MUST READ

FBI probing intrusion into a system managing sensitive surveillance information

 | 

Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligence

 | 

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

 | 

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

 | 

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

 | 

Iran-nexus APT Dust Specter targets Iraq officials with new malware

 | 

U.S. CISA adds Apple, Rockwell, and Hikvision  flaws to its Known Exploited Vulnerabilities catalog

 | 

Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow

 | 

Phobos Ransomware admin faces up to 20 years after guilty plea

 | 

Russian APT targets Ukraine with BadPaw and MeowMeow malware

 | 

Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum

 | 

Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1

 | 

Cisco fixes maximum-severity Secure FMC bugs threatening firewall security

 | 

Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR

 | 

LastPass warns of spoofed alerts aimed at stealing master passwords

 | 

From phishing to Google Drive C2: Silver Dragon expands APT41 playbook

 | 

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog

 | 

Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals

 | 

Facebook is experiencing a global outage

 | 

Ariomex, Iran-based crypto exchange, suffers data leak

 | 

information security news

Pierluigi Paganini March 07, 2020
CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

A new vulnerability, tracked as CVE-2019-0090, affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years. The flaw is currently defined as unpatchable and could […]

Pierluigi Paganini March 07, 2020
Travel leisure company Carnival Corporation discloses data breach

The world’s largest travel leisure company Carnival Corporation discloses a data breach that took place last year and which exposed the personal information of its customers. Carnival Corporation, the world’s largest travel leisure company, discloses a data breach that took place in 2019. The company is informing customers of the incident, a third-party gained unauthorized access […]

Pierluigi Paganini March 06, 2020
Expert publicly discloses Zoho ManageEngine zero-day on Twitter

A security researcher has disclosed details and PoC code for a zero-day vulnerability in the Zoho ManageEngine product via Twitter. A security expert has disclosed details about a zero-day vulnerability in a Zoho enterprise product via Twitter, a circumstance that could cause serious problems to customers of the company. The flaw affects Zoho ManageEngine Desktop Central […]

Pierluigi Paganini March 06, 2020
TrickBot targets Italy using fake WHO Coronavirus emails as bait

Crooks continue to exploit the attention on the Coronavirus (COVID-19) outbreak, TrickBot operators target Italian users. A new spam campaign is targeting users in Italy by exploiting the interest on Coronavirus (COVID-19) in the attempt of delivering the TrickBot information-stealing malware. Crooks are attempting to exploit the fear of users of becoming infected with the Coronavirus, […]

Pierluigi Paganini March 05, 2020
Malware campaign employs fake security certificate updates

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. Security experts from Kaspersky Lab discovered spotted a new attack technique used by crooks to distribute malware by tricking victims into installing a malicious “security certificate update” when they visit compromised websites. We […]

Pierluigi Paganini March 05, 2020
Hackers gained access to T-Mobile customers and employee personal info

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees […]

Pierluigi Paganini March 05, 2020
Hundreds of Microsoft sub-domains open to hijacking

Security researchers demonstrated that hundreds of sub-domains belonging to Microsoft could potentially be hijacked and abused to deliver malware and for phishing attacks. Researchers have devised another way to carry out an attack, for example, inviting victims to download a fake update from an apparently trusted URL such as mybrowser.microsoft.com. Security researchers Numan Ozdemir and […]

Pierluigi Paganini March 05, 2020
Cisco addresses high severity RCE flaws in Webex Player

Cisco has released security updates to fix multiple vulnerabilities in various products, including two remote code execution flaws in Webex Player.  The two remote code execution vulnerabilities fixed by Cisco have been tracked CVE-2020-3127 and CVE-2020-3128 respectively. The vulnerabilities have been rated as high severity and received a CVSS score of 7.8. The vulnerabilities are caused by the […]

Pierluigi Paganini March 04, 2020
Visser Precision, a part maker for Tesla, Boeing, and Lockheed Martin hit with data-stealing ransomware

Data-stealing ransomware infected systems at Visser Precision, a parts maker for many enterprises, including Tesla, Boeing, and Lockheed Martin. Visser Precision is a parts maker for many companies in several industries, including aerospace, automotive, industrial and manufacturing. The company disclosed a ransomware attack that might have exposed data related to multiple business partners, including Tesla, […]

Pierluigi Paganini March 04, 2020
Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. Let’s Encrypt certificate authority (CA) is going to revoke over 3 million certificates today due to a vulnerability in software used to verify users and their […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

FBI probing intrusion into a system managing sensitive surveillance information

Hacking / March 07, 2026

Iran-linked hackers target IP cameras across Israel and Gulf states for military intelligence

Cyber warfare / March 07, 2026

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations

APT / March 06, 2026

Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws

Security / March 06, 2026

Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer

Malware / March 06, 2026