Security News

Pierluigi Paganini June 29, 2024
Infosys McCamish Systems data breach impacted over 6 million people

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries. Infosys McCamish Systems (IMS) disclosed the security breach on November 3, 2023, in a filing with […]

Pierluigi Paganini June 28, 2024
A cyberattack shut down the University Hospital Centre Zagreb in Croatia

A cyber attack started targeting the University Hospital Centre Zagreb (KBC Zagreb) on Wednesday night, reported the Croatian Radiotelevision. A cyber attack began targeting the University Hospital Centre Zagreb (KBC Zagreb), the largest Croatian hospital, on Wednesday night, according to a report by Croatian Radiotelevision. The hospital has shut down its IT infrastructure in response […]

Pierluigi Paganini June 28, 2024
US announces a $10M reward for Russia’s GRU hacker behind attacks on Ukraine

The US DoJ announced charges against a member of Russia’s military intelligence service GRU for conducting wiper attacks on Ukraine in 2022. The US Department of Justice (DoJ) announced charges against Russian national Amin Timovich Stigal, who is a member of Russia’s military intelligence service GRU, for conducting wiper attacks on Ukraine in 2022. The […]

Pierluigi Paganini June 27, 2024
LockBit group falsely claimed the hack of the Federal Reserve

The LockBit ransomware group seems to have lied when they announced the hack of the US Federal Reserve. The real victim is the Evolve Bank. The LockBit ransomware group hasn’t hacked the Federal Reserve as it has recently claimed, the real victim is the Evolve Bank. Last week, the LockBit gang announced that it had […]

Pierluigi Paganini June 27, 2024
CISA adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the flaws added to the KEV catalog: According to Binding Operational […]

Pierluigi Paganini June 27, 2024
New P2Pinfect version delivers miners and ransomware on Redis servers

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads. In July 2023, Palo Alto Networks Unit 42 researchers first discovered the P2P worm P2PInfect that targets Redis servers […]

Pierluigi Paganini June 26, 2024
New MOVEit Transfer critical bug is actively exploited

Experts warn of active exploitation of a critical authentication bypass vulnerability in MOVEit Transfer file transfer software. Progress Software addressed two critical authentication bypass vulnerabilities, tracked as CVE-2024-5805 and CVE-2024-5806, affecting its MOVEit Transfer file transfer software. The vulnerability CVE-2024-5805 (CVSS score 9.1) is an improper authentication vulnerability in Progress MOVEit Gateway (SFTP module) that allows authentication […]

Pierluigi Paganini June 26, 2024
New Caesar Cipher Skimmer targets popular CMS used by e-stores

A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer, called Caesar Cipher Skimmer, that was used in recent weeks to target users of e-stores based on popular CMS, including WordPress, Magento, and OpenCart. Over the past several weeks, the experts […]

Pierluigi Paganini June 25, 2024
Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw

Researchers warn that a Mirai-based botnet is exploiting a recently disclosed critical vulnerability in EoL Zyxel NAS devices. Researchers at the Shadowserver Foundation warn that a Mirai-based botnet has started exploiting a recently disclosed vulnerability tracked as CVE-2024-29973 (CVSS score 9.8) in end-of-life NAS devices Zyxel NAS products. The flaw is a command injection vulnerability […]

Pierluigi Paganini June 25, 2024
Wikileaks founder Julian Assange is free

WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five years in Belmarsh prison. Julian Assange is free after five years in Belmarsh prison, the WikiLeaks founder has been released in the U.K. and is flying to the island of Saipan in the Northern Mariana Islands, to make […]