Pierluigi Paganini
May 26, 2022
Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Below is the list of the four vulnerabilities, the most severe one is a command injection flaw in some CLI commands […]
Pierluigi Paganini
May 26, 2022
The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. The maintainers confirmed that Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. “We recommend that you stop using Tails until the release of 5.1 […]
Pierluigi Paganini
May 26, 2022
Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government’s commitment to addressing cyber threats and increasing the resilience of the country to cyber attacks. The strategy is aligned with the […]
Pierluigi Paganini
May 25, 2022
An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine. The threat actors behind the attacks […]
Pierluigi Paganini
May 25, 2022
The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT) after a year-long investigation codenamed “Operation Delilah.” SilverTerrier has been active since at least 2014 and focuses on BEC […]
Pierluigi Paganini
May 25, 2022
Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set of four security flaws in the popular video conferencing service Zoom could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages.Tracked from CVE-2022-22784 through CVE-2022-22787, […]
Pierluigi Paganini
May 25, 2022
US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel (CVE-2021-1048 and CVE-2021-0920) and Cisco IOS XR (CVE-2022-20821). The Cisco IOS XR flaw (CVE-2022-20821, CVSS score: […]
Pierluigi Paganini
May 24, 2022
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy malware. Trend Micro addressed a DLL hijacking flaw in Trend Micro Security that a China-linked threat actor actively exploited to deploy malware. In early May, SentinelOne researchers observed a China-linked APT group, tracked as Moshen […]
Pierluigi Paganini
May 24, 2022
Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid detection. Microsoft security researchers recently observed web skimming campaigns that used multiple obfuscation techniques to avoid detection. The threat actors obfuscated the skimming script by encoding it in PHP, which, in turn, was embedded in […]
Pierluigi Paganini
May 24, 2022
Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. In the ongoing conflict between Russia and Ukraine, the malware developed by both nation-state actors and non […]
Malware / September 26, 2025
Malware / September 26, 2025
