Pierluigi Paganini
April 18, 2022
A new marketplace named Industrial Spy that focuses on the sale of stolen data appeared in the threat landscape. Malware HunterTeam and Bleeping Computer reported the born of a new marketplace called Industrial Spy that sells stolen data and offers free stolen data to its members. MalwareHunterTeam researchers spotted malware samples [1, 2] that drop the […]
Pierluigi Paganini
April 18, 2022
US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added a VMware privilege escalation flaw (CVE-2022-22960) and a Google Chrome type confusion issue (CVE-2022-1364) to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: […]
Pierluigi Paganini
April 18, 2022
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing invasion that occurred in the previous weeks: April 16 – The unceasing action of Anonymous against Russia This week the Anonymous collective and its […]
Pierluigi Paganini
April 17, 2022
Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet […]
Pierluigi Paganini
April 17, 2022
GitHub reported that threat actors used stolen OAuth user tokens to exfiltrate private data from several organizations. GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. Threat actors abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, […]
Pierluigi Paganini
April 17, 2022
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. U.S. Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist The […]
Pierluigi Paganini
April 16, 2022
The U.S. government blames North Korea-linked APT Lazarus for the recent $600 million Ronin Validator cyber heist. The U.S. government attributes the recent $600 million Ronin Validator cryptocurrencty heist to the North Korea-linked APT Lazarus. The U.S. Treasury announced in a notice the sanctions against the Ethereum address used by the APT to receive the […]
Pierluigi Paganini
April 16, 2022
This week the Anonymous collective and its affiliates have targeted multiple Russian organizations stealing gigabytes of data. This week Anonymous and other hacker groups affiliated with the collective have launched multiple attacks against Russian government agencies and organizations. The week started with the announcement of the hack of Russia’s Ministry of Culture, Anonymous leaked 446 […]
Pierluigi Paganini
April 15, 2022
Threat actors are targeting Ukrainian government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite (CVE-2018-6882). Ukraine’s CERT (CERT-UA) warns of threat actors that are targeting government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite (CVE-2018-6882). “Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch […]
Pierluigi Paganini
April 15, 2022
The Conti ransomware gang has claimed responsibility for the recent attack against Nordex, one of the largest manufacturers of wind turbines. The Conti ransomware gang claimed responsibility for the cyberattack that hit the manufacturer of wind turbines Nordex on March 31, 2022. Nordex Group shut down “IT systems across multiple locations and business units” as […]
