Pierluigi Paganini
May 07, 2019
Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Turla group (also known as Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting government […]
Pierluigi Paganini
May 07, 2019
Early April, experts at Yoroi-Cybaze ZLab spotted a new interesting malware sample, likely active since 2017, that was linked to ATMitch attacks. In the first days of April, our threat monitoring operations spotted a new interesting malware sample possibly active in the wild since 2017. Its initial triage suggests it may be part of an […]
Pierluigi Paganini
May 07, 2019
China-linked APT group tracked as APT3 was using a tool attributed to the NSA-linked Equation Group more than one year prior to Shadow Brokers leak. China-linked APT group tracked as APT3 (aka Buckeye, APT3, UPS Team, Gothic Panda, and TG-0110) was using a tool attributed to the NSA-linked Equation Group more than one year prior […]
Pierluigi Paganini
May 07, 2019
Experts at security firm Sophos discovered a new strain of ransomware dubbed MegaCortex that is targeting corporate networks. Security experts at Sophos discovered a new piece of ransomware dubbed MegaCortex that is targeting corporate networks. MegaCortex attacks were already reported in the United States, Italy, Canada, France, the Netherlands, and Ireland. “A new ransomware that […]
Pierluigi Paganini
May 07, 2019
ICS-CERT is warning of several vulnerabilities in the GE Communicator software, including hardcoded credentials and privilege escalation bugs. ICS-CERT is warning of five flaws affecting the GE Communicator software, including privilege escalation issues and hardcoded credentials GE Communicator is a is a user-friendly software for programming and monitoring supported metering devices. The software allows users […]
Pierluigi Paganini
May 06, 2019
Ankit Anubhav, a principal researcher at NewSky Security, explained how to exploit a vulnerability in the Mirai bot to crash it. Ankit Anubhav, a principal researcher at NewSky, explained how to exploit a trivial bug in the code of the Mirai bot, which is present in many of its variants, to crash it. The expert […]
Pierluigi Paganini
May 06, 2019
Sierra Wireless is warning its customers that additional AiraLink router models are affected by critical vulnerabilities previously disclosed. At the end of April, experts at Cisco Talos group disclosed a dozen of vulnerabilities in Sierra Wireless AirLink gateways and routers, including several serious flaws. Sierra Wireless AirLink gateways and routers are widely used in enterprise […]
Pierluigi Paganini
May 06, 2019
Israel Defense Forces (IDF) launched a physical attack on Hamas It could be the first time that a state responds with a conventional strike to a cyber attack. The Israel Defense Forces (IDF) has launched a physical attack on Hamas in response to an alleged cyber attack. A strike launched by Israeli forces targeted a […]
Pierluigi Paganini
May 06, 2019
Security experts at Proofpoint warn of the resurfacing of the Retefe banking Trojan that implements new techniques to avoid detection. The Retefe banking Trojan resurfaces in that threat landscape and implements new techniques to avoid detection. The new variant resurfaced in April, it uses the stunnel encrypted tunneling mechanism and abuses a legitimate shareware app. […]
Pierluigi Paganini
May 05, 2019
Tor users noticed that the NoScript and HTTPS-Everywhere add-ons were disabled in the Tor browser, what’s happened? A few days ago millions of users discovered that Mozilla Add-ons were disabled and they were not able to re-activate or re-install them. The issue was caused by an expired intermediary certificate used to digitally sign Mozilla add-ons. […]
Security / December 19, 2025
