Pierluigi Paganini
December 12, 2021
Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes. The messages used in a campaign recently discovered by cybersecurity firm Cofense use QR codes […]
Pierluigi Paganini
December 12, 2021
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Western Digital SanDisk SecureAccess flaws allow brute force and dictionary attacks New âKarakurtâ cybercrime […]
Pierluigi Paganini
December 11, 2021
Vulnerabilities in the Western Digital SanDisk SecureAccess can be exploited to access user data through brute force and dictionary attacks. Western Digital has released updates for its SanDisk SecureAccess software to fix multiple vulnerabilities that can be exploited to access user data by carrying out brute force and dictionary attacks. The SanDisk SecureAccess software, now […]
Pierluigi Paganini
December 11, 2021
Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. Accenture researchers detailed the activity of a sophisticated financially motivated threat actor called Karakurt. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the […]
Pierluigi Paganini
December 11, 2021
Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. p0rz9 revealed that the CVE-2021-44228 can only be exploited if the log4j2.formatMsgNoLookups option is set to false. The Log4j is widely […]
Pierluigi Paganini
December 10, 2021
Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become […]
Pierluigi Paganini
December 10, 2021
The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks against multiple Australian organizations from various sectors since November. “The ACSC is aware of multiple instances of Australian organisations that have been impacted by Conti ransomware in November and […]
Pierluigi Paganini
December 10, 2021
Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. The Chinese security researcher p0rz9 who publicly disclosed the PoC exploit code revealed […]
Pierluigi Paganini
December 10, 2021
Wordfence experts detected a massive wave of attacks in the last couple of days that targeted over 1.6 million WordPress sites. Wordfence researchers spotted a massive wave of attacks in the days that are targeting over 1.6 million WordPress sites from 16,000 IPs. “Today, on December 9, 2021, our Threat Intelligence team noticed a drastic uptick in attacks […]
Pierluigi Paganini
December 10, 2021
BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language In the past, other two ransomware were written in Rust for research purposes, one of them […]
