic losses, the equivalent to a natural disaster like 2012’s Superstorm Sandy. Events like the massive Wannacry attack or the Ukraine power outage raise the discussion about the possible economic losses caused by a cyber attack. According to a new report published by […]

Pierluigi Paganini July 20, 2017
Tor launches Bug Bounty Program, hackers can earn between $2,000 and $4,000 for high severity flaws

The Tor Project announced the launch of a public bug bounty program. Bug hunters can earn between $2,000 and $4,000 for high severity flaws. It’s official, the Tor Project announced the launch of a public bug bounty program through the HackerOne platform, the initiative was possible with support from the Open Technology Fund. “With support from the […]

Pierluigi Paganini July 20, 2017
Huge blow to the criminal underground in the dark web, authorities shut down AlphaBay and Hansa black marketplaces

In a coordinated International operation, Europol along with FBI, US DEA and Dutch Police have seized and taken down AlphaBay and HANSA black markets. It’s official, the US Attorney General Jeff Sessions confirmed that US and European police shutdown of two major “dark web” marketplaces, AlphaBay and Hansa. It has been estimated that both marked had tens […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 74

Malware / December 07, 2025

Security Affairs newsletter Round 553 by Pierluigi Paganini – INTERNATIONAL EDITION

Uncategorized / December 07, 2025

Porsche outage in Russia serves as a reminder of the risks in connected vehicle security

Security / December 07, 2025

Attackers launch dual campaign on GlobalProtect portals and SonicWall APIs

Hacking / December 06, 2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Security / December 06, 2025