IT Information Security

Pierluigi Paganini March 14, 2021
Security Affairs newsletter Round 305

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Chinese hackers allegedly hit thousands of organizations using Microsoft Exchange REvil Ransomware gang uses DDoS attacks and voice […]

Pierluigi Paganini March 14, 2021
Google releases Spectre PoC code exploit for Chrome browser

Google released proof-of-concept code to conduct Spectre attacks against its Chrome browser to share knowledge of browser-based side-channel attacks. Google released proof-of-concept code for conducting a Spectre attack against its Chrome browser on GitHub. The experts decided to publish the proof of concept code to demonstrate the feasibility of a web-based Spectre exploit.  The PoC […]

Pierluigi Paganini March 13, 2021
Experts found three new 15-year-old bugs in a Linux kernel module

Three 15-year-old flaws in Linux kernel could be exploited by local attackers with basic user privileges to gain root privileges on vulnerable Linux systems. GRIMM researchers found three vulnerabilities in the SCSI (Small Computer System Interface) component of the Linux kernel, the issues could be exploited by local attackers with basic user privileges to gain root privileges […]

Pierluigi Paganini March 13, 2021
The fire in the OVH datacenter also impacted APTs and cybercrime groups

The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT groups and cybercrime gangs. OVH, one of the largest hosting providers in the world, has suffered this week a terrible fire that destroyed its data centers located in Strasbourg. The French plant in Strasbourg includes 4 […]

Pierluigi Paganini March 13, 2021
New variant for Mac Malware XCSSET compiled for M1 Chips

Kaspersky researchers spotted a new variant of the XCSSET Mac malware that compiled for devices running on Apple M1 chips. XCSSET is a Mac malware that was discovered by Trend Micro in August 2020, it was spreading through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware […]

Pierluigi Paganini March 12, 2021
10,000+ WeLeakInfo customer records leaked

An actor claimed to have registered one of the domains of WeLeakInfo, accessed details of 10000+ WeLeakInfo’ s customers, and leaked it. WeLeakInfo.com was a data breach notification service that was allowing its customers to verify if their credentials been compromised in data breaches. The service was claiming a database of over 12 billion records from over […]

Pierluigi Paganini March 12, 2021
Internet disruption in Russia coincided with the introduction of restrictions

Experts at the NetBlocks Internet Observatory observed this week a temporary disruption of internet service in Russia due to new restrictions. On Wednesday 10 March 2021, researchers from Network data from the NetBlocks Internet Observatory observed the disruption of internet service provided by the Russian operator Rostelecom. The partial disruption of the service coincided with […]

Pierluigi Paganini March 12, 2021
Researchers warn of a surge in cyber attacks against Microsoft Exchange

Researchers warn of a surge in cyber attacks against Microsoft Exchange servers exploiting the recently disclosed ProxyLogon vulnerabilities. Researchers at Check Point Research team reported that threat actors are actively exploiting the recently disclosed ProxyLogon zero-day vulnerabilities in Microsoft Exchange. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) […]

Pierluigi Paganini March 12, 2021
Malspam campaign uses icon files to delivers NanoCore RAT

Researchers at Trustwave spotted a new malspam campaign that is abusing icon files to trick victims into installing the NanoCore Trojan.  Researchers at Trustwave have spoted a new malspam campaign that is abusing icon files to trick victims into executing the NanoCore remote access Trojan.  The emails use a .zipx file attachment, a .zipx file is a […]

Pierluigi Paganini March 11, 2021
Expert publishes PoC exploit code for Microsoft Exchange flaws

This week a security researcher published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers chaining two of ProxyLogon flaws.  On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant […]