Pierluigi Paganini
November 11, 2024
Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data ...
Pierluigi Paganini
November 11, 2024
Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a ne ...
Pierluigi Paganini
November 11, 2024
South Korea claims Pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea's government blames pro-Russia threat actors ...
Pierluigi Paganini
November 10, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
August 22, 2024
November 16, 2023
November 16, 2023
Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data ...
Pierluigi Paganini
November 11, 2024
Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a ne ...
Pierluigi Paganini
November 11, 2024
South Korea claims Pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea's government blames pro-Russia threat actors ...
Pierluigi Paganini
November 11, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
November 10, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
November 10, 2024
US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CF ...
Pierluigi Paganini
November 10, 2024
Multiple vulnerabilities in the infotainment unit Mazda Connect could allow attackers to execute arbitrary code with root access. Trend Micro's Zero Day Initiative warned of multiple vulnerabiliti ...
Pierluigi Paganini
November 09, 2024
A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware ...
Pierluigi Paganini
November 09, 2024
Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a r ...
Pierluigi Paganini
November 08, 2024
Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to l ...
Pierluigi Paganini
November 08, 2024
Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely s ...
Pierluigi Paganini
November 08, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...
Pierluigi Paganini
November 07, 2024
SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-link ...
Pierluigi Paganini
November 07, 2024
Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology ...
Pierluigi Paganini
November 07, 2024
Cisco fixed a critical flaw in URWB access points, allowing attackers to run root commands, compromising industrial wireless automation security. Cisco has addressed a critical vulnerability, trac ...
Pierluigi Paganini
November 07, 2024
A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. INTERPOL announced this week i ...
Pierluigi Paganini
November 06, 2024
Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, an ...
Pierluigi Paganini
November 06, 2024
South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users' sensitive data, including political views and sexual orientation, with advertisers. South Korea's data privacy w ...
Pierluigi Paganini
November 06, 2024
Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerabi ...
Pierluigi Paganini
November 06, 2024
The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed Toxi ...
Pierluigi Paganini
November 05, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds PTZOptics PT30X-SDI/NDI camera bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
Pierluigi Paganini
November 05, 2024
Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. Canadian law enforcement agencies arrested a suspect, Alexan ...
Pierluigi Paganini
November 05, 2024
Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild. Threat actors are actively exploiting a vulnerability, tracked as CVE-2024-43093 ...
Pierluigi Paganini
November 05, 2024
The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber ...
Pierluigi Paganini
November 04, 2024
Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing milli ...
Pierluigi Paganini
November 04, 2024
U.S. intel says Russia made a fake video claiming Haitians voted illegally in Georgia, aiming to spread election disinformation. U.S. intel reports Russia created a fake viral video falsely claimi ...
Pierluigi Paganini
November 04, 2024
German police shut down DDoS-for-hire platform Dstat.cc and arrested two men accused of operating the site used for launching DDoS attacks. German police shut down the DDoS-for-hire platform Dstat ...
Pierluigi Paganini
November 04, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
November 03, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
November 03, 2024
US Election 2024 - The FBI warned that two fake videos on X spread false claims of ballot fraud and misinformation about Kamala Harris’s husband. In a post on X on Saturday, the Federal Bureau o ...
Pierluigi Paganini
November 03, 2024
Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to ...
Pierluigi Paganini
November 03, 2024
A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being f ...
Pierluigi Paganini
November 02, 2024
Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long "cat-and-mouse" battle with China-linked threat a ...
Pierluigi Paganini
November 02, 2024
Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracke ...
Pierluigi Paganini
November 02, 2024
New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSp ...
Pierluigi Paganini
November 01, 2024
LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Play ...
Pierluigi Paganini
November 01, 2024
Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank, formally the Banco Internacional del Perú Service Holding S.A ...
Pierluigi Paganini
October 31, 2024
QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, ...
Pierluigi Paganini
October 31, 2024
The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of ...
Pierluigi Paganini
October 31, 2024
Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scale spear-phishing campaign by Russia-linked APT ...
Pierluigi Paganini
October 30, 2024
QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. QNAP addressed a critical zero-day vulnerability, tracke ...
Pierluigi Paganini
October 30, 2024
A global law enforcement operation disrupted RedLine and Meta infostealers, seizing their infrastructure and making arrests. The Dutch police announced it has dismantled infrastructure used by Red ...
