Pierluigi Paganini
May 21, 2024
Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor’s NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabilities, most of which have yet to be addressed. The most severe vulnerability is a flaw tracked as CVE-2024-27130. The issue is an unpatched stack buffer […]
Pierluigi Paganini
May 20, 2024
Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future’s Insikt Group discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors from the Commonwealth of Independent States (CIS). The attackers, tracked as GitCaught, used a GitHub profile to impersonate legitimate software applications, including 1Password, Bartender 5, and […]
Pierluigi Paganini
May 20, 2024
Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and air vending solutions for multifamily housing, academic institutions, hospitality, and other commercial sectors. They manage and operate many internet-connected laundry machines and systems, offering services such […]
Pierluigi Paganini
May 20, 2024
A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. Operators behind the Grandoreiro banking trojan have resumed operations following a law enforcement takedown in January. The recent campaign is […]
Pierluigi Paganini
May 19, 2024
WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people. According to the report sent by the WebTPA to the U.S. Department of Health and […]
Pierluigi Paganini
May 19, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked IT workers infiltrated hundreds of US firms Turla APT used two new backdoors to […]
Pierluigi Paganini
May 19, 2024
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware is a version of the GoBear backdoor which was delivered in a recent campaign by […]
Pierluigi Paganini
May 18, 2024
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an Arizona woman, a Ukrainian man, and three unidentified foreign nationals accused of aiding overseas IT workers, pretending to be U.S. citizens, to infiltrate hundreds of firms in […]
Pierluigi Paganini
May 17, 2024
Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors named LunarWeb and LunarMail that were exploited to breach European ministry of foreign affairs. The two backdoors are designed to carry out a long-term compromise in the target network, data […]
Pierluigi Paganini
May 17, 2024
The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas’s city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The city immediately started its incident response procedure to prevent […]
