MUST READ

FBI seized ‘web3adspanels.org’ hosting stolen logins

 | 

U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns

 | 

Italian regulator rules Apple’s ATT feature limits competition

 | 

La Poste outage after a cyber attack disrupts digital banking and online services

 | 

Red Hat GitLab breach exposes data of 21,000 Nissan customers

 | 

Critical n8n flaw could enable arbitrary code execution

 | 

Why Third-Party Access Remains the Weak Link in Supply Chain Security

 | 

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

 | 

Romanian Waters confirms cyberattack, critical water operations unaffected

 | 

Ukrainian hacker pleads guilty to Nefilim Ransomware attacks in U.S.

 | 

Infy Returns: Iran-linked hacking group shows renewed activity

 | 

University of Sydney discloses a data breach impacting 27,000 people

 | 

Waymo suspends service after power outage hit San Francisco

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 76

 | 

Security Affairs newsletter Round 555 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

Pierluigi Paganini

Pierluigi Paganini September 19, 2019
Emotet is back, it spreads reusing stolen email content

Emotet is back, its operators leverage a recently introduced spear-phishing technique to deliver their malware, they are hijacking legitimate email conversations. In 2019, security experts haven’t detected any activity associated with Emotet since early April, when researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and […]

Pierluigi Paganini September 19, 2019
Smominru Botnet continues to rapidly spread worldwide

Researchers at Guardicore Labs reported that the Smominru botnet is rapidly spreading and now is already infecting over 90,000 machines each month around worldwide. In February 2018, researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. According to the […]

Pierluigi Paganini September 18, 2019
More than 737 million medical radiological images found on open PACS servers

Researchers at Greenbone Networks vulnerability analysis and management company discovered 400 Million medical radiological images exposed online via unsecured PACS servers. The experts at Greenbone Networks vulnerability analysis and management company discovered 600 unprotected servers exposed online that contained medical radiological images. The research was conducted between mid-July 2019 and early September 2019. The unprotected […]

Pierluigi Paganini September 18, 2019
Memory corruption flaw in AMD Radeon driver allows VM escape

Experts at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that could lead to VM escape. Researchers at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that be exploited by an attacker to escale the VM and execute code on the host. This flaw affects […]

Pierluigi Paganini September 18, 2019
Skidmap Linux miner leverages kernel-mode rootkits to evade detection

Trend Micro researchers spotted a piece of Linux cryptocurrency miner, dubbed Skidmap that leverages kernel-mode rootkits to evade the detection. Skidmap is a new piece of crypto-miner detected by Trend Micro that target Linux machines, it uses kernel-mode rootkits to evade the detection. This malware outstands similar miners because of the way it loads malicious […]

Pierluigi Paganini September 17, 2019
Australia is confident that China was behind attack on parliament, political parties

Australia ‘s intelligence is sure that China is behind the cyberattacks that hit its parliament and political parties, but decided to not publicly accuse it. According to the Reuters agency, Australia’s intelligence has evidence that the attacks that hit its parliament and political parties were orchestrated by China. Anyway the Australian government decided to not […]

Pierluigi Paganini September 17, 2019
Experts warn of the exposure of thousands of Google Calendars online

The news is shocking, thousands of Google Calendars are leaking private information posing a severe threat to the privacy of the users. Thousands of Google Calendars are leaking private information online threatening the privacy of the users. Google Calendar has more than q billion users that can potentially expose their private affairs due to the […]

Pierluigi Paganini September 17, 2019
Backup files for Lion Air and parent airlines exposed and exchanged on forums

Tens of millions of records belonging to passengers of two airline companies owned by Lion Air have been exposed and exchanged on forums. Data belonging to passengers of two airline companies owned by Lion Air have been exposed and exchanged on forums. The information was left exposed online on an unsecured Amazon bucket, the records […]

Pierluigi Paganini September 17, 2019
Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Researchers discovered many flaws in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. Security experts have discovered multiple vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. The research is part of a project dubbed SOHOpelessly Broken 2.0 conducted Independent Security Evaluators (ISE). In […]

Pierluigi Paganini September 17, 2019
Fraudulent purchases of digitals certificates through executive impersonation

Experts at ReversingLabs spotted a threat actor buying digital certificates by impersonating legitimate entities and then selling them on the black market. Researchers at ReversingLabs have identified a new threat actor that is buying digital certificates by impersonating company executives, and then selling them on the black market. The experts discovered that digital certificates are then […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

FBI seized ‘web3adspanels.org’ hosting stolen logins

Cyber Crime / December 24, 2025

U.S. Federal Communications Commission (FCC) bans foreign-made drones over national security concerns

Laws and regulations / December 24, 2025

Italian regulator rules Apple’s ATT feature limits competition

Laws and regulations / December 24, 2025

La Poste outage after a cyber attack disrupts digital banking and online services

Security / December 24, 2025

Red Hat GitLab breach exposes data of 21,000 Nissan customers

Data Breach / December 23, 2025