Pierluigi Paganini
November 15, 2021
Threat actors stole PS5 root keys using kernel exploits demonstrating the need to improve the security of the popular gaming console. Threat actors stole Sony PS5 root keys from the popular gaming console using two exploits for kernel vulnerabilities. The two exploits weren’t disclosed to the company, the hackers published both exploits on Twitter on […]
Pierluigi Paganini
November 15, 2021
ENISA analyzed the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the NIS Directive. The European Union Agency for Cybersecurity (ENISA) published an analysis of the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the NIS Directive. An attack […]
Pierluigi Paganini
November 14, 2021
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email servers of the FBI were hacked to distribute spam email impersonating the Department of Homeland Security (DHS) warnings of fake sophisticated chain attacks from an advanced threat actor. The message tells the recipients that their […]
Pierluigi Paganini
November 14, 2021
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to increase resilience to ransomware attacks. The US Federal Trade Commission (FTC) published guidance for small businesses on how to protect their networks from ransomware attacks. The FTC suggests two steps small businesses can take to bolster their resilience against ransomware […]
Pierluigi Paganini
November 14, 2021
The Threat Report Portugal: Q3 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q3, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is also supported by a […]
Pierluigi Paganini
November 13, 2021
Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. GravityRAT was first spotted by Cisco Talos researchers in 2017 who speculate it remained under the radar for at least a […]
Pierluigi Paganini
November 13, 2021
Chipmakers Intel and AMD addressed several vulnerabilities in their products, including high-risk issues in software drivers. Intel and AMD released patches to address multiple security vulnerabilities in multiple products, including high-severity flaws in software drivers. Intel published 25 advisories impacting Intel Core i5-8305G and i7-8706G processors, and the Intel graphics driver for Windows 10 64-bit for […]
Pierluigi Paganini
November 13, 2021
Costco Wholesale Corporation discloses a data breach, threat actors had access to customers’ payment card information. Retail giant Costco Wholesale Corporation notified its customers of a data breach that might have exposed their payment card information. Data was allegedly exposed while customers were shopping at one of its stores. Costco discovered the security breach after […]
Pierluigi Paganini
November 12, 2021
Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features. The malicious payloads are delivered via encoded […]
Pierluigi Paganini
November 12, 2021
Wiz Research Team disclosed technical details about the discovery of the ChaosDB vulnerability in Azure Cosmos DB database solution. In August, 2021 the Wiz Research Team disclosed ChaosDB – a severe vulnerability in the popular Azure Cosmos DB database solution that allowed for complete, unrestricted access to the accounts and databases of several thousand Microsoft […]