Pierluigi Paganini
October 29, 2024
Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vuln ...
Pierluigi Paganini
October 29, 2024
Suspected Russia-linked espionage group UNC5812 targets Ukraine's military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812 ...
Pierluigi Paganini
October 29, 2024
French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free S.A.S. is a French telecommunications ...
Pierluigi Paganini
October 28, 2024
Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individu ...
Pierluigi Paganini
October 28, 2024
A long supply chain adds third-party risks, as each partner's security affects your own, making identity and access management more challenging. Identity-related attack vectors are a significant c ...
Pierluigi Paganini
October 28, 2024
ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks. ReliaQuest researchers warn that Black Basta ransomware affiliates swit ...
Pierluigi Paganini
October 28, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
October 27, 2024
Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for ha ...
Pierluigi Paganini
October 27, 2024
China-linked threat actors targeted the phone communications of Donald Trump and vice presidential nominee JD Vance. China-linked hackers reportedly targeted phones used by former President D ...
Pierluigi Paganini
October 26, 2024
Irish Data Protection Commission fined LinkedIn €310M for violating user privacy by using behavioral data analysis for targeted advertising. Irish Data Protection Commission fined LinkedIn €31 ...
Pierluigi Paganini
October 26, 2024
The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by C ...
Pierluigi Paganini
October 25, 2024
US hospice pharmacy OnePoint Patient Care suffered a data breach that exposed the personal info of approximately 800,000 individuals. OnePoint Patient Care is a U.S.-based pharmacy specializing in ...
Pierluigi Paganini
October 25, 2024
DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybe ...
Pierluigi Paganini
October 25, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...
Pierluigi Paganini
October 25, 2024
On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24.  On day two of Pwn2Own Ireland 2024, hackers demonstrated attacks against 51 zero-day vu ...
Pierluigi Paganini
October 24, 2024
Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign. Cisco addressed multiple vulnerabilities in Adaptive Sec ...
Pierluigi Paganini
October 24, 2024
The "FortiJump" flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant. A new report published by Mandiant states that the recently ...
Pierluigi Paganini
October 24, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agen ...
Pierluigi Paganini
October 24, 2024
Resecurity reports a rise in political content related to the 2024 US elections on social media, with increased activity from foreign sources. Resecurity has detected a substantial increase in the ...
Pierluigi Paganini
October 23, 2024
Threat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances, Trend Micro warns. Trend Micro researchers observed attackers targeting Docker remo ...
Pierluigi Paganini
October 23, 2024
Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. Data Security Posture Manageme ...
Pierluigi Paganini
October 23, 2024
The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four compan ...
Pierluigi Paganini
October 23, 2024
Google’s Threat Analysis Group (TAG) researchers warn of a Samsung zero-day vulnerability that is exploited in the wild. Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulner ...
Pierluigi Paganini
October 22, 2024
Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol's 'Operation Endgame' that disrupted its operations in May. The Bumblebee malware loader has resurfaced ...
Pierluigi Paganini
October 22, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...
Pierluigi Paganini
October 22, 2024
VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as ...
Pierluigi Paganini
October 22, 2024
Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by the notorious threat actor IntelBroker ...
Pierluigi Paganini
October 21, 2024
The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users ...
Pierluigi Paganini
October 21, 2024
Hackers exploited a now-patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software. Researchers from Positive Technologies warn that unknown threat ...
Pierluigi Paganini
October 21, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
October 20, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
October 20, 2024
Technology firm F5 patches a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity flaw in BIG-IQ. F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise pro ...
Pierluigi Paganini
October 20, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...
Pierluigi Paganini
October 19, 2024
North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt ...
Pierluigi Paganini
October 19, 2024
Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to c ...
Pierluigi Paganini
October 19, 2024
U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S. ...
Pierluigi Paganini
October 18, 2024
Microsoft disclosed a flaw in the macOS Apple's Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulne ...
Pierluigi Paganini
October 18, 2024
The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, ...
Pierluigi Paganini
October 18, 2024
Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (a ...
Pierluigi Paganini
October 17, 2024
A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-20 ...
Pierluigi Paganini
October 17, 2024
VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked ...
Pierluigi Paganini
October 17, 2024
Brazil's Polícia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil's Polícia Federal (PF) announced the arrest in Belo Horizonte/MG of ...
