IT Information Security

Pierluigi Paganini March 30, 2022
Lapsus$ extortion gang claims to have hacked IT Giant Globant

The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked tens of gigabytes of stolen data. The Lapsus$ extortion group claims to have hacked IT giant Globant and leaked roughly 70 Gb of stolen data. The gang claims that the company has implemented poor security practices that allowed them to hack their […]

Pierluigi Paganini March 29, 2022
$625M stolen from Axie Infinity ‘s Ronin bridge, the largest ever crypto hack

Threat actors have stolen approximately $625 million worth of Ethereum and USDC tokens from Axie Infinity ‘s Ronin network bridge. Threat actors have stolen almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from Axie Infinity’s Ronin network bridge. The attack took place on March 23rd, but the cyber heist was […]

Pierluigi Paganini March 29, 2022
Compromised WordPress sites launch DDoS on Ukrainian websites

Threat actors compromised WordPress sites to deploy a script that was used to launch DDoS attacks, when they are visited, on Ukrainian websites. MalwareHunterTeam researchers discovered the malicious script on a compromised WordPress site, when the users were visiting the website the script launched a DDoS attack against ten Ukrainian sites. The JavaScript was designed […]

Pierluigi Paganini March 29, 2022
CISA adds Chrome, Redis bugs to the Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Chrome and Redis flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chome zero-day (CVE-2022-1096) and a critical Redis vulnerability (CVE-2022-0543), along with other 30 vulnerabilities, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing […]

Pierluigi Paganini March 29, 2022
What is credential stuffing? And how to prevent it?

This post explains what is a credential stuffing attack and which are the countermeasures to prevent them. A credential stuffing attempt can be caught as a behavioral anomaly – if you’re looking. Earmarked by the FBI as a particular threat to the financial service industry just over a year ago, the increase of internet traffic, […]

Pierluigi Paganini March 29, 2022
Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure. On March 29, 2022, a massive cyber attack caused a major internet disruption across Ukraine on national provider Ukrtelecom. According to global internet monitor service NetBlock, real-time network data showed connectivity collapsed to 13% of pre-war levels. […]

Pierluigi Paganini March 28, 2022
Anonymous is working on a huge data dump that will blow Russia away

The Anonymous collective hacked the Russian construction company Rostproekt and announced a leak that will Blow Russia Away.  Anonymous continues its offensive against Russia, the collective announced the hack of the Russian construction company Rostproekt and announced a leak that will blow Russia away. Link to the stolen data from the company have been published […]

Pierluigi Paganini March 28, 2022
Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

The Muhstik botnet has been observed targeting Redis servers exploiting the recently disclosed CVE-2022-0543 vulnerability. Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. Botnet operators monetize their efforts via XMRig combined with DDoS-for-hire services.  The botnet leverages IRC servers for command-and-control (C2) communications, […]

Pierluigi Paganini March 28, 2022
GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon 

Ukraine CERT-UA warns that the Belarus-linked GhostWriter APT group is targeting state entities of Ukraine with Cobalt Strike Beacon. Ukraine CERT-UA uncovered a spear-phishing campaign conducted by Belarus-linked GhostWriter APT group targeting Ukrainian state entities with Cobalt Strike Beacon. The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” This second archive […]

Pierluigi Paganini March 28, 2022
Shopping trap: The online stores’ scam that hits users worldwide

Shopping trap: Criminal gangs from China have been using copies of online stores of popular brands to target users all over the world Malicious schemas linked to online stores are on the rise in 2022. Criminal gangs from China have been using copies of online stores of popular brands to target users all over the […]