Pierluigi Paganini
July 06, 2023
StackRot is s new security vulnerability in the Linux kernel that could be exploited to gain elevated privileges on a target system. A security vulnerability, dubbed StackRot was found impacting Linux versions 6.1 through 6.4. The issue, tracked as CVE-2023-3269, (CVSS score: 7.8), is a privilege escalation issue that resides in the memory management subsystem. An unprivileged […]
Pierluigi Paganini
July 05, 2023
RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors. The malware allows operators to steal information from various browsers, it also supports ransomware capabilities. […]
Pierluigi Paganini
July 05, 2023
The DDoSia attack tool received an upgrade, it supports a new security mechanism to conceal the list of targets. Researchers at the cybersecurity firm Sekoia analyzed an updated variant of the DDoSia attack tool that was developed and used by the pro-Russia collective NoName(057)16. The tool was employed in attacks against Ukraine and NATO countries, including the Eastern Flank (Lithuania, […]
Pierluigi Paganini
July 05, 2023
Swedish data protection watchdog warns companies against using Google Analytics due to the risk of surveillance operated by the US government. The Swedish data protection watchdog warned businesses against using Google Analytics due to the risk of surveillance carried out by the US government. The Swedish Authority for Privacy Protection (IMY) conducted audits against CDON, […]
Pierluigi Paganini
July 04, 2023
Personal data of the personnel at the Dublin Airport was compromised due to a MOVEit attack on professional service provider Aon. Data of about 3000 employees of Dublin Airport (DDA) were compromised after professional service provider Aon fell victim to a MOVEit Transfer attack. Dublin Airport notified local authorities and Ireland’s Data Protection Commission. Aon […]
Pierluigi Paganini
July 04, 2023
A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. A joint study conducted by vx-underground and SentinelOne recently revealed that a Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting financial institutions worldwide. The case was […]
Pierluigi Paganini
July 04, 2023
Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. In Mid-June Fortinet addressed a critical flaw, tracked as CVE-2023-27997 (CVSS score: 9.2), in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. “A heap-based buffer overflow vulnerability […]
Pierluigi Paganini
July 03, 2023
Microsoft denied the data breach after the collective of hacktivists known as Anonymous Sudan claimed to have hacked the company. In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing apps, and the cloud computing infrastructure Azure. A collective known as Anonymous Sudan (aka Storm-1359) claimed responsibility for […]
Pierluigi Paganini
July 03, 2023
China-linked APT group was spotted using HTML smuggling in attacks aimed at Foreign Affairs ministries and embassies in Europe. A China-linked APT group was observed using HTML smuggling in attacks against Foreign Affairs ministries and embassies in Europe, reports the cybersecurity firm Check Point. The researchers tracked the campaign as SmugX and reported that it […]
Pierluigi Paganini
July 03, 2023
US CISA added actively exploited Samsung and D-Link vulnerabilities to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added six Samsung and two D-Link vulnerabilities to its Known Exploited Vulnerabilities Catalog. Below is the list of flaws added to the catalog: The CVE-2019-17621 flaw is a remote command execution flaw that resides in […]