Pierluigi Paganini
October 16, 2024
Finnish Customs shut down the Tor darknet marketplace Sipulitie and seized the servers hosting the platform. Finnish Customs, with the help of Europol, Swedish and Polish law enforcement authoriti ...
Pierluigi Paganini
October 16, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cy ...
Pierluigi Paganini
October 16, 2024
GitHub addressed a critical vulnerability in Enterprise Server that could allow unauthorized access to affected instances. Code hosting platform GitHub addressed a critical vulnerability, tracked ...
Pierluigi Paganini
October 16, 2024
North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the ...
Pierluigi Paganini
October 15, 2024
WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site. The maintainers of the WordPress Jetpack plugin have ...
Pierluigi Paganini
October 15, 2024
Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded ...
Pierluigi Paganini
October 15, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...
Pierluigi Paganini
October 14, 2024
An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation- ...
Pierluigi Paganini
October 14, 2024
Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement o ...
Pierluigi Paganini
October 14, 2024
US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investmen ...
Pierluigi Paganini
October 14, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
October 13, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
October 13, 2024
U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR ...
Pierluigi Paganini
October 13, 2024
As Middle East tensions rise, cyberattacks hit Iran’s government branches and nuclear facilities, following Israel's response to Iran's October 1 missile barrage. Amid escalating Middle East ten ...
Pierluigi Paganini
October 12, 2024
Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical v ...
Pierluigi Paganini
October 12, 2024
GitLab issued updates for CE and EE to address multiple flaws, including a critical bug allowing CI/CD pipeline runs on unauthorized branches. GitLab released security updates for Community Editio ...
Pierluigi Paganini
October 11, 2024
OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influ ...
Pierluigi Paganini
October 11, 2024
The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its "The Wayback Machine." The Internet Archive is an American nonprofit digital librar ...
Pierluigi Paganini
October 11, 2024
Jscrambler researchers found a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer named Mongolian Skimmer. Jscrambler researchers uncovered a skimming ...
Pierluigi Paganini
October 10, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Ag ...
Pierluigi Paganini
October 10, 2024
Mozilla released an urgent Firefox update to fix a critical use-after-free vulnerability actively exploited in ongoing attacks. Mozilla released an emergency security update for its Firefox browse ...
Pierluigi Paganini
October 10, 2024
Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an at ...
Pierluigi Paganini
October 10, 2024
Resecurity reports a rise in attacks on AI Conversational platforms, targeting chatbots that use NLP and ML to enable automated, human-like interactions with consumers. Resecurity has observed a s ...
Pierluigi Paganini
October 09, 2024
A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A recent investigation by Kaspersky researchers into ...
Pierluigi Paganini
October 09, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Pierluigi Paganini
October 09, 2024
Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer, used to steal sensitive data globally. Ukrainian national Mark Sokolovsky has pleaded guilty in a US court to ...
Pierluigi Paganini
October 08, 2024
MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. In September, American interstate and international peer-to-peer payments ...
Pierluigi Paganini
October 08, 2024
American Water, the largest publicly traded water and wastewater utility company in the US, shut down some of its systems following a cyberattack. American Water, the largest U.S. water and wastew ...
Pierluigi Paganini
October 08, 2024
Universal Music Group notified hundreds of individuals about a data breach compromising their personal information. Universal Music Group is notifying 680 individuals about a data breach that comp ...
Pierluigi Paganini
October 07, 2024
Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv's hackers. A Ukrainian government source told Reuters that Kyiv's hackers are behind the ...
Pierluigi Paganini
October 07, 2024
238,000 Comcast customers were impacted by the FBCS data breach following the February ransomware attack, Comcast reports. Telecommunications giant Comcast is notifying approximately 238,000 custo ...
Pierluigi Paganini
October 07, 2024
A critical vulnerability in the Apache Avro Java Software Development Kit (SDK) could be exploited to execute arbitrary code on vulnerable instances. A critical vulnerability, tracked as CVE-2024- ...
Pierluigi Paganini
October 07, 2024
A man from Indiana pleaded guilty to stealing over $37M in cryptocurrency from 571 victims during a 2022 cyberattack. Evan Frederick Light, 21, of Lebanon, Indiana, pleaded guilty to conspiracy to ...
