Pierluigi Paganini
June 03, 2022
Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Atlassian is warning of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively exploited in attacks in the wild. “Atlassian has […]
Pierluigi Paganini
June 02, 2022
LockBit ransomware gang claimed responsibility for an attack against the electronics manufacturing giant Foxconn that impacted production in Mexico The electronics manufacturing giant Foxconn confirmed that its production plant in Tijuana (Mexico) has been impacted by a ransomware attack in late May. The LockBit ransomware gang claimed responsibility for an attack and announced that it […]
Pierluigi Paganini
June 02, 2022
An international law enforcement operation involving 11 countries resulted in the takedown of the FluBot Android malware. An international law enforcement operation involving 11 countries led to the takedown of the infamous FluBot Android malware. The investigation involved law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United […]
Pierluigi Paganini
June 01, 2022
A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure. Researchers from Check Point have discovered a new version of the XLoader botnet, which implements significant enhancements, such as a new technique to obscure the Command and Control infrastructure XLoader has been observed since 2020, it […]
Pierluigi Paganini
June 01, 2022
A China-linked APT group is actively exploiting the recently disclosed Follina zero-day flaw in Microsoft Office in attacks in the wild. China-linked APT group TA413 has been observed exploiting the recently disclosed Follina zero-day flaw (tracked as CVE-2022-30190 and rated CVSS score 7.8) in Microsoft Office in attacks in the wild. This week, the cybersecurity researcher nao_sec discovered a malicious Word […]
Pierluigi Paganini
May 31, 2022
SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. Researchers from Kaspersky have analyzed the activity of an aggressive threat actor tracked as SideWinder (aka RattleSnake and T-APT-04). The group stands out for the high frequency and persistence of its attacks, researchers believe that the […]
Pierluigi Paganini
May 31, 2022
Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the […]
Pierluigi Paganini
May 30, 2022
A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell […]
Pierluigi Paganini
May 30, 2022
Researchers discovered a new ransomware family called GoodWill that asks victims to donate the ransom for social causes. CloudSEK’s Threat Intelligence Research team has disclosed a new ransomware strain called GoodWill, that demands victims the payment of a ransom through donations for social causes and financially helping people in need. “The ransomware group propagates very unusual demands in […]
Pierluigi Paganini
May 30, 2022
The operators of the EnemyBot botnet added exploits for recently disclosed flaws in VMware, F5 BIG-IP, and Android systems. Operators behind the EnemyBot botnet are expanding the list of potential targets adding exploits for recently disclosed critical vulnerabilities in from VMware, F5 BIG-IP, and Android. The botnet was first discovered by Fortinet in March, the […]
