Pierluigi Paganini
July 15, 2022
Researchers spotted a massive campaign that scanned close to 1.6 million WordPress sites for vulnerable Kaswara Modern WPBakery Page Builder Addons. The Wordfence Threat Intelligence team observed a sudden increase in attacks targeting the Kaswara Modern WPBakery Page Builder Addons. Threat actors are attempting to exploit an arbitrary file upload vulnerability tracked as CVE-2021-24284. The […]
Pierluigi Paganini
July 15, 2022
Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. The Holy Ghost ransomware gang has been active since June 2021 and it conducted ransomware […]
Pierluigi Paganini
July 15, 2022
Cyble researchers warn of three new ransomware operations named Lilith, RedAlert and 0mega targeting organizations worldwide. Researchers from threat intelligence firm Cyble warn of new ransomware gangs that surfaced recently, named Lilith, RedAlert, and 0mega. RedAlert (aka N13V) targets both Windows and Linux VMWare ESXi servers of target organizations. The name RedAlert comes after a string […]
Pierluigi Paganini
July 14, 2022
The largest HTTPS DDoS attack recently mitigated by Cloudflare was launched by the Mantis botnet. In June 2022, DDoS mitigation firm Cloudflare announced it has mitigated the largest HTTPS DDoS attack that was launched by a botnet they have called Mantis. The Mantis botnet generated 26 million request per second using approximately 5000 hijacked virtual […]
Pierluigi Paganini
July 14, 2022
Researchers warn of a new vulnerability, dubbed Retbleed, that impacts multiple older AMD and Intel microprocessors. ETH Zurich researchers Johannes Wikner and Kaveh Razavi discovered a new vulnerability, dubbed Retbleed, that affects multiple older AMD and Intel microprocessors. An attacker can exploit the flaw to bypass current defenses and perform in Spectre-based attacks. The Retbleed vulnerability is tracked as […]
Pierluigi Paganini
July 14, 2022
Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak to WikiLeaks. The former CIA programmer Joshua Schulte (33) was found guilty in New York federal court of stealing the agency’s hacking tools and leaking them to WikiLeaks in 2017. The huge trove of data, […]
Pierluigi Paganini
July 14, 2022
VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048, in vCenter Server IWA mechanism. VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048 (CVSSv3 base score of 7.1.), in vCenter Server ‘s IWA (Integrated Windows Authentication) mechanism after eight months since its disclosure. The vulnerability can be exploited by an attacker with non-administrative […]
Pierluigi Paganini
July 13, 2022
Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The malware spreads via malspam campaigns, it inserts replies in active email threads. The threat continues to […]
Pierluigi Paganini
July 13, 2022
IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product models. The multinational technology company Lenovo released security fixes to address three vulnerabilities that reside in the UEFI firmware shipped with over 70 product models, including several ThinkBook models. A remote attacker can trigger these […]
Pierluigi Paganini
July 13, 2022
A large-scale phishing campaign used adversary-in-the-middle (AiTM) phishing sites to hit more than 10,000 organizations Microsoft observed a large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and bypass the authentication process even when the victim has enabled the MFA. In AiTM phishing, threat actors set up a proxy […]