Pierluigi Paganini
October 07, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Zimbra Collaboration vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
Pierluigi Paganini
October 07, 2024
China-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-linked APT group Salt Typhoon (also known as Famo ...
Pierluigi Paganini
October 06, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
October 06, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
October 06, 2024
Google announced that its Pixel 9 has implemented new security features, and it supports measures to mitigate baseband attacks. Pixel phones are known for their strong security features, particula ...
Pierluigi Paganini
October 06, 2024
A high-severity flaw in the WordPress LiteSpeed Cache plugin could allow attackers to execute arbitrary JavaScript code under certain conditions. A high-severity security flaw, tracked as CVE-2024 ...
Pierluigi Paganini
October 05, 2024
Apple released iOS 18.0.1 update that addressed two vulnerabilities that exposed passwords and audio snippets to attackers. Apple released iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabi ...
Pierluigi Paganini
October 05, 2024
Google removed Kaspersky 's Android security apps from the Play Store and suspended its developer accounts over the weekend. Over the weekend, all the Android products designed by the Russian cybe ...
Pierluigi Paganini
October 04, 2024
perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbe ...
Pierluigi Paganini
October 04, 2024
Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. government and nonprofits. The Justice Department revealed the unsealing o ...
Pierluigi Paganini
October 04, 2024
The Dutch government blames a "state actor" for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state acto ...
Pierluigi Paganini
October 03, 2024
Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have explo ...
Pierluigi Paganini
October 03, 2024
Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed th ...
Pierluigi Paganini
October 03, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Endpoint Manager (EPM) vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...
Pierluigi Paganini
October 02, 2024
Multiple flaws in DrayTek residential and enterprise routers can be exploited to fully compromise vulnerable devices. Forescout researchers discovered 14 new vulnerabilities in DrayTek routers, tw ...
Pierluigi Paganini
October 02, 2024
The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorde ...
Pierluigi Paganini
October 02, 2024
Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor's Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting ...
Pierluigi Paganini
October 02, 2024
An international police operation led to the arrest of four individuals linked to the LockBit ransomware group, including a developer. Europol, the UK, and the US law enforcement authorities annou ...
Pierluigi Paganini
October 02, 2024
US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an ...
Pierluigi Paganini
October 01, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabiliti ...
Pierluigi Paganini
October 01, 2024
AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that ...
Pierluigi Paganini
October 01, 2024
North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cybe ...
Pierluigi Paganini
October 01, 2024
The ransomware attack on Patelco Credit Union this summer led to a data breach affecting over 1 million individuals, revealed the company. Patelco Credit Union is a member-owned, not-for-profit c ...
Pierluigi Paganini
September 30, 2024
Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. In May, the Community Clinic of Maui experienced a major IT outage that impa ...
Pierluigi Paganini
September 30, 2024
The Department of Justice charged a British national for hacking into the systems of five U.S. organizations. The Department of Justice charged the British national Robert Westbrook (39) for hacki ...
Pierluigi Paganini
September 30, 2024
A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host. Critical vulnerability CVE-2024-0132 (CVSS score 9.0) in the ...
Pierluigi Paganini
September 30, 2024
Israel allegedly hacked Beirut airport 's control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of ...
Pierluigi Paganini
September 29, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Pierluigi Paganini
September 29, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
September 29, 2024
The Irish Data Protection Commission (DPC) fined Meta €91 million for storing the passwords of hundreds of millions of users in plaintext. The Irish Data Protection Commission (DPC) has fined Me ...
Pierluigi Paganini
September 28, 2024
The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple hospitals and disabled the Sahel healthcare app. Kuwait’s Health Ministry was the victim of a cyber ...
Pierluigi Paganini
September 28, 2024
The Tor Project and Tails OS have joined forces and merged operations to counter a growing number of digital threats. The Tor Project and Tails have merged operations to enhance collaboration and ...
Pierluigi Paganini
September 27, 2024
UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on publi ...
Pierluigi Paganini
September 27, 2024
A researcher has disclosed details of an unpatched Linux vulnerability, initially labeled as critical, that allows remote code execution. The popular cybersecurity researcher Simone Margaritelli ( ...
Pierluigi Paganini
September 27, 2024
The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryp ...
