Pierluigi Paganini
September 11, 2024
Highline Public Schools, a school district in Washington state, remains closed following a cyberattack that occurred two days ago. Two days ago Highline Public Schools (HPS), a school district in Washington state, suffered a cyber attack that caused a significant disruption of its activities. Highline Public Schools (HPS) is a public school district in King County, headquartered in Burien, Washington, […]
Pierluigi Paganini
September 11, 2024
Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool to disable endpoint detection and response (EDR) systems, Malwarebytes ThreatDown Managed Detection and Response (MDR) team observed. TDSSKiller a legitimate tool developed by the cybersecurity firm Kaspersky to […]
Pierluigi Paganini
September 11, 2024
Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is a comprehensive solution designed to help organizations manage and secure their endpoint devices across various platforms, including Windows, macOS, Chrome OS, and IoT systems. The […]
Pierluigi Paganini
September 10, 2024
The Quad7 botnet evolves and targets new SOHO devices, including Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. The Sekoia TDR team identified additional implants associated with the Quad7 botnet operation. The botnet operators are targeting multiple SOHO devices and VPN appliances, including TP-LINK, Zyxel, Asus, D-Link, and Netgear, exploiting both known and […]
Pierluigi Paganini
September 10, 2024
Poland ‘s security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. Poland security services announced they have thwarted a cyber operation orchestrated by Russia and Belarus, aimed at destabilizing the country, according to Deputy Prime Minister and Minister for digital affairs Krzysztof Gawkowski. “The Belarusian and Russian foreign […]
Pierluigi Paganini
September 10, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these vulnerabilities: CVE-2016-3714 flaw (aka ImageTragick), in the popular […]
Pierluigi Paganini
September 10, 2024
Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised. The electronic payment gateway Slim CD disclosed a data breach following a cyberattack. Personal data and credit card details of 1,693,000 individuals were compromised. Slim CD’s gateway system allows merchants to accept any kind […]
Pierluigi Paganini
September 09, 2024
Users are exploiting a privacy flaw in WhatsApp to bypass the app’s “View once” feature, allowing them to re-view messages. The ‘View Once‘ feature in WhatsApp allows users to send photos, videos, and voice messages that can only be viewed once by the recipient. Recipients cannot forward, share, or copy the “View Once” media, and […]
Pierluigi Paganini
September 09, 2024
Researchers warn of a fresh cluster of activity associated with the Predator spyware using a new infrastructure, following the U.S. sanctions against the Intellexa Consortium. Recorded Future researchers warn that the Predator spyware has resurfaced with fresh infrastructure after a decline caused by US sanctions against Intellexa Consortium. In March 2024, the Department of the […]
Pierluigi Paganini
September 09, 2024
A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an allegedly China-linked threat actor, tracked TIDRONE, targeting drone manufacturers in Taiwan. The group, which was previously undocumented, uses enterprise resource planning (ERP) software and remote desktops to deploy advanced malware, including CXCLNT and CLNTEND. CXCLNT […]
