Security News Archives - Page 408 of 832

Pierluigi Paganini March 28, 2022

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

The Muhstik botnet has been observed targeting Redis servers exploiting the recently disclosed CVE-2022-0543 vulnerability. Muhstik is a botnet that is known to use web application exploits to compromise IoT devices, it has been around for at least 2018. Botnet operators monetize their efforts via XMRig combined with DDoS-for-hire services. The botnet leverages IRC servers for command-and-control (C2) communications, […]

Pierluigi Paganini March 28, 2022

While Twitter suspends Anonymous accounts, the group hacked VGTRK Russian Television and Radio

While Twitter suspends some Anonymous accounts, the collective hacked All-Russia State Television and Radio Broadcasting Company (VGTRK). On Friday, Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia. The group plans to distribute the stolen documents to various points on the internet […]

Pierluigi Paganini March 28, 2022

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Ukraine CERT-UA warns that the Belarus-linked GhostWriter APT group is targeting state entities of Ukraine with Cobalt Strike Beacon. Ukraine CERT-UA uncovered a spear-phishing campaign conducted by Belarus-linked GhostWriter APT group targeting Ukrainian state entities with Cobalt Strike Beacon. The phishing messages use a RAR-archive named “Saboteurs.rar”, which contains RAR-archive “Saboteurs 21.03.rar.” This second archive […]

Pierluigi Paganini March 28, 2022

Shopping trap: The online stores’ scam that hits users worldwide

Shopping trap: Criminal gangs from China have been using copies of online stores of popular brands to target users all over the world Malicious schemas linked to online stores are on the rise in 2022. Criminal gangs from China have been using copies of online stores of popular brands to target users all over the […]

Pierluigi Paganini March 27, 2022

Sophos Firewall affected by a critical authentication bypass flaw

Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. The CVE-2022-1040 flaw received a CVSS score of 9.8 and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier. […]

Pierluigi Paganini March 27, 2022

Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. March 25 – Anonymous leaked 28GB of data stolen from the Central Bank of Russia Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank […]

Pierluigi Paganini March 27, 2022

Western Digital addressed a critical bug in My Cloud OS 5

Western Digital fixed a critical flaw affecting My Cloud OS 5 devices that allowed attackers to gain remote code execution with root privileges. Western Digital has addressed a critical vulnerability, tracked as CVE-2021-44142, that could have allowed attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. The CVE-2021-44142 […]

Pierluigi Paganini March 27, 2022

CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog

The US Cybersecurity and Infrastructure Security Agency (CISA) added 66 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.ⓘ According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the […]

Pierluigi Paganini March 26, 2022

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security. The Federal Communications Commission (FCC) added multiple Kaspersky products and services to its Covered List saying that they pose unacceptable risks to U.S. national security. “The Federal Communications Commission’s Public Safety and Homeland Security Bureau […]

Pierluigi Paganini March 25, 2022

Anonymous leaked 28GB of data stolen from the Central Bank of Russia

Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia This week the Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. The group of hacktivists announced that will leak the stolen documents in 48 […]

Security News

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

While Twitter suspends Anonymous accounts, the group hacked VGTRK Russian Television and Radio

GhostWriter APT targets state entities of Ukraine with Cobalt Strike Beacon

Shopping trap: The online stores’ scam that hits users worldwide

Sophos Firewall affected by a critical authentication bypass flaw

Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict

Western Digital addressed a critical bug in My Cloud OS 5

CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

Anonymous leaked 28GB of data stolen from the Central Bank of Russia

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Interlock ransomware group deploys new PHP-based RAT via FileFix

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

Experts uncover critical flaws in Kigen eSIM technology affecting billions

Spain awarded €12.3 million in contracts to Huawei

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

QUICK LINKS

Security News

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!