Pierluigi Paganini
September 27, 2024
Researchers discovered critical flaws in Kia's dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts (Neiko Rivera, Sam Cu ...
Pierluigi Paganini
September 26, 2024
Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution. Cisco’s Talos threat intelligence unit has disclosed details of f ...
Pierluigi Paganini
September 26, 2024
China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. China-linked threat actors have breached several ...
Pierluigi Paganini
September 26, 2024
Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a c ...
Pierluigi Paganini
September 26, 2024
The personal information of over 3,000 congressional staffers was leaked on the dark web following a major cyberattack on the U.S. Capitol. The personal information of approximately 3,191 congress ...
Pierluigi Paganini
September 26, 2024
Experts warn of Necro Trojan found in Google Play, threat actors are spreading it through fake versions of legitimate Android apps. Researchers from Kaspersky discovered a new version of the Necro ...
Pierluigi Paganini
September 25, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Virtual Traffic Manager vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruc ...
Pierluigi Paganini
September 25, 2024
Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations due to a cyberattack. Arkansas City, Kansas, had to switch its water tr ...
Pierluigi Paganini
September 25, 2024
A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices. ThreatFabric researchers discovered a new version of the Android ...
Pierluigi Paganini
September 25, 2024
HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers dis ...
Pierluigi Paganini
September 24, 2024
American peer-to-peer payments and money transfer company MoneyGram confirmed that a cyberattack caused its service outage. American interstate and international peer-to-peer payments and mo ...
Pierluigi Paganini
September 24, 2024
Israel has been sending text messages, recordings, and hacking radio networks to warn Lebanese citizens to evacuate certain areas. Israel has been sending text messages, recordings, and hacking ra ...
Pierluigi Paganini
September 24, 2024
Telegram will provide user data to law enforcement agencies in response to valid legal requests, according to a recent policy update Telegram has updated its privacy policy informing users that it ...
Pierluigi Paganini
September 24, 2024
ESET addressed two local privilege escalation vulnerabilities in security products for Windows and macOS operating systems. Cybersecurity firm ESET released security patches for two local privileg ...
Pierluigi Paganini
September 23, 2024
North Korea-linked APT group Gleaming Pisces is distributing a new malware called PondRAT through tainted Python packages. Unit 42 researchers uncovered an ongoing campaign distributing Linux and ...
Pierluigi Paganini
September 23, 2024
Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-link ...
Pierluigi Paganini
September 23, 2024
Hacktivist group Twelve is back and targets Russian entities to destroy critical assets and disrupt their operations. The hacktivist group Twelve has been active since at least April 2023, it was ...
Pierluigi Paganini
September 23, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Protect Your Crypto: Understanding the Ongoing Global Malware ...
Pierluigi Paganini
September 22, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
September 22, 2024
GreyNoise Intelligence firm warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms.  GreyNoise Intelligence has been tracking a mysteri ...
Pierluigi Paganini
September 22, 2024
Cybercriminals stole more than $44 million worth of cryptocurrency from the Singaporean crypto platform BingX. Singaporean crypto platform BingX reported a cyberattack on Friday. Threat actors sto ...
Pierluigi Paganini
September 21, 2024
A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in ...
Pierluigi Paganini
September 21, 2024
Ukraine's NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. Ukraine's National Coordination Centre for Cybersecurity ( ...
Pierluigi Paganini
September 21, 2024
The maintainers of the Tor Project have responded to claims that German police have devised a technique to deanonymize users. The maintainers of the Tor Project have responded to claims that Germa ...
Pierluigi Paganini
September 20, 2024
Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant researchers warn that an Iran-linked APT group, tracked ...
Pierluigi Paganini
September 20, 2024
The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The U.S. DoJ arrested two people, Malone Lam (20) (aka "Greavys," "Anne ...
Pierluigi Paganini
September 20, 2024
Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. Microsoft Threat Intelligence team revealed th ...
Pierluigi Paganini
September 20, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
September 20, 2024
Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appl ...
Pierluigi Paganini
September 19, 2024
An international law enforcement operation infiltrated the encrypted messaging app Ghost, which was widely used by criminals, resulting in the arrest of dozens of individuals. An international law ...
Pierluigi Paganini
September 19, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exp ...
