Pierluigi Paganini
March 07, 2025
Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns that multiple botnets are exploiting a recently disclosed vulnerability, tracked as CVE-2025-1316 (CVSS score of 9.8), in Edimax IC-7100 IP cameras. The issue is an Improper Neutralization of Special Elements used in an […]
Pierluigi Paganini
March 07, 2025
Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts observed a 42% increase in attacks carried out by the group between 2023 and 2024. Experts […]
Pierluigi Paganini
March 07, 2025
Qilin Ransomware group claims to have breached the Ministry of Foreign Affairs of Ukraine, marking a significant cybersecurity attack. The Russian-speaking Qilin Ransomware group claims responsibility for an attack on the Ministry of Foreign Affairs of Ukraine. The group stated that it stole sensitive data such as private correspondence, personal information, and official decrees. The […]
Pierluigi Paganini
March 06, 2025
China-linked Lotus Blossom APT targets governments and industries in Asian countries with new Sagerunex backdoor variants. Talos researchers linked China-backed Lotus Blossom APT (also known as Elise and Esile) to multiple campaigns targeting organizations in sectors such as government, manufacturing, telecommunications and media with the Sagerunex backdoor. The victims of the attacks are in the […]
Pierluigi Paganini
March 05, 2025
Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 TB of stolen data. The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. The group claims the theft of 1.4 terabytes of data and is threatening to leak it. The […]
Pierluigi Paganini
March 04, 2025
A massive attack targets ISPs in China and the U.S. West Coast to deploy info stealers and crypto miners on compromised systems. The Splunk Threat Research Team discovered a mass exploitation campaign from Eastern Europe targeting ISPs in China and the U.S. West Coast to deploy info stealers and crypto miners. Threat actors use weak […]
Pierluigi Paganini
March 03, 2025
Amnesty International reports that a Cellebrite zero-day exploit was used to unlock a Serbian activist’s Android phone. Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist. In a statement published on 25 February 2025, Cellebrite announced that it had blocked Serbia from using its solution after reports that police […]
Pierluigi Paganini
March 02, 2025
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware […]
Pierluigi Paganini
March 02, 2025
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day Microsoft disrupted a global cybercrime ring abusing Azure […]
Pierluigi Paganini
March 01, 2025
Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs in attacks. Microsoft discovered five vulnerabilities in the Paragon Partition Manager BioNTdrv.sys driver. The IT giant reported that one of these flaws is exploited by ransomware groups in zero-day attacks. Paragon Partition Manager, available in Community and Commercial versions, manages hard drive […]
