Pierluigi Paganini
December 11, 2021
Vulnerabilities in the Western Digital SanDisk SecureAccess can be exploited to access user data through brute force and dictionary attacks. Western Digital has released updates for its SanDisk SecureAccess software to fix multiple vulnerabilities that can be exploited to access user data by carrying out brute force and dictionary attacks. The SanDisk SecureAccess software, now […]
Pierluigi Paganini
December 11, 2021
Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. Accenture researchers detailed the activity of a sophisticated financially motivated threat actor called Karakurt. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the […]
Pierluigi Paganini
December 11, 2021
Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. p0rz9 revealed that the CVE-2021-44228 can only be exploited if the log4j2.formatMsgNoLookups option is set to false. The Log4j is widely […]
Pierluigi Paganini
December 10, 2021
Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become […]
Pierluigi Paganini
December 10, 2021
The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November. “The ACSC is aware of multiple instances of Australian organisations that have been impacted by Conti ransomware in November and […]
Pierluigi Paganini
December 10, 2021
Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. The Chinese security researcher p0rz9 who publicly disclosed the PoC exploit code revealed […]
Pierluigi Paganini
December 10, 2021
BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language In the past, other two ransomware were written in Rust for research purposes, one of them […]
Pierluigi Paganini
December 09, 2021
A botnet tracked as Dark Mirai spreads by exploiting a new vulnerability affecting TP-Link TL-WR840N EU V5 home routers. Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to […]
Pierluigi Paganini
December 09, 2021
Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking Discord servers. JFrog researchers have discovered 17 malicious packages in the NPM (Node.js package manager) repository that were developed to hijack Discord servers. The libraries allow stealing Discord access tokens and environment variables from systems running giving the attackers full access to […]
Pierluigi Paganini
December 09, 2021
Moobot is a Mirai-based botnet that is leveraging a critical command injection vulnerability in the webserver of some Hikvision products. The Mirai-based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260, in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers […]
APT / February 05, 2026
