Pierluigi Paganini
March 27, 2021
Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. The malware is able to collect system data, messages, images and take over the infected Android […]
Pierluigi Paganini
March 27, 2021
Apple has released new out-of-band updates for iOS, iPadOS, macOS and watchOS to address another zero‑day flaw, tracked CVE-2021-1879, actively exploited. Apple has released a new set of out-of-band patches for iOS, iPadOS, macOS and watchOS to address a critical zero-day vulnerability, tracked as CVE-2021-1879, that is being actively exploited in the wild. The vulnerability resides […]
Pierluigi Paganini
March 26, 2021
Several members of the German Parliament (Bundestag) and other members of the state parliament were hit by a targeted attack allegedly launched by Russia-linked hackers. German newspaper Der Spiegel revealed that email accounts of multiple members of the German Parliament (Bundestag) were targeted with a spearphishing attack. The messages were sent by threat actors to […]
Pierluigi Paganini
March 26, 2021
Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams published an analysis of the latest campaign conducted by financially motivated threat group Hades which have been operating since at least December 2020. Experts discovered that threat actors targeted […]
Pierluigi Paganini
March 26, 2021
Solarwinds released security updates that address multiple vulnerabilities, including two flaws that be exploited by attackers for remote code execution. Solarwinds has released a major security update to address multiple security vulnerabilities affecting the Orion Platform, the one that was involved in the Solarwinds supply chain attack. The software vendors released the Orion Platform version 2020.2.5 […]
Pierluigi Paganini
March 26, 2021
The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. The Federal Bureau of Investigation (FBI) published an alert to warn that the Mamba ransomware is abusing the DiskCryptor open-source tool (aka HDDCryptor, HDD Cryptor) to encrypt entire drives. […]
Pierluigi Paganini
March 25, 2021
The OpenSSL Project addresses two high-severity vulnerabilities, including one related to verifying a certificate chain and one that can trigger a DoS condition. The OpenSSL Project this week released version 1.1.1k to address two high-severity vulnerabilities, respectively tracked as CVE-2021-3450 and CVE-2021-3449. The CVE-2021-3449 vulnerability could be exploited to trigger a DoS condition by sending a […]
Pierluigi Paganini
March 25, 2021
The CyberNews investigation team found 62,174 potentially vulnerable unpatched Microsoft Exchange Servers. A number of entities in the US and worldwide remain vulnerable to software bugs that were reported by Microsoft weeks ago. The CyberNews investigation team found 62,174 potentially vulnerable unpatched Microsoft Exchange Servers. The vulnerability is still being actively exploited, most famously by […]
Pierluigi Paganini
March 25, 2021
Threat actors are offering fake COVID-19 test results and vaccination certificates in blackmarkets and hacking forums on the Dark Web. While vaccination campaigns go ahead with different speeds in many countries multiple threat actors on the Dark Web started offering fake COVID-19 test results and vaccination certificates. Multiple research teams, including mine, are monitoring these […]
Pierluigi Paganini
March 25, 2021
Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data breach Astoria Company LLC is a lead generation company that leverages on a network of websites to collect information on a person that may be looking for discounted car loans, different medical insurance, or even […]
Security / December 30, 2025
Malware / December 30, 2025
