Pierluigi Paganini
December 02, 2022
Threat actors could exploit drones for payload delivery, kinetic operations, and even diversion, experts warn. Original post at https://cybernews.com/security/drones-hack-airborne-cybersecurity-nightmare/ Once a niche technology, drones are about to explode in terms of market growth and enterprise adoption. Naturally, threat actors follow the trend and exploit the technology for surveillance, payload delivery, kinetic operations, and even diversion. […]
Pierluigi Paganini
December 02, 2022
Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius) have demanded over 145 million U.S. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide […]
Pierluigi Paganini
December 01, 2022
Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. Threat actors are exploiting a critical vulnerability, tracked as CVE-2022-0543, in Redis (Remote Dictionary Server) servers. Redis (remote dictionary server) […]
Pierluigi Paganini
December 01, 2022
North Korea-linked ScarCruft group used a previously undocumented backdoor called Dolphin against targets in South Korea. ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37, Reaper, and Group123) in attacks aimed at targets in South Korea. ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers […]
Pierluigi Paganini
December 01, 2022
LastPass disclosed a new security breach, threat actors had access to its cloud storage using information stolen in the August 2022 breach. Password management solution LastPass disclosed a new security breach, the attackers had access to a third-party cloud storage service using information stolen in the August 2022 breach. The impacted cloud storage service is […]
Pierluigi Paganini
November 30, 2022
Threat actors are exploiting interest in a popular TikTok challenge, dubbed Invisible Challenge, to trick users into downloading info-stealing malware. Threat actors are exploiting the popularity of a TikTok challenge, called Invisible Challenge, to trick users into downloading information-stealing malware, Checkmarx researchers warn. People participating in the Invisible Challenge have to apply a filter called Invisible […]
Pierluigi Paganini
November 30, 2022
An alleged China-linked cyberespionage group, tracked as UNC4191, used USB devices in attacks aimed at Philippines entities. Mandiant researchers spotted an alleged China-linked cyberespionage group, tracked as UNC4191, leveraging USB devices as attack vectors in campaigns aimed at Philippines entities. This campaign has been active dates as far back as September 2021 and targeted public […]
Pierluigi Paganini
November 30, 2022
CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. Original post at https://cybernews.com/security/encsecurity-leaked-sensitive-data/ When you buy a Sony, Lexar, or Sandisk USB key or any other storage device, it comes with an encryption solution to keep your data safe. The software is developed by a […]
Pierluigi Paganini
November 29, 2022
Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical flaw, tracked as CVE-2022-40684, in Fortinet products. In early October, Fortinet addressed the critical authentication bypass flaw, […]
Pierluigi Paganini
November 29, 2022
CISA added a critical flaw impacting Oracle Fusion Middleware, tracked as CVE-2021-35587, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical vulnerability impacting Oracle Fusion Middleware, tracked as CVE-2021-35587 (CVSS 3.1 Base Score 9.8), to its Known Exploited Vulnerabilities Catalog. An unauthenticated attacker with network access via HTTP can […]
