IT Information Security

Pierluigi Paganini October 16, 2024
Brazil’s PolĂ­cia Federal arrested the notorious hacker USDoD

Brazil’s PolĂ­cia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil’s PolĂ­cia Federal (PF) announced the arrest in Belo Horizonte/MG of the notorious hacker USDoD. In August, a CrowdStrike investigation revealed that the hacker USDoD (aka EquationCorp), who is known for high-profile data leaks, is a man from Brazil. The […]

Pierluigi Paganini October 16, 2024
Finnish Customs dismantled the dark web drugs market Sipulitie

Finnish Customs shut down the Tor darknet marketplace Sipulitie and seized the servers hosting the platform. Finnish Customs, with the help of Europol, Swedish and Polish law enforcement authorities and researchers at Bitdefender, shut down the Tor marketplace Sipulitie. “Finnish customs has closed the web servers of the Sipulitie marketplace, which has been operating on […]

Pierluigi Paganini October 16, 2024
U.S. CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: An attacker could exploit the vulnerability CVE-2024-30088 to gain SYSTEM privileges. Successful exploitation of […]

Pierluigi Paganini October 16, 2024
GitHub addressed a critical vulnerability in Enterprise Server

GitHub addressed a critical vulnerability in Enterprise Server that could allow unauthorized access to affected instances. Code hosting platform GitHub addressed a critical vulnerability, tracked as CVE-2024-9487 (CVSS score of 9.5), in GitHub Enterprise Server that could lead to unauthorized access to affected instances. An attacker could exploit a cryptographic signature verification flaw in GitHub Enterprise Server […]

Pierluigi Paganini October 15, 2024
A new Linux variant of FASTCash malware targets financial systems

North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. The variant discovered by the researcher was previously unknown and targets Ubuntu 22.04 LTS distributions. In November 2018, Symantec […]

Pierluigi Paganini October 15, 2024
Pokemon dev Game Freak discloses data breach

Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and Junichi Masuda. It is primarily known as the main developer of the PokĂ©mon video game series. The […]

Pierluigi Paganini October 14, 2024
Nation-state actor exploited three Ivanti CSA zero-days

An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry out malicious activities. The three vulnerabilities exploited by the threat actor are: “an advanced adversary […]

Pierluigi Paganini October 14, 2024
Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement operation that led to the shutdown of the dual dark web marketplace Bohemia/Cannabia. These are two of the largest and longest-running dark web platforms for the […]

Pierluigi Paganini October 14, 2024
Fidelity Investments suffered a second data breach this year

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack. The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024. […]

Pierluigi Paganini October 13, 2024
Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack hit Iranian government sites and nuclear facilities Ransomware operators exploited Veeam Backup & Replication flaw […]