Pierluigi Paganini
December 30, 2022
Netgear addressed a high-severity bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC. Netgear fixed a bug affecting multiple WiFi router models, including Wireless AC Nighthawk, Wireless AX Nighthawk (WiFi 6), and Wireless AC router models. The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged […]
Pierluigi Paganini
December 29, 2022
The Lake Charles Memorial Health System (LCMHS) suffered a ransomware attack that impacted 270,000 patients. The Lake Charles Memorial Health System (LCMHS) disclosed a data breach that affected almost 270,000 patients at its medical centers. The Lake Charles Memorial Health System is the largest not-for-profit community healthcare system in Southwest Louisiana. LCMHS reported the incident to the secretary of the U.S. […]
Pierluigi Paganini
December 27, 2022
The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the RisePro info-stealing malware. The pay-per-install (PPI) malware downloader service PrivateLoader is being used to distribute the information-stealing malware dubbed RisePro, Flashpoint warns. Threat actors can pay the Pay-per-install PrivateLoader service to download malicious payloads onto infected systems. Pay-per-install services are not a novel business model […]
Pierluigi Paganini
December 26, 2022
Cybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented by an advanced malware downloader called GuLoader (aka CloudEyE). GuLoader uses a polymorphic shellcode loader to avoid traditional security solutions, the experts mapped all embedded DJB2 hash values for every API used by the […]
Pierluigi Paganini
December 25, 2022
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom […]
Pierluigi Paganini
December 24, 2022
The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in […]
Pierluigi Paganini
December 22, 2022
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms. Vice Society ransomware has been active since June 2021, it is considered […]
Pierluigi Paganini
December 22, 2022
Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities. Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. The IT giant is tracking this cluster of threat activity […]
Pierluigi Paganini
December 20, 2022
Ukraine’s CERT-UA revealed the national Delta military intelligence program has been targeted with a malware-based attack. On December 17, 2022, the Center for Innovations and Development of Defense Technologies of the Ministry of Defense of Ukraine informed the Government Computer Emergency Response Team of Ukraine (CERT-UA) of being targeted by a malware-based attack. The spear […]
Pierluigi Paganini
December 19, 2022
Researchers spotted a new variant of the Agenda ransomware which is written in the cross-platform programming language Rust. Trend Micro researchers have spotted a new variant of the Agenda ransomware (aka Qilin) that is written in Rust Language. The move follows the decision of other ransomware gangs, like Hive, Blackcat, RansomExx, and Luna, of rewriting their ransomware into […]
