Pierluigi Paganini
October 25, 2021
The Red Team Research (RTR), the bug’s research division from Italian Telecommunication firm TIM, found 2 new vulnerabilities affecting the Ericsson OSS-RC. What is the OSS (Operations Support System)? The Operations Support System – Radio and Core (OSS-RC) provides a centralized interface into the radio and core components. The Operations Support Systems are all those […]
Pierluigi Paganini
October 25, 2021
Russia-linked Nobelium APT group has breached at least 14 managed service providers (MSPs) and cloud service providers since May 2021. The SolarWinds security breach was not isolated, Russia-linked Nobelium APT group has targeted140 managed service providers (MSPs) and cloud service providers and successfully breached 14 of them since May 2021. The NOBELIUM APT (APT29, Cozy Bear, and […]
Pierluigi Paganini
October 25, 2021
Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018 to June 2021. The iPhone of New York Times journalist Ben Hubbard was repeatedly infected with NSO Group’s Pegasus spyware. The device was compromised two times, in July 2020 and June 2021. The attacks were […]
Pierluigi Paganini
October 24, 2021
This week, NATO Defence Ministers released the first-ever strategy for Artificial Intelligence (AI) that encourages the use of AI in a responsible manner. Artificial Intelligence (AI) is changing the global defence and security environment, for this reason, NATO Defence Ministers released the first-ever strategy for this technology that promotes its development and use in a […]
Pierluigi Paganini
October 24, 2021
Threat actors are offering for sale a database containing 50 million records belonging to Moscow drivers on a hacking forum for $800. Bad news for Russian drivers, threat actors are selling a database containing 50 million records belonging to Moscow drivers on a hacking forum for only $800. The threat actors claim to have obtained […]
Pierluigi Paganini
October 23, 2021
Cisco fixes an OS command-injection flaw, tracked as CVE-2021-1529, in Cisco SD-WAN that could allow privilege escalation and lead to arbitrary code execution. Cisco addressed a high-severity OS command-injection vulnerability, tracked as CVE-2021-1529, in Cisco SD-WAN that could allow privilege escalation and lead to arbitrary code execution. Cisco SD-WAN is a cloud-delivered overlay WAN architecture […]
Pierluigi Paganini
October 22, 2021
Facebook developed a new tool that allows security experts to look for Server-Side Request Forgery (SSRF) vulnerabilities in their software. Facebook announced to have designed a new tool, named SSRF Dashboard, that allows security researchers to search for Server-Side Request Forgery (SSRF) vulnerabilities. Server-side request forgery is a web security vulnerability that allows an attacker […]
Pierluigi Paganini
October 22, 2021
Groove ransomware operators call on other ransomware groups to stop competing and join the forces to fight against the US. The Groove ransomware gang is calling on other ransomware groups to attack US public sector after a an operation of of law enforcement shut down the infrastructure of the REvil gang. “The ransomware group REvil […]
Pierluigi Paganini
October 22, 2021
FIN7 hacking group created fake cybersecurity companies to hire experts and involve them in ransomware attacks tricking them of conducting a pentest. The FIN7 hacking group is attempting to enter in the ransomware business and is doing it with an interesting technique. The gang space creates fake cybersecurity companies that hire experts requesting them to […]
Pierluigi Paganini
October 22, 2021
Bitdefender researchers discovered a new Rootkit named FiveSys that abuses Microsoft-Issued Digital Signature signature to evade detection. FiveSys is a new rootkit discovered by researchers from Bitdefender, it is able to evade detection by abusing a Microsoft-issued digital signature. Driver packages that pass Windows Hardware Lab Kit (HLK) testing can be digitally-signed by Microsoft WHQL (Windows Hardware Quality […]
Security / December 19, 2025
