Pierluigi Paganini
January 30, 2022
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. QNAP force-installs update against the recent wave of DeadBolt ransomware infections US FCC bans […]
Pierluigi Paganini
January 29, 2022
QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of […]
Pierluigi Paganini
January 27, 2022
North Korea-linked Lazarus APT group uses Windows Update client to deliver malware on Windows systems. North Korea-linked Lazarus APT started using Windows Update to execute the malicious payload and GitHub as a command and control server in recent attacks, Malwarebytes researchers reported. The activity of the Lazarus APT group surged in 2014 and 2015, its members used […]
Pierluigi Paganini
January 27, 2022
Experts spotted a sophisticated malware campaign delivering the AsyncRAT trojan since September 2021. Researchers from Morphisec spotted a sophisticated phishing campaign delivering the AsyncRAT trojan since September 2021. The phishing messages use an html attachment disguised in the form of an order confirmation receipt (e.g., Receipt-<digits>.html). Experts pointed out the malware employed has the lowest […]
Pierluigi Paganini
January 26, 2022
The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bundesamt für Verfassungsschutz (BfV) federal domestic intelligence agency warns of ongoing attacks coordinated by the China-linked APT27 group. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign […]
Pierluigi Paganini
January 26, 2022
New malware is targeting targets QNAP NAS devices, it is the DeadBolt ransomware and ask 50 BTC for master key DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems. Once encrypted the content of the device, […]
Pierluigi Paganini
January 25, 2022
Segway e-store suffered a Magecart attack that potentially allowed threat actors to steal credit cards and customer info. The online store of Segway was compromised as a result of a Magecart attack, threat actors planted a malicious script to steal credit card data and customer information while visitors were making a purchase Segway is known […]
Pierluigi Paganini
January 24, 2022
Threat actors planted a backdoor into multiple WordPress themes and plugins after compromising the website of their developer. In a classic supply chain attack, threat actors planted a backdoor in dozens of WordPress plugins and themes hosted on a developer’s website. The attack took place in the first half of September 2021, the attackers compromised […]
Pierluigi Paganini
January 24, 2022
Experts warn Emotet malware campaign using “unconventional” IP address formats in an attempt to evade detection. Threat actors behind a recent Emotet malware campaign have been observed using using “unconventional” IP address formats to evade detection. Trend Micro researchers reported that threat actors are using hexadecimal and octal representations of the IP address. “We observed Emotet spam […]
Pierluigi Paganini
January 24, 2022
The FBI warns that cybercriminals are using malicious QR codes to steal their credentials and financial info. The Federal Bureau of Investigation (FBI) published a public service announcement (PSA) to warn that cybercriminals are using QR codes to steal their credentials and financial info. QR codes are widely adopted by businesses to facilitate payment. In a classic […]
Security / December 30, 2025
