Pierluigi Paganini
January 07, 2022
Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers from MalwareHunterteam first spotted a new ransomware family dubbed Night Sky that implements a double extortion model in attacks aimed at businesses. Once encrypted a file, the ransomware appends the ‘.nightsky‘ extension to encrypted file names. The […]
Pierluigi Paganini
January 06, 2022
North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carried out spear-phishing attacks using New Year’s […]
Pierluigi Paganini
January 06, 2022
NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential stuffing attacks. The New York State Office of the Attorney General (NY OAG) has warned 17 companies that roughly 1.1 million accounts of their customers were compromised in credential stuffing attacks. Credential stuffing attacks involve […]
Pierluigi Paganini
January 06, 2022
Experts warn of a new phishing technique that abuses the commenting feature of Google Docs to send out emails that appear from a legitimate source. Researchers from security firm Avanan in December uncovered a phishing campaign targeting mainly Outlook users with a new technique that abuses the commenting feature of Google Docs to send out […]
Pierluigi Paganini
January 06, 2022
The French data privacy and protection authority hit Google and Facebook with 210 million euros ($237 million) in fines. France’s National Commission on Informatics and Liberty (CNIL), the French data privacy and protection authority, hit Facebook and Google with 60 million euro ($68 million) and 150 million euro ($170 million) fines respectively. The CNIL fined […]
Pierluigi Paganini
January 06, 2022
Researchers devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs. Researchers from Zecops devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs while spies on the user. The technique is based on the concept of simulating a shutdown of the iPhone when the victim attempts […]
Pierluigi Paganini
January 06, 2022
VMware addressed a heap-overflow issue (CVE-2021-22045) in Workstation, Fusion and CVE-2021-22045 products that can lead to code execution on the hypervisor. VMware released security updates to address a heap-overflow vulnerability, tracked as CVE-2021-22045, in its Workstation, Fusion and ESXi products. VMware has addressed the vulnerability with the release of ESXi670-202111101-SG, ESXi650-202110101-SG, Workstation 16.2.0, and Fusion […]
Pierluigi Paganini
January 05, 2022
The US Federal Trade Commission (FTC) has warned legal action against companies who fail to secure their infrastructure against Log4Shell attacks. The US Federal Trade Commission (FTC) warns legal action against companies who protect their systems against Log4Shell (CVE-2021-44228) attacks. The move aims at urging organizations in protecting their infrastructure while both nation-state actors and cybercriminals are […]
Pierluigi Paganini
January 05, 2022
Threat actors continue to attempt to exploit Apache Log4J vulnerabilities in their campaigns to deploy malware on target systems, Microsoft warns. Microsoft is warning of continuing attempts by nation-state actors and cybercriminals to exploit recently discovered vulnerabilities in the Apache Log4j library to deploy malware on vulnerable systems. Microsoft recommends customers review their infrastructure looking […]
Pierluigi Paganini
January 05, 2022
Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. A team of academics (Duy-Phuc Pham, Damien Marion, Matthieu Mastio and Annelie Heuser) from the Research Institute of Computer Science and Random Systems (IRISA) have devised a new approach that analyzes electromagnetic field emanations from the Internet of Things (IoT) […]
