Pierluigi Paganini

Pierluigi Paganini March 22, 2022
Lapsus$ extortion gang claims to have stolen sensitive data from Okta

The Lapsus$ extortion group claims to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s […]

Pierluigi Paganini March 22, 2022
Lapsus$ extortion gang leaked the source code for some Microsoft projects

The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […]

Pierluigi Paganini March 22, 2022
Serpent backdoor targets French entities with high-evasive attack chain

A new email campaign aimed at French entities leverages the Chocolatey Windows package manager to deliver the Serpent backdoor. Proofpoint researchers uncovered a targeted attack leveraging an open-source package installer Chocolatey to deliver a backdoor tracked as Serpent. The campaign targeted French entities in the construction, real estate, and government industries. Experts believe the attacks were […]

Pierluigi Paganini March 21, 2022
Lapsus$ gang claims to have hacked Microsoft source code repositories

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Over the last months, the gang compromised other prominent companies such as NVIDIA, Samsung, Ubisoft, Mercado […]

Pierluigi Paganini March 21, 2022
Italy’s data privacy watchdog investigates how Kaspersky manages Italian users’ data

Italy’s data privacy watchdog launched an investigation into the “potential risks” associated with the use of Russian antivirus software Kaspersky. Italy’s data privacy watchdog has launched an investigation into potential risks associated with the use of the Kaspersky antivirus. The Italian authority aims at verifying how the Russian company processes the data of Italian users […]

Pierluigi Paganini March 21, 2022
Hacker leaked a new version of Conti ransomware source code on Twitter

A Ukrainian security researcher has leaked more source code from the Conti ransomware operation to protest the gang’s position on the conflict. Hacker leaked a new version of the Conti ransomware source code on Twitter as retaliation of the gang’s support to Russia The attack against the Conti ransomware and the data leak is retaliation […]

Pierluigi Paganini March 20, 2022
Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the previous weeks: March 18 – China-linked threat actors are targeting the government of Ukraine Google’s TAG team revealed that China-linked APT groups are targeting Ukraine […]

Pierluigi Paganini March 20, 2022
Security Affairs newsletter Round 358 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. EU and US agencies warn that Russia could attack satellite communications networks Avoslocker ransomware […]

Pierluigi Paganini March 20, 2022
EU and US agencies warn that Russia could attack satellite communications networks

FBI, CISA, and the European Union Aviation Safety Agency (EASA) warn of possible threats to international satellite communication (SATCOM) networks. Satellite communication (SATCOM) networks are critical infrastructure for modern society, US and EU agencies warn of possible threats to them. Victor Zhora, Chief Digital Transformation Officer at the State Service of Special Communication and Information […]

Pierluigi Paganini March 19, 2022
Crooks claims to have stolen 4TB of data from TransUnion South Africa

TransUnion South Africa discloses a data breach, threat actors who stolen sensitive data, demanded a ransom payment not to release stolen data. TransUnion South Africa announced that threat actors compromised a company server based in South Africa using stolen credentials. Threat actors have stolen company data and demanded a ransom payment not to release stolen […]