Pierluigi Paganini
May 13, 2022
Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. The issue was discovered […]
Pierluigi Paganini
May 13, 2022
Iranian group used Bitlocker and DiskCryptor in a series of attacks targeting organizations in Israel, the US, Europe, and Australia. Researchers at Secureworks Counter Threat Unit (CTU) are investigating a series of attacks conducted by the Iran-linked COBALT MIRAGE APT group. The threat actors have been active since at least June 2020 and are linked […]
Pierluigi Paganini
May 12, 2022
Researchers spotted a new remote access trojan, named Nerbian RAT, which implements sophisticated evasion and anti-analysis techniques. Researchers from Proofpoint discovered a new remote access trojan called Nerbian RAT that implements sophisticated anti-analysis and anti-reversing capabilities. The malware spreads via malspam campaigns using COVID-19 and World Health Organization (WHO) themes. The name of the RAT […]
Pierluigi Paganini
May 12, 2022
Researchers uncovered a massive hacking campaign that compromised thousands of WordPress websites to redirect visitors to scam sites. Cybersecurity researchers from Sucuri uncovered a massive campaign that compromised thousands of WordPress websites by injecting malicious JavaScript code that redirects visitors to scam content. The infections automatically redirect site visitors to third-party websites containing malicious content […]
Pierluigi Paganini
May 12, 2022
Experts at TIM research laboratory, Red Team Research (RTR), have disclosed a couple of bugs affecting F5 Traffix SDC. Among these 45 bugs fixed by the well-known manufacturer of computer security systems, 2 were detected by TIM research laboratory, Red Team Research (RTR), as part of the bug hunting activities, on the F5® Traffix® Signaling […]
Pierluigi Paganini
May 11, 2022
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known […]
Pierluigi Paganini
May 11, 2022
The European Union condemns the cyberattacks conducted by Russia against Ukraine, which targeted the satellite KA-SAT network. The European Union accused Russia of the cyberattack that hit the satellite KA-SAT network in Ukraine, operated by Viasat, on February 24. This cyberattack caused communication outages and disruptions in Ukraine, it also impacted several EU Member States. 5,800 […]
Pierluigi Paganini
May 10, 2022
Microsoft disclosed a now-fixed vulnerability in Azure Synapse and Azure Data Factory that could have allowed remote code execution. Microsoft announced to have addressed a critical remote code execution flaw, tracked as CVE-2022-29972 and named SynLapse, affecting Azure Synapse and Azure Data Factory. The vulnerability was discovered by researchers from Orca Security and resides in […]
Pierluigi Paganini
May 10, 2022
Hacktivists yesterday defaced the Russian TV with pro-Ukraine messages and took down the RuTube video streaming site. Hacktivists and white hat hackers continue to support Ukraine against the Russian invasion, in a recent attack, they defaced Russian TV with anti-war messages and took down the RuTube video streaming site. The attack took place during Russia’s […]
Pierluigi Paganini
May 10, 2022
Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting the critical remote code execution vulnerability, tracked as CVE-2022-1388, affecting F5 BIG-IP. Last week security and application delivery solutions provider F5 released its security notification to inform customers that it has released security updates from tens of vulnerabilities in its […]
