Pierluigi Paganini
June 18, 2022
The U.S. Department of Justice (DoJ) announced to have shut down the infrastructure associated with the Russian botnet RSOCKS. The U.S. Department of Justice (DoJ) announced to have shut down the infrastructure associated with the Russian botnet RSOCKS as part of an international police operation that involved law enforcement partners from Germany, the Netherlands, and […]
Pierluigi Paganini
June 18, 2022
Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers spotted a new strain of Android malware, named Malibot, that is targeting online banking and cryptocurrency wallet customers in Spain and Italy. The experts documented attacks against multiple banks, including UniCredit, Santander, CaixaBank, and CartaBCC. […]
Pierluigi Paganini
June 17, 2022
China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. Volexity researchers discovered that the zero-day vulnerability, tracked as CVE-2022-1040, in Sophos Firewall was exploited by Chinese threat actors to compromise a company and cloud-hosted web servers it was operating. The vulnerability was exploited by […]
Pierluigi Paganini
June 16, 2022
The BlackCat ransomware gang is targeting unpatched Exchange servers to compromise target networks, Microsoft warns. Microsoft researchers have observed BlackCat ransomware gang targeting unpatched Exchange servers to compromise organizations worldwide. The compromise of Exchange servers allows threat actors to access the target networks, perform internal reconnaissance and lateral movement activities, and steal sensitive documents before encrypting them. “For example, […]
Pierluigi Paganini
June 16, 2022
ALPHV/BlackCat ransomware group began publishing victims’ data on the clear web to increase the pressure on them and force them to pay the ransom. ALPHV/BlackCat ransomware group has adopted a new strategy to force victims into paying the ransom, the gang began publishing victims’ data on the clear web to increase the pressure. Publishing data online will […]
Pierluigi Paganini
June 16, 2022
Cisco addressed a critical bypass authentication flaw in Cisco Email Security Appliance (ESA) and Secure Email and Web Manager. Cisco addressed a critical bypass authentication vulnerability affecting Email Security Appliance (ESA) and Secure Email and Web Manager. The flaw, tracked as CVE-2022-20798 (CVSS score 9.8), can be exploited by an unauthenticated, remote attacker to bypass […]
Pierluigi Paganini
June 16, 2022
Researchers at antivirus firm Dr. Web discovered malware in the Google Play Store that was downloaded two million times. An investigation conducted by the antivirus firm Dr. Web in May resulted in the discovery of multiple adware and information-stealing malware on the official Google Play Store. However, the experts warn that info-stealing Trojans are the […]
Pierluigi Paganini
June 15, 2022
Hertzbleed attack: Researchers discovered a new vulnerability in modern Intel and AMD chips that could allow attackers to steal encryption keys. Researchers from University of Texas, University of Illinois Urbana-Champaign, and the University of Washington, devised a new side-channel attack technique dubbed Hertzbleed that could allow remote attackers to steal encryption keys from modern Intel […]
Pierluigi Paganini
June 15, 2022
Citrix fixed a critical flaw in Citrix Application Delivery Management (ADM), tracked as CVE-2022-27511, that can allow attackers to reset admin passwords. Citrix fixed a critical vulnerability in Citrix Application Delivery Management (ADM), tracked as CVE-2022-27511, that can be exploited by attackers to reset admin passwords. Citrix Application Delivery Management (ADM) is a comprehensive platform […]
Pierluigi Paganini
June 15, 2022
Researchers discovered a new Golang-based peer-to-peer (P2P) botnet, dubbed Panchan, targeting Linux servers in the education sector since March 2022. Akamai security researchers discovered a new Golang-based P2P Botnet, tracked as Panchan, that is targeting Linux servers that has been active since March 2022. Panchan uses basic SSH dictionary attack to implement wormable behavior, it also […]
