Pierluigi Paganini
March 11, 2023
US CISA added an actively exploited vulnerability in VMware’s Cloud Foundation to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in VMware’s Cloud Foundation, tracked as CVE-2021-39144 (CVSS score: 9.8), to its Known Exploited Vulnerabilities Catalog. The remote code execution vulnerability resides in the XStream open-source library. Unauthenticated attackers […]
Pierluigi Paganini
March 10, 2023
An international law enforcement operation seized the infrastructure associated with the NetWire RAT and resulted in the arrest of its administrator. A coordinated international law enforcement operation resulted in the seizure of the infrastructure associated with the NetWire RAT, the police also arrested its administrator. Law enforcement seized the website www.worldwiredlabs[.]com and its alleged administrator, […]
Pierluigi Paganini
March 10, 2023
AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. CPNI is information related to the telecommunications services purchased by the customers, including the […]
Pierluigi Paganini
March 10, 2023
Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on. Original post at: https://cybernews.com/security/bmw-exposes-italy-clients/ Hackers have been enjoying their fair share of the spotlight by breaching car manufacturers’ defenses. The latest Cybernews discovery showcases that popular car brands sometimes leave their doors open, as if inviting […]
Pierluigi Paganini
March 09, 2023
Akamai has mitigated the largest DDoS (distributed denial of service) attack ever, which peaked at 900.1 gigabits per second. Akamai reported that on February 23, 2023, at 10:22 UTC, it mitigated the largest DDoS attack ever. The attack traffic peaked at 900.1 gigabits per second and 158.2 million packets per second. The record-breaking DDoS was launched against a […]
Pierluigi Paganini
March 09, 2023
Alleged China-linked threat actors infected unpatched SonicWall Secure Mobile Access (SMA) appliances with a custom backdoor. Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. The malware allows attackers to steal user credentials, achieve persistence through firmware upgrades, and provides shell access. The analysis of a […]
Pierluigi Paganini
March 09, 2023
The recently discovered Windows ransomware IceFire now also targets Linux enterprise networks in multiple sectors. SentinelLabs researchers discovered new Linux versions of the recently discovered IceFire ransomware that was employed in attacks against several media and entertainment organizations worldwide. The ransomware initially targeted only Windows-based systems, with a focus on technology companies. IceFire was first detected in […]
Pierluigi Paganini
March 09, 2023
A threat actor tracked as 8220 Gang has been spotted using a new crypter called ScrubCrypt in cryptojacking campaigns. Fortinet researchers observed the mining group 8220 Gang using a new crypter called ScrubCrypt in cryptojacking attacks. “Between January and February 2023, FortiGuard Labs observed a payload targeting an exploitable Oracle Weblogic Server in a specific […]
Pierluigi Paganini
March 09, 2023
CloudBees vulnerabilities in the Jenkins open-source automation server can be exploited to achieve code execution on targeted systems. Researchers from cloud security firm Aqua discovered a chain of two vulnerabilities in the Jenkins open-source automation server that could lead to code execution on targeted systems. Jenkins is the most popular open source automation server, it is […]
Pierluigi Paganini
March 08, 2023
Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked as CVE-2023-25610 (CVSS v3 9.3), that resides in the administrative interface in FortiOS and FortiProxy. A remote, unauthenticated attacker can exploit the vulnerability to execute arbitrary […]
APT / February 05, 2026
