MUST READ

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

 | 

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Fintech firm Figure disclosed data breach after employee phishing attack

 | 

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

 | 

Suspected Russian hackers deploy CANFAIL malware against Ukraine

 | 

New threat actor UAT-9921 deploys VoidLink against enterprise sectors

 | 

Attackers exploit BeyondTrust CVE-2026-1731 within hours of PoC release

 | 

Google: state-backed hackers exploit Gemini AI for cyber recon and attacks

 | 

U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog

 | 

Odido confirms massive breach; 6.2 Million customers impacted

 | 

ApolloMD data breach impacts 626,540 people

 | 

LummaStealer activity spikes post-law enforcement disruption

 | 

Apple fixed first actively exploited zero-day in 2026

 | 

Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass

 | 

Volvo Group hit in massive Conduent data breach

 | 

Reynolds ransomware uses BYOVD to disable security before encryption

 | 

SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning

 | 

U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog

 | 

Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days

 | 

ZeroDayRAT spyware grants attackers total access to mobile devices

 | 

malware

Pierluigi Paganini December 01, 2011
“Mobile” intrigue … A prying eyes to carry around …

Let we use these ingredients to start some serious reflection on safety issues related to mobile devices: Robust growth in the mobile market, accompanied by technological advances that have made ​​these devices real PC. No awareness of those who use mobile terminals in relation to threats that they face. 2011 years of overtaking sales of […]

Pierluigi Paganini November 29, 2011
From printers to ovens … next step hack our brains.

Are we able to ensure that every peripherals connected to our computers and present in our offices is proof of attack? The first answer will be … “sure”.  We observe same problem with our household appliance that are being more intelligent. The evolution of automation and technology push in the direction of making each device available on the network. This is open up new and interesting  hacking scenarios.  In this days I have read a news on a web […]

Pierluigi Paganini November 26, 2011
Cloud…a long journey towards a secure paradigm

When I discussed with many colleagues regarding cloud paradigm most of them smiled declaring that we face yet another found marketing to sell a methodology, known for at least a decade, under new and more appealing clothes. Indeed many of the concepts behind the cloud  approach have little innovative, but the evolutionary push to the […]

Pierluigi Paganini November 25, 2011
How much cost malware production? Which are the processes for the production of virus? (Part.1)

It is clear that the question awaits an answer deterministic, but an assessment of the main factors that influence the “final expense”. My idea is to understand what is the magnitude of the phenomenon and the costs related to a not necessarily familiar audience .  The goal is to raise awareness in the process of developing malware, and its costs. What is the purpose of the malware and how it affects the final cost? Is there a direct relationship between cost and purpose? Is there a relationship between the cost […]

Pierluigi Paganini November 24, 2011
Water utilities hacked … another SCADA system attack

The SCADA systems at the Water utilities in Illinois were hacked by a malicious attacker. “the SCADA system was powered on and off, burning out a water pump.” This is what the hacker has posted  giving proof of a direct compromise of the SCADA systems at this water utility confirming that there was actual damage. […]

Pierluigi Paganini November 22, 2011
Massive DNS poisoning: What happened to brazilian ISPs?

What is purpose for DNS cache poisoning attacks? DNS cache poisoning is an  attack methodology used to compromise in the Domain Name System and is made introduceding data artifacts into a DNS name server’s cache database that did not originate from authoritative sources. Consider that the domain name server translates a domain name into an specific […]

Pierluigi Paganini November 18, 2011
Duqu … Do we really know the enemy?

In recent months we have read many reports related the analysis of the famous malware  and different assumptions about its genesis. Who designed the malicious agent? For what purpose? What features of Duqu we know? How can protect our structure from this threat? Let’s approach the questions step by step talking about its origin, on which much has been discussed. Comparing Stuxnet to Duqu Many researcher indicate that Stuxnet is the progenitor of the Duqu, both […]

Pierluigi Paganini November 09, 2011
On demand Calling service for cybercriminals growing

Trusteer Researchers have found a professional calling service that has been designed for cybercriminals needs. The service is organized to offer the extraction of sensitive information needed for bank fraud and identity theft from individuals. The security company Trusteer has discovered an advertisement for making targeted call calls in different languages to private individuals, banks, […]

Pierluigi Paganini November 06, 2011
Hacked MIT Server Used to Stage Attacks, Scan for Vulnerabilities

Bitdefender reseachers have discovered a number of brute force attacks against several web site. The attacks have been done using a server at the Massachusetts Institute of Technology (MIT). The hacking attack against the MIT.edu infrastructure started with a malicious script on one MIT server.  One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used […]

Pierluigi Paganini November 06, 2011
New variants of the DevilRobber Mac OS X TrojanFound in Trojaned Apps Are Stealing Data

Mac malware has been making some headlines in the last few months, as attackers have begun applying to OS X some of the tactics they’ve been using on Windows for decades. Security analysts have discovered several variants of the DevilRobber Mac OS X Trojan, the last one is also able to steal files, installs a […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 84

Malware / February 15, 2026

Security Affairs newsletter Round 563 by Pierluigi Paganini – INTERNATIONAL EDITION

Security / February 15, 2026

Fintech firm Figure disclosed data breach after employee phishing attack

Data Breach / February 14, 2026

U.S. CISA adds a flaw in BeyondTrust RS and PRA to its Known Exploited Vulnerabilities catalog

Breaking News / February 14, 2026

Suspected Russian hackers deploy CANFAIL malware against Ukraine

Hacking / February 14, 2026