Pierluigi Paganini
September 19, 2024
Small and medium-sized enterprises (SMEs) are a frequent target for cybercriminals. How can SIEM help them improve their cybersecurity? Contrary to what they might believe, small and medium-sized ...
Pierluigi Paganini
September 19, 2024
Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend. This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had di ...
Pierluigi Paganini
September 19, 2024
Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen's Black Lotus Labs discovered a new botnet, n ...
Pierluigi Paganini
September 18, 2024
Credential Flusher is a method that allows hackers to steal login credentials directly from the victim’s web browser. The cyber attacks have become increasingly sophisticated, putting our person ...
Pierluigi Paganini
September 18, 2024
The U.S. Department of Treasury issued new sanctions against five executives and one entity linked to the Intellexa Consortium. The Department of the Treasury’s Office of Foreign Assets Control ...
Pierluigi Paganini
September 18, 2024
Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulne ...
Pierluigi Paganini
September 18, 2024
Remote attack on pagers used by Hezbollah in Lebanon and Syria caused their explosion; at least 8 nine people dead and more than 2,800 injured. At least nine eight individuals, including a child, ...
Pierluigi Paganini
September 17, 2024
US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. Air Force, Navy, Army, and the FAA. The U.S. DoJ charged a Chinese national, Song Wu ( ...
Pierluigi Paganini
September 17, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyberse ...
Pierluigi Paganini
September 17, 2024
Why do consumers refuse to consent to their data being shared? Ensuring transparency on their usage and consent. In the digital world, trust is essential for the relationships between brands and c ...
Pierluigi Paganini
September 17, 2024
The personal information of a million individuals was published online following a ransomware attack that in June disrupted NHS hospitals in London. In June, a ransomware attack on pathology and d ...
Pierluigi Paganini
September 17, 2024
D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link has addressed three critical vulnerabilities, ...
Pierluigi Paganini
September 16, 2024
Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Window ...
Pierluigi Paganini
September 16, 2024
SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. SolarWinds released security updates to address a critical-severity remote ...
Pierluigi Paganini
September 16, 2024
Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of "threat intelligence" information exposure. Apple is seeking to drop its lawsuit against Israeli spyware com ...
Pierluigi Paganini
September 16, 2024
A hacker tricked ChatGPT into providing instructions to make homemade bombs demonstrating how to bypass the chatbot safety guidelines. A hacker and artist, who goes online as Amadon, tricked ChatG ...
Pierluigi Paganini
September 16, 2024
Port of Seattle confirmed on Friday that the Rhysida ransomware group was behind the cyberattack that hit the agency in August. In August, a cyber attack hit the Port of Seattle, which also opera ...
Pierluigi Paganini
September 15, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mythical Beasts and Where to Find Them: Mapping the Global Sp ...
Pierluigi Paganini
September 15, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Pierluigi Paganini
September 14, 2024
Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild. Ivanti warned that a newly patched vulnerability, tracked as CVE-20 ...
Pierluigi Paganini
September 14, 2024
GitLab addressed multiple vulnerabilities impacting GitLab CE/EE, including a critical pipeline execution issue. GitLab released security patches for 17 vulnerabilities in GitLab CE (Community Ed ...
Pierluigi Paganini
September 14, 2024
A new Linux malware called Hadooken targets Oracle WebLogic servers, it has been linked to several ransomware families. Aqua Security Nautilus researchers discovered a new Linux malware, called H ...
Pierluigi Paganini
September 13, 2024
Lehigh Valley Health Network ’s (LVHN) hospital network has agreed to a $65 million settlement in a class action lawsuit related to a data breach. Lehigh Valley Health Network (LVHN) is a large ...
Pierluigi Paganini
September 13, 2024
Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 million Android devices in 197 countries. Doctor Web researchers uncovered a malware, tracked as Vo1d, ...
Pierluigi Paganini
September 13, 2024
Fortinet disclosed a data breach after a threat actor claimed the theft of 440GB of files from the company's Microsoft Sharepoint server. Today, Fortinet told Cyber Daily that a threat actor gaine ...
Pierluigi Paganini
September 12, 2024
The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The Singapore Police Force (SPF) arrested five Chinese nationals ...
Pierluigi Paganini
September 12, 2024
Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multip ...
Pierluigi Paganini
September 12, 2024
Highline Public Schools, a school district in Washington state, remains closed following a cyberattack that occurred two days ago. Two days ago Highline Public Schools (HPS), a school district in ...
