IT Information Security

Pierluigi Paganini March 08, 2021
UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Threat actors are exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the […]

Pierluigi Paganini March 08, 2021
Hackers compromised Microsoft Exchange servers at the EU Banking Regulator EBA

The European Banking Authority (EBA) disclosed a cyberattack that resulted in the hack of its Microsoft Exchange email system. The European Banking Authority announced that it was the victim of a cyber attack against its email system that exploited recently disclosed zero-day vulnerabilities in Microsoft Exchange. On March 2nd, Microsoft has released emergency out-of-band security updates that […]

Pierluigi Paganini March 08, 2021
Microsoft updated MSERT to detect web shells used in attacks against Microsoft Exchange installs

Microsoft updated its Microsoft Safety Scanner (MSERT) tool to detect web shells employed in the recent Exchange Server attacks. Early this month, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that […]

Pierluigi Paganini March 07, 2021
Chinese hackers allegedly hit thousands of organizations using Microsoft Exchange

Thousands of organizations may have been victims of cyberattacks on Microsoft Exchange servers conducted by China-linked threat actors since January. At least tens of thousands of Microsoft customers may have been hacked by allegedly China-linked threat actors since January, including business and government agencies. The attacks started in January, but the attackers’ activity intensified in […]

Pierluigi Paganini March 07, 2021
Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Russia-linked APT groups leveraged the Lithuanian nation’s technology infrastructure to launch cyber-attacks against targets worldwide. The annual national security threat assessment report released by Lithuania’s State Security Department states that Russia-linked APT groups conducted cyber-attacks against top Lithuanian officials and decision-makers last in 2020. APT29 state-sponsored hackers also exploited Lithuania’s information technology infrastructure to carry […]

Pierluigi Paganini March 07, 2021
Security Affairs newsletter Round 304

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. EU leaders aim at boosting defense and security, including cybersecurity New Zealand-based cryptocurrency exchange Cryptopia hacked again ByteDance […]

Pierluigi Paganini March 07, 2021
REvil Ransomware gang uses DDoS attacks and voice calls to make pressure on the victims

The REvil ransomware operators are using DDoS attacks and voice calls to journalists and victim’s business partners to force victims to pay the ransom. The REvil/Sodinokibi ransomware operators announced that they are using DDoS attacks and voice calls to victim’s business partners and journalists to force the victims into pay the ransom. The announcement shows […]

Pierluigi Paganini March 06, 2021
Multiple Cisco products exposed to DoS attack due to a Snort issue

Cisco announced that a vulnerability in the Snort detection engine exposes several of its products to denial-of-service (DoS) attacks. Cisco announced this week that several of its products are exposed to denial-of-service (DoS) attacks due to a vulnerability in the Snort detection engine. The vulnerability resides in the Ethernet Frame Decoder of the Snort detection […]

Pierluigi Paganini March 06, 2021
Hackers breached four prominent underground cybercrime forums

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. Unknown threat actors hacked the Verified forum in January, Crdclub in February, and Exploit and Maza in March, […]

Pierluigi Paganini March 06, 2021
Microsoft releases IOC Detection Tool for Microsoft Exchange Server flaws

After the disclosure of Microsoft Exchange zero-days, MS Exchange Server team has released a script to determine if an install is vulnerable. This week Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. In response to the […]