Pierluigi Paganini
January 27, 2022
A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. The Ministry of Justice of France is a body of the French government, which is responsible for: supervision of the judiciary, its maintenance and administration; participation as Vice President of the Judicial Council; supervision of the prosecutor’s […]
Pierluigi Paganini
January 27, 2022
Experts spotted a sophisticated malware campaign delivering the AsyncRAT trojan since September 2021. Researchers from Morphisec spotted a sophisticated phishing campaign delivering the AsyncRAT trojan since September 2021. The phishing messages use an html attachment disguised in the form of an order confirmation receipt (e.g., Receipt-<digits>.html). Experts pointed out the malware employed has the lowest […]
Pierluigi Paganini
January 27, 2022
LockBit expands its operations by implementing a Linux version of LockBit ransomware that targets VMware ESXi servers. LockBit is the latest ransomware operation to add the support for Linux systems, experts spotted a new version that targets VMware ESXi virtual machines. The move aims at expanding the audience of potential targets, including all the organizations […]
Pierluigi Paganini
January 26, 2022
Apple released security updates to fix two zero-day flaws, one of them actively exploited to hack iPhones and Macs. Apple has released security updates to address a couple of zero-day vulnerabilities, one of them being actively exploited in the wild by threat actors to compromise iPhone and Mac devices. One of the zero-day flaws addressed […]
Pierluigi Paganini
January 26, 2022
The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The BunÂdesÂamt fĂĽr VerÂfasÂsungsÂschutz (BfV) federal domestic intelligence agency warns of ongoing attacks coordinated by the China-linked APT27 group. “The Federal Office for the Protection of the Constitution (Â BfVÂ ) has information about an ongoing cyber espionage campaign […]
Pierluigi Paganini
January 26, 2022
New malware is targeting targets QNAP NAS devices, it is the DeadBolt ransomware and ask 50 BTC for master key DeadBolt ransomware is targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems. Once encrypted the content of the device, […]
Pierluigi Paganini
January 26, 2022
VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. VMware urges customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks. Searching for Internet-exposed VMware Horizon servers with Shodan, we can find tens of thousands of installs potentially exposed to […]
Pierluigi Paganini
January 26, 2022
A flaw in Polkit’s pkexec component, tracked as CVE-2021-4034 (PwnKit) can be exploited to gain full root privileges on major Linux distros. An attacker can exploit a vulnerability in Polkit’s pkexec component, tracked as CVE-2021-4034, that affects all major Linux distributions to gain full root privileges on the system. The good news is that this […]
Pierluigi Paganini
January 26, 2022
PrinterLogic has addressed nine vulnerabilities in Web Stack and Virtual Appliance, including three high severity flaws. PrinterLogic has released security updates to address nine vulnerabilities in Web Stack and Virtual Appliance, the most severe ones, tracked as CVE-2021-42631, CVE-2021-42635, and CVE-2021-42638, are rated as high severity flaws (CVSS base score of 8.1). Below is the list […]
Pierluigi Paganini
January 25, 2022
Segway e-store suffered a Magecart attack that potentially allowed threat actors to steal credit cards and customer info. The online store of Segway was compromised as a result of a Magecart attack, threat actors planted a malicious script to steal credit card data and customer information while visitors were making a purchase Segway is known […]
