Pierluigi Paganini
October 17, 2022
Black Lotus is a new, powerful Windows UEFI rootkit advertised on underground criminal forums, researcher warns. Cybersecurity researcher Scott Scheferman reported that a new Windows UEFI rootkit, dubbed Black Lotus, is advertised on underground criminal forums. The powerful malware is offered for sale at $5,000, with $200 payments per new updates. The researcher warns that […]
Pierluigi Paganini
October 17, 2022
The IT infrastructure of the Japanese tech company Oomiya was infected with the LockBit 3.0 ransomware. One of the affiliates for the LockBit 3.0 RaaS hit the Japanese tech company Oomiya. Oomiya is focused on designing and manufacturing microelectronics and facility system equipment. The business of Omiya Kasei is divided into four major areas, manufacturing and designing […]
Pierluigi Paganini
October 17, 2022
Government institutions in Bulgaria have been hit by a cyber attack during the weekend, experts believe it was launched by Russian threat actors. The infrastructure of government institutions in Bulgaria has been hit by a massive DDoS attack. The attack started on Saturday and experts believe that it was orchestrated by Russian threat actors. The […]
Pierluigi Paganini
October 17, 2022
Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. The operation involved law enforcement bodies in 14 countries (Argentina, Australia, Côte d’Ivoire, France, […]
Pierluigi Paganini
October 17, 2022
Lansweeper warns that over 45,000 VMware ESXi servers exposed online have reached end-of-life (EOL), making them an easy target for attackers. IT Asset Management software provider Lansweeper has scanned the Internet for VMware ESXi servers and found over 45,000 instances that have reached end-of-life (EOL). The company discovered 79,000 VMware ESXi instances operated by 6.000 […]
Pierluigi Paganini
October 16, 2022
Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […]
Pierluigi Paganini
October 16, 2022
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts Palo Alto Networks fixed a high-severity […]
Pierluigi Paganini
October 15, 2022
Experts spotted a PHP version of an information-stealing malware called Ducktail spread as cracked installers for legitimate apps and games. Zscaler researchers discovered a PHP version of an information-stealing malware tracked as Ducktail. The malicious code is distributed as free/cracked application installers for a variety of applications including games, Microsoft Office applications, Telegram, and others. Ducktail has been […]
Pierluigi Paganini
October 15, 2022
Palo Alto Networks addressed a high-severity authentication bypass vulnerability affecting the PAN-OS 8.1 software. Palo Alto Networks released security patches to address a high-severity authentication bypass flaw, tracked as CVE-2022-0030 (CVSS score 8.1), impacting the PAN-OS 8.1 software. “An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker […]
Pierluigi Paganini
October 15, 2022
Tata Power Company Limited, India’s largest power generation company, announced it was hit by a cyberattack. Tata Power on Friday announced that was hit by a cyber attack. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of its IT systems.” “The Tata Power Company […]