Pierluigi Paganini
September 11, 2024
Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool t ...
Pierluigi Paganini
September 11, 2024
Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is ...
Pierluigi Paganini
September 11, 2024
Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for September 2024 addres ...
Pierluigi Paganini
September 11, 2024
The Quad7 botnet evolves and targets new  SOHO devices, including Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. The Sekoia TDR team identified additional implants assoc ...
Pierluigi Paganini
September 10, 2024
Poland 's security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. Poland security services announced they have thwarted a cyber opera ...
Pierluigi Paganini
September 10, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and I ...
Pierluigi Paganini
September 10, 2024
Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised. The electronic payment gateway Slim CD disclosed a data ...
Pierluigi Paganini
September 10, 2024
Researchers warn of a fresh cluster of activity associated with the Predator spyware using a new infrastructure, following the U.S. sanctions against the Intellexa Consortium. Recorded Future rese ...
Pierluigi Paganini
September 09, 2024
A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an allegedly China-linked threat actor, tracked TID ...
Pierluigi Paganini
September 09, 2024
Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Researchers at Fortinet FortiGuard Labs reported that thr ...
Pierluigi Paganini
September 09, 2024
Progress Software released an emergency to address a maximum severity vulnerability in its LoadMaster products. Progress Software released an emergency fix for a critical vulnerability, tracked as ...
Pierluigi Paganini
September 09, 2024
Russian And Kazakhstani men indicted for operating the Dark Web cybercriminals marketplace WWH Club and other crime forums and markets. Alex Khodyrev (35) from Kazakhstan) and Pavel Kublitskii (37 ...
Pierluigi Paganini
September 08, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. BlackSuit Ransomware Dissecting the Cicada &nb ...
Pierluigi Paganini
September 08, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
September 08, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...
Pierluigi Paganini
September 07, 2024
A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for Word ...
Pierluigi Paganini
September 07, 2024
Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers' personal information. Car rental company Avis notified customers impa ...
Pierluigi Paganini
September 06, 2024
Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access cont ...
Pierluigi Paganini
September 06, 2024
Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE ...
Pierluigi Paganini
September 06, 2024
The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from ...
Pierluigi Paganini
September 06, 2024
Veeam addressed 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. Veeam released security updates to address multiple vulnerabilit ...
Pierluigi Paganini
September 05, 2024
The Chinese-speaking threat actor Earth Lusca used the new backdoor KTLVdoor in an attack against a trading company in China. Trend Micro Researchers spotted the Chinese-speaking threat actor Eart ...
Pierluigi Paganini
September 05, 2024
A cyber attack hit the German air traffic control agency (DFS) disrupting its operations, experts attribute it to Russia-linked group APT28. A cyber attack targeted the German Air Traffic Control ...
Pierluigi Paganini
September 05, 2024
Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to ...
Pierluigi Paganini
September 05, 2024
D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vul ...
Pierluigi Paganini
September 04, 2024
A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a h ...
Pierluigi Paganini
September 04, 2024
Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerabili ...
Pierluigi Paganini
September 04, 2024
VMware released a patch to address a high-severity code execution flaw in its Fusion hypervisor, users are urged to apply it. VMware addressed a high-severity code execution vulnerability, tracke ...
Pierluigi Paganini
September 03, 2024
Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. Cisco Talos researchers discovered eight vulnerabilities in Microsoft apps for mac ...
Pierluigi Paganini
September 03, 2024
Three men have pleaded guilty to operating OTP.Agency, an online service that allowed crooks to bypass Multi-Factor authentication (MFA). Three men, Callum Picari (22), Vijayasidhurshan Vijayanath ...
Pierluigi Paganini
September 03, 2024
Transport for London (TfL) is investigating an ongoing cyberattack, however, customer information was compromised. Transport for London (TfL) is investigating an ongoing cyberattack. However, the ...
Pierluigi Paganini
September 02, 2024
The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students' ...
Pierluigi Paganini
September 02, 2024
A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) oper ...
Pierluigi Paganini
September 02, 2024
A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) pro ...
Pierluigi Paganini
September 01, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev ...
Pierluigi Paganini
September 01, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
September 01, 2024
Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra release ...
Pierluigi Paganini
August 30, 2024
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE‚Å ...
