MUST READ

ATM Jackpotting ring busted: 54 indicted by DoJ

 | 

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

 | 

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

 | 

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

 | 

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

 | 

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

 | 

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

 | 

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

 | 

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

 | 

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

 | 

SonicWall warns of actively exploited flaw in SMA 100 AMC

 | 

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

 | 

Askul data breach exposed over 700,000 records after ransomware attack

 | 

Russian state hackers targeted Western critical infrastructure for years, Amazon says

 | 

U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog

 | 

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

 | 

Hackers are exploiting critical Fortinet flaws days after patch release

 | 

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

 | 

French Interior Minister says hackers breached its email servers

 | 

U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog

 | 

Security Affairs

Pierluigi Paganini March 04, 2022
These are the sources of DDoS attacks against Russia, local NCCC warns

Russian government released a list containing IP addresses and domains behind DDoS attacks that hit Russian infrastructure after the invasion. While the conflict on the battlefield continues, hacktivists continue to target Russian infrastructure exposed online. The Russian National Coordinating Center for Computer Incidents (NCCC) released a massive list containing 17,576 IP addresses and 166 domains that were involved […]

Pierluigi Paganini March 04, 2022
Russia-Ukraine, who are the soldiers that crowd cyberspace?

While Russia is invading Ukraine, multiple forces are joining in the conflict, especially in the cyber space, let’s analyze them The analysis of the current scenario in cyberspace is not easy due to the presence of multiple threat actors and the difficulty of attributing the attacks. Security group CyberKnow shared an interesting analysis about the […]

Pierluigi Paganini March 03, 2022
Avast released a free decryptor for the HermeticRansom that hit Ukraine

Avast released a decryptor for the HermeticRansom ransomware used in recent targeted attacks against Ukrainian entities. Avast has released a free decryptor for the HermeticRansom ransomware employed in targeted attacks against Ukrainian systems since February 23. The security firms aim at helping Ukrainians victims in recovering their file for free. The HermeticRansomware was one of […]

Pierluigi Paganini March 03, 2022
75% of medical infusion pumps affected by known vulnerabilities

Researchers analyzed more than 200,000 network-connected medical infusion pumps and discovered that over 100,000 of them are vulnerable. Researchers from Palo Alto Networks have analyzed more than 200,000 medical infusion pumps on the networks of hospitals and other healthcare organizations and discovered that 75% are affected by known vulnerabilities that could be exploited by attackers. […]

Pierluigi Paganini March 03, 2022
Cisco fixed two critical flaws in Expressway, TelePresence VCS solutions

Cisco fixed critical flaws in its Expressway Series and TelePresence Video Communication Server (VCS) unified communications products. Cisco announced security patches for a couple of critical vulnerabilities, tracked as CVE-2022-20754 and CVE-2022-20755 (CVSS score of 9.0), in its Expressway Series and TelePresence Video Communication Server (VCS) unified communications products. “Multiple vulnerabilities in the API and […]

Pierluigi Paganini March 03, 2022
The Difference Between Human and Machine Identities

As digital transformation is advancing and automation is becoming an essential component of modern enterprises, collaboration between humans and machines is crucial. With this level of interaction, a new identity problem is emerging as machines operate on behalf of humans. Collaboration between humans and machines is a working reality today. Along with this comes the […]

Pierluigi Paganini March 03, 2022
Ukrainian WordPress sites under massive complex attacks

Researchers observed a spike in the attacks against Ukrainian WordPress sites since the beginning of the military invasion of the country. Cyber attacks are an important component of the military strategy against Ukraine, experts observed a spike in the attacks against Ukrainian WordPress sites since the beginning of the military invasion of the country. The […]

Pierluigi Paganini March 02, 2022
A cyberattack on Russian satellites is an act of war, the invasion of Ukraine no

Russia considers it legitimate to invade another country but warns it will consider cyberattacks on its satellites an act of war. Anonymous and the numerous hacker groups that declared war on Russia continue to target Russian government entities and private businesses. Yesterday, the hacking group Network Battalion 65 (‘NB65’) which is affiliated with Anonymous, announced to have […]

Pierluigi Paganini March 02, 2022
Popular open-source PJSIP library is affected by critical flaws

Researchers from JFrog’s Security Research team discovered five vulnerabilities in the PJSIP open-source multimedia communication library. Researchers from JFrog’s Security Research team discovered five vulnerabilities in the popular PJSIP open-source multimedia communication library. PJSIP is a communication library written in C language implementing standard-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. It […]

Pierluigi Paganini March 02, 2022
Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. Researchers from cybersecurity firm Proofpoint uncovered a spear-phishing campaign, likely conducted by a nation-state actor, that compromised a Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. The phishing messages […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Massive Android botnet Kimwolf infects millions, strikes with DDoS

Malware / December 21, 2025

ATM Jackpotting ring busted: 54 indicted by DoJ

Cyber Crime / December 20, 2025

U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog

Hacking / December 20, 2025

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

Hacking / December 20, 2025

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

Cyber Crime / December 19, 2025