Pierluigi Paganini
June 03, 2022
Microsoft blocked an attack activity aimed at Israeli organizations attributed to a previously unknown Lebanon-based hacking group tracked as POLONIUM. Microsoft announced to have blocked a series of attacks targeting Israeli organizations that have been conducted by a previously unknown Lebanon-based hacking group tracked as POLONIUM. POLONIUM has targeted or compromised more than 20 Israeli […]
Pierluigi Paganini
June 02, 2022
LockBit ransomware gang claimed responsibility for an attack against the electronics manufacturing giant Foxconn that impacted production in Mexico The electronics manufacturing giant Foxconn confirmed that its production plant in Tijuana (Mexico) has been impacted by a ransomware attack in late May. The LockBit ransomware gang claimed responsibility for an attack and announced that it […]
Pierluigi Paganini
June 02, 2022
The analysis of the internal chats of the Conti ransomware group revealed the gang was working on firmware attack techniques. The analysis of Conti group’s chats, which were leaked earlier this year, revealed that the ransomware gang has been working on firmware attack techniques. An attack against firmware could give threat actors significant powers, they are hard to […]
Pierluigi Paganini
June 02, 2022
A remote code execution vulnerability in the open-source Horde Webmail client can allow to take over servers by sending a specially crafted email. Researchers from SonarSource discovered a remote code execution vulnerability (CVE-2022-30287) in the open-source Horde Webmail client. Horde Webmail allows users to manage contacts, the flaw could be exploited by an authenticated user […]
Pierluigi Paganini
June 01, 2022
A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure. Researchers from Check Point have discovered a new version of the XLoader botnet, which implements significant enhancements, such as a new technique to obscure the Command and Control infrastructure XLoader has been observed since 2020, it […]
Pierluigi Paganini
June 01, 2022
Researchers uncovered 3.6M accessible MySQL servers worldwide that represent a potential attack surface for their owners. Researchers from Shadow Server scanned the internet for publicly accessible MySQL server instances on port 3306/TCP and uncovered 3.6M installs worldwide responding to their queries. These publicly accessible MySQL server instances represent a potential attack surface for their owners. “These are instances that respond to our […]
Pierluigi Paganini
June 01, 2022
A China-linked APT group is actively exploiting the recently disclosed Follina zero-day flaw in Microsoft Office in attacks in the wild. China-linked APT group TA413 has been observed exploiting the recently disclosed Follina zero-day flaw (tracked as CVE-2022-30190 and rated CVSS score 7.8) in Microsoft Office in attacks in the wild. This week, the cybersecurity researcher nao_sec discovered a malicious Word […]
Pierluigi Paganini
June 01, 2022
Costa Rican Social Security Fund, Costa Rica ‘s public health service, was hit by a Hive ransomware attack. Costa Rican Social Security Fund, Costa Rica ‘s public health service (aka CCCS), was hit today by a Hive ransomware attack, BleepingComputer reported. The attack occurred early this morning, Tuesday, May 31, 2022. The authorities are investigating […]
Pierluigi Paganini
May 31, 2022
SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. Researchers from Kaspersky have analyzed the activity of an aggressive threat actor tracked as SideWinder (aka RattleSnake and T-APT-04). The group stands out for the high frequency and persistence of its attacks, researchers believe that the […]
Pierluigi Paganini
May 31, 2022
Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows […]
Security / December 19, 2025
