Security News

Pierluigi Paganini June 15, 2024
London hospitals canceled over 800 operations in the week after Synnovis ransomware attack

NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were forced to cancel planned operations. NHS England confirmed that the recent ransomware attack on Synnovis had a severe impact of multiple London hospitals, forcing them to cancel more than hundreds of scheduled operations. Synnovis is a pathology partnership between Guy’s […]

Pierluigi Paganini June 14, 2024
DORA Compliance Strategy for Business Leaders

In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and any organizations that do business with them must comply with the Digital Operation Resilience Act, also known as DORA. This regulation from the European Union (EU) is intended […]

Pierluigi Paganini June 14, 2024
CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-32896 is an elevation of privilege vulnerability in the Pixel Firmware, which has been […]

Pierluigi Paganini June 14, 2024
City of Cleveland still working to fully restore systems impacted by a cyber attack

Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was the victim of a cyber attack and was forced to take some of its systems offline to contain the threat. The City is […]

Pierluigi Paganini June 14, 2024
Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones

Ukraine’s security service (SBU) detained two individuals accused of supporting Russian intelligence in spreading propaganda and hacking soldiers’ phones. Ukraine’s security service, the SBU, detained two individuals who are accused of supporting Russian intelligence in spreading pro-Russia propaganda. They are also accused of hacking the phones of Ukrainian soldiers. The arrests result from an investigation conducted by […]

Pierluigi Paganini June 13, 2024
Google fixed an actively exploited zero-day in the Pixel Firmware

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day. “There are indications that CVE-2024-32896 may be under limited, […]

Pierluigi Paganini June 13, 2024
Multiple flaws in Fortinet FortiOS fixed

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS and other products, including some code execution flaws. The company states that multiple stack-based buffer overflow vulnerabilities in the command line interpreter of FortiOS [CWE-121], collectively tracked as CVE-2024-23110 (CVSS score of […]

Pierluigi Paganini June 12, 2024
CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-4610 is a use-after-free issue issue that impacts Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) and Valhall […]

Pierluigi Paganini June 12, 2024
Ukraine Police arrested a hacker who developed a crypter used by Conti and LockBit ransomware operation

The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (28) for his role in developing a crypter used in Conti and LockBit ransomware operations. The man was arrested in Kyiv on April 18, 2024, as part of […]

Pierluigi Paganini June 12, 2024
JetBrains fixed IntelliJ IDE flaw exposing GitHub access tokens

JetBrains warned to fix a critical vulnerability in IntelliJ integrated development environment (IDE) apps that exposes GitHub access tokens. JetBrains warned customers to address a critical vulnerability, tracked as CVE-2024-37051, that impacts users of its IntelliJ integrated development environment (IDE) apps and exposes GitHub access tokens. The flaw impacts IntelliJ-based IDEs version 2023.1 and later, […]