Pierluigi Paganini
March 27, 2022
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective. March 25 – Anonymous leaked 28GB of data stolen from the Central Bank of Russia Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank […]
Pierluigi Paganini
March 27, 2022
Western Digital fixed a critical flaw affecting My Cloud OS 5 devices that allowed attackers to gain remote code execution with root privileges. Western Digital has addressed a critical vulnerability, tracked as CVE-2021-44142, that could have allowed attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. The CVE-2021-44142 […]
Pierluigi Paganini
March 27, 2022
The US Cybersecurity and Infrastructure Security Agency (CISA) added 66 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.ⓘ According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the […]
Pierluigi Paganini
March 26, 2022
The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security. The Federal Communications Commission (FCC) added multiple Kaspersky products and services to its Covered List saying that they pose unacceptable risks to U.S. national security. “The Federal Communications Commission’s Public Safety and Homeland Security Bureau […]
Pierluigi Paganini
March 25, 2022
Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia This week the Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. The group of hacktivists announced that will leak the stolen documents in 48 […]
Pierluigi Paganini
March 25, 2022
Ukraine CERT (CERT-UA) released details about a campaign that SentinelLabs linked with the suspected Chinese threat actor tracked as Scarab. Ukraine CERT (CERT-UA) published technical details about a malicious activity tracked as UAC-0026, which SentinelLabs associated with China-linked Scarab APT. Scarab APT was first spotted in 2015, but experts believe it has been active since […]
Pierluigi Paganini
March 25, 2022
The U.S. has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. The U.S. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “The Department of Justice unsealed two indictments today charging […]
Pierluigi Paganini
March 24, 2022
A researcher discovered critical flaws that can be exploited by remote attackers to hack a building controller popular in Russia. A researcher has identified critical vulnerabilities that can allegedly be exploited to remotely hack a building controller predominantly used by organizations in Russia. Researcher Jose Bertin discovered critical flaws affecting a controller made by Russian […]
Pierluigi Paganini
March 24, 2022
Anonymous launches its offensive against Wester companies still operating in Russia, it ‘DDoSed’ Auchan, Leroy Merlin e Decathlon websites. Since the start of the Russian invasion of Ukraine on February 24, Anonymous has declared war on Russia and launched multiple cyber-attacks against Russian entities, including Russian government sites, state-run media websites, and energy firms. Anonymous recently declared war on all companies that […]
Pierluigi Paganini
March 24, 2022
VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform. VMware released this week, software updates to address two critical security vulnerabilities, CVE-2022-22951 and CVE-2022-22952 (both received a CVSS score of 10), affecting its Carbon Black App Control platform that could be exploited by a threat actor to execute arbitrary […]
Security / September 23, 2025
