Pierluigi Paganini
July 17, 2024
Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void Banshee was spotted exploiting the Windows zero-day CVE-2024-38112 (CVSS score of 7.5) to execute code through the disabled Internet Explorer. The vulnerability is a Windows MSHTML Platform Spoofing Vulnerability. Successful exploitation of […]
Pierluigi Paganini
July 17, 2024
Microsoft said that in Q2 2024, the Octo Tempest cybercrime gang added RansomHub and Qilin ransomware to its arsenal. In the second quarter of 2024, financially motivated threat actor Octo Tempest (aka Scattered Spider, UNC3944, and 0ktapus), added RansomHub and Qilin ransomware to its arsenal and used them in its campaigns. Octo Tempest has been active […]
Pierluigi Paganini
July 16, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OSGeo GeoServer GeoTools eval injection vulnerability, tracked as CVE-2024-36401 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. GeoServer is an open-source server that allows […]
Pierluigi Paganini
July 16, 2024
Kaspersky is leaving the U.S. market following the recent ban on the sales of its software imposed by the Commerce Department. Russian cybersecurity firm Kaspersky announced its exit from the U.S. market following the ban on the sale of its software in the country by the Commerce Department. In June, the Biden administration announced it […]
Pierluigi Paganini
July 16, 2024
The FBI gained access to the password-protected phone of the suspect in the assassination attempt on Donald Trump. The independent website 404 Media first reported that the FBI had successfully accessed the password-protected phone of Thomas Matthew Crooks, the deceased suspect in the assassination attempt on Donald Trump. “FBI technical specialists successfully gained access to […]
Pierluigi Paganini
July 15, 2024
Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) impacts the Veeam Backup & Replication component. An attacker can exploit the issue to obtain encrypted credentials stored in the configuration database, potentially leading to gaining access to the backup infrastructure hosts. […]
Pierluigi Paganini
July 15, 2024
Wired attributes the recently disclosed AT&T data breach to a hacker living in Turkey and reported the company paid a $370,000 ransom. An American hacker who lives in Turkey claimed responsibility for the recently disclosed AT&T data breach. The man also said the company paid a ransom to ensure that stolen data would be deleted, […]
Pierluigi Paganini
July 15, 2024
Cybersecurity researchers detailed a new version of the HardBit ransomware that supports new obfuscation techniques to avoid detection. The new version (version 4.0) of the HardBit ransomware comes with the Binary Obfuscation Enhancement with passphrase protection. The ransomware requires the passphrase to be entered at runtime to be executed. Furthermore, additional obfuscation complicates the analysis […]
Pierluigi Paganini
July 15, 2024
A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details about a DarkGate malware campaign from March-April 2024. Threat actors used Microsoft Excel files to download a malicious software package from public-facing SMB file shares. The researchers pointed […]
Pierluigi Paganini
July 14, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Android Spyware Steals Data from Gamers and TikTok Users A Wolf in Sheep’s Clothing: Practical Black-box Adversarial Attacks for Evading Learning-based Windows Malware Detection in the Wild Mekotio Banking Trojan Threatens Financial Systems in Latin America UNVEILING […]
APT / February 05, 2026
