Security News

Pierluigi Paganini March 01, 2024
Crooks stole €15 Million from European retail company Pepco

Crooks stole €15.5 million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been the victim of a phishing attack, crooks stole about 15 million euros ($16.3 million). The group operates three distribution lines: Poundland in the United Kingdom, Dealz in […]

Pierluigi Paganini March 01, 2024
CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. An attacker can exploit this vulnerability to gain SYSTEM privileges. […]

Pierluigi Paganini February 29, 2024
Researchers found a zero-click Facebook account takeover

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow. […]

Pierluigi Paganini February 29, 2024
New SPIKEDWINE APT group is targeting officials in Europe

A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously unknown threat actor dubbed SPIKEDWINE has been observed targeting European officials. The cyberspies used a bait PDF document masqueraded as an invitation letter from the Ambassador of India, inviting diplomats to a wine-tasting […]

Pierluigi Paganini February 29, 2024
Is the LockBit gang resuming its operation?

Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully recovered its operations following the recent law enforcement initiative, code-named Operation Cronos, which aimed to disrupt its activities. Researchers from Zscaler first observed the ransomware group […]

Pierluigi Paganini February 29, 2024
Lazarus APT exploited zero-day in Windows driver to gain kernel privileges

North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver.  The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February […]

Pierluigi Paganini February 28, 2024
Pharmaceutical giant Cencora discloses a data breach

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Cencora, Inc., formerly known as AmerisourceBergen, is an American drug wholesale company and a contract research organization that was formed by the merger of Bergen Brunswig and AmeriSource in 2001. […]

Pierluigi Paganini February 28, 2024
Unmasking 2024’s Email Security Landscape

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert […]

Pierluigi Paganini February 28, 2024
Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber […]

Pierluigi Paganini February 27, 2024
Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs

New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recently disclosed vulnerabilities, tracked as CVE-2024-1709 (CVSS score of 10) and CVE-2024-1708 (CVSS score of 8.4), in the ConnectWise ScreenConnect software. ConnectWise recently warned of the following two critical vulnerabilities in […]