Pierluigi Paganini
December 16, 2023
Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team (GERT) and GReAT uncovered a new multiplatform malware dubbed NKAbuse. The malicious code is written in Go language, it is the first malware that relies on the NKN technology for data exchange […]
Pierluigi Paganini
December 15, 2023
The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. Kraft Heinz is an American food company, it is one of the largest food and beverage manufacturers globally. Kraft Heinz produces a wide range of popular food products, including condiments, sauces, cheese, snacks, and ready-to-eat meals. […]
Pierluigi Paganini
December 15, 2023
Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it. Researchers from SonarCloud discovered several security issues, Cross-Site Scripting (XSS) vulnerabilities and a Command Injection vulnerability in pfSense CE (CVE-2023-42325, CVE-2023-42327, CVE-2023-42326). The […]
Pierluigi Paganini
December 15, 2023
Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Based on a recent Digital Forensics & Incident Response (DFIR) engagement with a law enforcement agency (LEA) and one of the leading investment organizations in Singapore (and other victims), Resecurity (USA) has uncovered a meaningful link between three […]
Pierluigi Paganini
December 15, 2023
GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered. The leak comes after the team discovered an unprotected MongoDB instance, which stored information on GokuMarket crypto exchange users. Businesses employ MongoDB to organize and store large swaths […]
Pierluigi Paganini
December 14, 2023
Users of Ubiquiti WiFi products started reporting that they are accessing other people’s devices when logging into their accounts. Some users of Ubiquiti wifi products started reporting unexpected access to security camera footage, photos, and other devices upon logging into their accounts. Ubiquiti allows its customers to access and manage their devices through a proprietary […]
Pierluigi Paganini
December 14, 2023
Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. Storm-1152 operates illicit websites and social media pages, selling fake Microsoft accounts and tools to bypass identity verification software […]
Pierluigi Paganini
December 14, 2023
French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the Hive ransomware gang. “A Russian, suspected of having recovered in cryptocurrencies the money taken from […]
Pierluigi Paganini
December 14, 2023
Researchers linked a sophisticated botnet, tracked as KV-Botnet, to the operation of the China-linked threat actor Volt Typhoon. The Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon. The botnet is comprised of two complementary activity clusters, […]
Pierluigi Paganini
December 13, 2023
Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. The attackers compromise user accounts to create, modify, and grant high privileges to OAuth applications to carry out malicious activity […]
