MUST READ

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika

 | 

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

 | 

CERT-FR recommends completely deactivate Wi-Fi whenever it’s not in use

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 75

 | 

malware

Pierluigi Paganini March 13, 2020
Cookiethief, the Android malware that hijacks Facebook accounts

Experts discovered an Android Trojan, dubbed Cookiethief, that is able to gain root access on infected devices and hijack Facebook accounts. Security experts from Kaspersky recently discovered Android Trojan that was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app. “We […]

Pierluigi Paganini March 13, 2020
Russia-Linked Turla APT uses new malware in watering hole attacks

The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous […]

Pierluigi Paganini March 12, 2020
Crooks use weaponized coronavirus map to deliver malware

While WHO declares the coronavirus outbreak a pandemic, crooks are attempting to exploit the situation to monetize their efforts. Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus-themed attacks to deliver malware. Crooks are targeting […]

Pierluigi Paganini March 10, 2020
Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Microsoft announced that it took over the US-based infrastructure used by the infamous Necurs spam botnet that infected millions of computers. Microsoft announced to have taken over the US-based infrastructure used by the Necurs botnet. The IT giant explained that success is the result of a coordinated legal and technical joint effort to disrupt the Necurs […]

Pierluigi Paganini March 10, 2020
Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. In human-operated ransomware attack scenario, attackers use stolen credentials, exploit misconfiguration and vulnerabilities to access target networks, […]

Pierluigi Paganini March 09, 2020
Sodinokibi Ransomware operators threaten to leak ‘dirty’ financial data of a company

Sodinokibi Ransomware operators are threatening to leak a company’s “dirty” financial secrets because they did not pay the ransom. The operators behind the infamous Sodinokibi Ransomware are threatening to publicly release the “dirty” financial secrets of a company that refused to pay the ransom. In December, for the first time, the crime gang behind the Maze […]

Pierluigi Paganini March 08, 2020
New Coronavirus-themed malspam campaign delivers FormBook Malware

Experts uncovered a new Coronavirus (COVID-19)-themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. The campaign uses emails that pretend being sent by members of the World Health Organization (WHO), the messages […]

Pierluigi Paganini March 07, 2020
EVRAZ operations in North America disrupted by Ryuk ransomware

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. The company operates mainly in Russia, but also in Ukraine, Kazakhstan, Italy, Czech Republic, the United States, […]

Pierluigi Paganini March 06, 2020
Expert publicly discloses Zoho ManageEngine zero-day on Twitter

A security researcher has disclosed details and PoC code for a zero-day vulnerability in the Zoho ManageEngine product via Twitter. A security expert has disclosed details about a zero-day vulnerability in a Zoho enterprise product via Twitter, a circumstance that could cause serious problems to customers of the company. The flaw affects Zoho ManageEngine Desktop Central […]

Pierluigi Paganini March 06, 2020
TrickBot targets Italy using fake WHO Coronavirus emails as bait

Crooks continue to exploit the attention on the Coronavirus (COVID-19) outbreak, TrickBot operators target Italian users. A new spam campaign is targeting users in Italy by exploiting the interest on Coronavirus (COVID-19) in the attempt of delivering the TrickBot information-stealing malware. Crooks are attempting to exploit the fear of users of becoming infected with the Coronavirus, […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

Security / December 19, 2025

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

APT / December 19, 2025

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Security / December 18, 2025

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

Cyber Crime / December 18, 2025

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

Security / December 18, 2025