Pierluigi Paganini
October 12, 2021
Git GUI client GitKraken team fixed a flaw that lead to the generation of weak SSH keys, users are recommended to revoke and renew their keys. The development team behind the Git GUI client GitKraken has fixed a vulnerability that was leading to the generation of weak SSH keys. The developers addressed the flaw with […]
Pierluigi Paganini
October 12, 2021
Microsoft Azure cloud service mitigated a massive DDoS attack of 2.4 terabytes per second (Tbps) at the end of August, it is the largest DDoS attack to date. Microsoft announced that its Azure cloud service mitigated a 2.4 terabytes per second (Tbps) DDoS attack at the end of August, it represents the largest DDoS attack […]
Pierluigi Paganini
October 11, 2021
Apple released emergency updates for both iOS and iPadOS to address a zero-day flaw that is actively exploited in the wild. Apple has released iOS 15.0.2 and iPadOS 15.0.2 to address a zero-day flaw, tracked as CVE-2021-30883, that is actively exploited in the wild. The flaw is a critical memory corruption issue that resides in […]
Pierluigi Paganini
October 11, 2021
Ukrainian police arrested a cybercriminal who controlled a botnet composed of 100,000 devices that was available for rent to launch DDoS attacks. Security Service of Ukraine (SSU) has arrested a hacker who controlled a DDoS botnet composed of 100,000 devices that was available for rent. The botnet was also used for other malicious activities, including […]
Pierluigi Paganini
October 11, 2021
DEV-0343: Iran-linked threat actors are targeting US and Israeli defense technology companies leveraging password spraying attacks. Researchers at Microsoft Threat Intelligence Center (MSTIC) and Microsoft Digital Security Unit (DSU) uncovered a malicious activity cluster, tracked as DEV-0343, that is targeting the Office 365 tenants of US and Israeli defense technology companies. Threat actors are launching extensive […]
Pierluigi Paganini
October 11, 2021
The NSA issued a technical advisory to warn organizations against the use of wildcard TLS certificates and the new ALPACA TLS attack. The National Security Agency (NSA) is warning organizations against the use of wildcard TLS certificates and the new ALPACA TLS attack. A wildcard certificate is a public key certificate that can be used […]
Pierluigi Paganini
October 10, 2021
Medical device maker Medtronic recalled the remote controllers used with some of its insulin pumps because of dangerous vulnerabilities. Medical device maker Medtronic has recalled the remote controllers used with some of its insulin pumps because of they are affected by severe vulnerabilities that could lead to injury or death of the patients. An attacker can exploit the vulnerabilities […]
Pierluigi Paganini
October 10, 2021
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Previously undetected FontOnLake Linux malware used in targeted attacks Google addresses four high-severity flaws in Chrome Security […]
Pierluigi Paganini
October 10, 2021
ESET researchers spotted a previously unknown, modular Linux malware, dubbed FontOnLake, that has been employed in targeted attacks. ESET researchers spotted a previously unknown, modular Linux malware, dubbed FontOnLake, that was employed in targeted attacks on organizations in Southeast Asia. According to the experts, modules of this malware family are under development and continuously improved. […]
Pierluigi Paganini
October 09, 2021
Google has addressed a total of four high-severity vulnerabilities in the Chrome version for Windows, Mac, and Linux. Google released security updates to address a total of four high-severity vulnerabilities in the Chrome version for Windows, Mac, and Linux. The most severe vulnerability, tracked as CVE-2021-37977, is an after-free issue in Garbage Collection that could […]
