Pierluigi Paganini
October 02, 2022
German police arrested one individual suspected of having stolen €4 million from users via large-scale phishing campaigns. Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected. The phishing campaigns were conducted between October 3, 2020, and May 29, […]
Pierluigi Paganini
October 01, 2022
CISA added a recently disclosed flaw in Atlassian Bitbucket Server, tracked as CVE-2022-36804, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added a recently disclosed critical vulnerability in Atlassian’s Bitbucket Server and Data Center to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant […]
Pierluigi Paganini
October 01, 2022
A hacker group called Guacamaya stole classified government information from multiple military and government agencies across several Latin American countries. Among the data stolen by a group of hackers called Guacamaya (macaw in Spanish) there was a huge trove of emails from Mexico’s Defense Department, which shed the light on the poor resilience of the […]
Pierluigi Paganini
September 30, 2022
A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec Threat Hunter Team observed a threat actor, tracked as Witchetty, using steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The cyber […]
Pierluigi Paganini
September 30, 2022
The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July. On July 4, 2022, the US Department of Defense (DoD) and HackerOne started the Hack US, a one-week bug bounty challenge, which is considered part of DoD’s vulnerability disclosure program (VDP). The challenge was launched Chief […]
Pierluigi Paganini
September 30, 2022
Security researchers are warning of a new Microsoft Exchange zero-day that are being exploited by malicious actors in the wild. Cybersecurity firm GTSC discovered two Microsoft Exchange zero-day vulnerabilities that are under active exploitation in attacks in the wild. Both flaws were discovered by the researchers as part of an incident response activity in August […]
Pierluigi Paganini
September 30, 2022
Researchers from Mandiant have discovered a novel malware persistence technique within VMware ESXi Hypervisors. Mandiant detailed a novel technique used by malware authors to achieve administrative access within VMware ESXi Hypervisors and take over vCenter servers and virtual machines for Windows and Linux to perform the following actions: The highly targeted and evasive nature of […]
Pierluigi Paganini
September 29, 2022
A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux. The malicious code was developed to target a broad range of devices, […]
Pierluigi Paganini
September 28, 2022
ONLINE DISINFORMATION is one of the defining issues of our time and the influence of fake news has become an acute threat to our society. Disinformation undermines true journalism and steers the public opinion in highly charged topics such as immigration, climate change, armed conflicts or refugee and health crises. Social media platforms are the […]
Pierluigi Paganini
September 28, 2022
The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. Cluster25 researchers were analyzing a lure PowerPoint document used to deliver a variant of Graphite malware, which is known to be used […]
