Pierluigi Paganini
November 05, 2021
A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware in corporate networks. Talos researchers warn of a new threat actor that is hacking Microsoft Exchange servers by exploiting ProxyShell flaws to gain access to corporate and deploy the Babuk Ransomware. Over the past months, […]
Pierluigi Paganini
November 05, 2021
Two popular npm libraries, coa and rc., have been hijacked, threat actors replaced them with versions laced with password-stealing malware. The security team of the npm JavaScript package warns that two popular npm libraries, coa and rc., have been hijacked, threat actors replaced them versions laced with password-stealing malware. Coa is a command-line argument parser with approximately 9 million weekly downloads, while […]
Pierluigi Paganini
November 05, 2021
The US government offers up to a $10,000,000 reward for information leading to the identification or arrest of DarkSide gang members. The US government wants to dismantle the DarkSide ransomware operation and its rebrands and it is offering up to a $10,000,000 reward for information leading to the identification or arrest of members of the gang […]
Pierluigi Paganini
November 04, 2021
CISA urges vendors to address BrakTooth flaws after researchers have released public exploit code and a proof of concept tool for them. US CISA is urging vendors to address BrakTooth flaws after security researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against potential Bluetooth exploits. “On November […]
Pierluigi Paganini
November 04, 2021
Cisco fixed critical flaws that could have allowed unauthenticated attackers to access its devices with hard-coded credentials or default SSH keys. Cisco has released security updates to address two critical vulnerabilities that could have allowed unauthenticated attackers to log in to affected devices using hard-coded credentials or default SSH keys. The first flaw fixed by […]
Pierluigi Paganini
November 04, 2021
A critical heap-overflow vulnerability, tracked as CVE-2021-43267, in Linux Kernel can allow remote attackers to takeover vulnerable installs. A SentinelOne researcher discovered a critical remote code execution vulnerability, tracked as CVE-2021-43267, resides in the Transparent Inter Process Communication (TIPC) module of the Linux kernel. The flaw is a critical heap-overflow issue that could lead to […]
Pierluigi Paganini
November 04, 2021
The US DoJ charged the suspected Twitter hacker ‘PlugWalkJoe’ with the theft of $784,000 worth of cryptocurrency using SIM swap attacks. The US Department of Justice has indicted Joseph James O’Connor, a suspected Twitter hacker also known as ‘PlugWalkJoe,’ for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. Crooks conduct SIM swapping attacks to take […]
Pierluigi Paganini
November 04, 2021
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of 306 actively exploited vulnerabilities and has issued a binding operational directive ordering US federal agencies to address […]
Pierluigi Paganini
November 04, 2021
CERT-France warns of a new ransomware group named Lockean that is behind a series of attacks against French organizations over the past 2 years. France’s Computer Emergency Response Team (CERT-FR) officials identified a new ransomware gang named Lockean that is responsible for a long list of attacks against French companies over the past two years.The […]
Pierluigi Paganini
November 03, 2021
The U.K. Labour Party discloses a data breach after a ransomware attack hit a service provider that is managing its data. The U.K. Labour Party discloses a data breach after a service provider that manages its data was hit by a ransomware attack. The party notified relevant authorities and members that some of their information […]
Security / September 23, 2025