Pierluigi Paganini
August 30, 2024
Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527   ...
Pierluigi Paganini
August 30, 2024
Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. Google TAG (Threat Analysis Group) researchers observed th ...
Pierluigi Paganini
August 30, 2024
Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent. Cisco released security updates for NX-OS software that address multipl ...
Pierluigi Paganini
August 29, 2024
An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai's Security Intelligence and Response Team (SIRT) has detected a botne ...
Pierluigi Paganini
August 29, 2024
French prosecutors charged CEO Telegram Pavel Durov with facilitating various criminal activities on the messaging platform. French prosecutors have formally charged Telegram CEO Pavel Durov with ...
Pierluigi Paganini
August 29, 2024
Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked cy ...
Pierluigi Paganini
August 29, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
Pierluigi Paganini
August 28, 2024
A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breac ...
Pierluigi Paganini
August 28, 2024
BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recentl ...
Pierluigi Paganini
August 28, 2024
The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State an ...
Pierluigi Paganini
August 28, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)¬ ...
Pierluigi Paganini
August 28, 2024
China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt Typhoon exploited a zero-day vulnerability, tr ...
Pierluigi Paganini
August 27, 2024
CrowdStrike researchers have identified the notorious hacker USDoD who is behind several high-profile data leaks. The notorious hacker USDoD (aka EquationCorp), who is known for high-profile data ...
Pierluigi Paganini
August 27, 2024
The Dutch Data Protection Authority (DPA) has fined Uber a record €290M for violating the EU data protection regulation while sending sensitive driver data to the U.S. The Dutch Data Protection ...
Pierluigi Paganini
August 27, 2024
Google released emergency security updates to fix the tenth actively exploited Chrome zero-day vulnerability this year. Google released a security update to address a new Chrome zero-day vulnerabi ...
Pierluigi Paganini
August 26, 2024
SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnera ...
Pierluigi Paganini
August 26, 2024
A cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted. Media reported that the Port of Seattle, which also ...
Pierluigi Paganini
August 26, 2024
Researchers spotted a new stealthy Linux malware named sedexp that uses Linux udev rules to achieve persistence and evade detection. Aon’s Cyber Solutions spotted a new malware family, called se ...
Pierluigi Paganini
August 26, 2024
French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity. Pavel Durov, the founder and CEO of Teleg ...
Pierluigi Paganini
August 25, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer ...
Pierluigi Paganini
August 25, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
August 25, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Versa Director bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...
Pierluigi Paganini
August 25, 2024
Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. During the recent Def Con hacking conference, security r ...
Pierluigi Paganini
August 24, 2024
A Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the Argentine Federal Police (PFA) arrested a Russi ...
Pierluigi Paganini
August 24, 2024
Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack wh ...
Pierluigi Paganini
August 23, 2024
Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that ...
Pierluigi Paganini
August 23, 2024
The Russian national Deniss Zolotarjovs has been charged in a U.S. court for his role in the Karakurt cybercrime gang. Deniss Zolotarjovs (33), a Russian cybercriminal, has been charged in a U.S. ...
Pierluigi Paganini
August 23, 2024
Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (M ...
Pierluigi Paganini
August 23, 2024
China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cybersecurity firm Sygnia reported that the China-lin ...
Pierluigi Paganini
August 23, 2024
US oil giant Halliburton announced that it was hit by a cyberattack that is affecting operations at its Houston, Texas offices. Halliburton, a major U.S. oil company, announced that a cyberattack ...
Pierluigi Paganini
August 22, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersec ...
Pierluigi Paganini
August 22, 2024
SolarWinds fixed a hardcoded credential flaw in its Web Help Desk (WHD) software that could allow attackers to gain unauthorized access to vulnerable instances. SolarWinds has addressed a new secu ...
Pierluigi Paganini
August 22, 2024
Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. U.S. chipmaker Microchip Technology suffered a cyberattack that disrupted operations ...
Pierluigi Paganini
August 22, 2024
Google released emergency security updates to fix the ninth actively exploited Chrome zero-day vulnerability this year. ‚Äã‚ÄãGoogle released an emergency security update to address a Chrome zero- ...
Pierluigi Paganini
August 22, 2024
GitHub addressed three vulnerabilities in its GitHub Enterprise Server product, including a critical authentication flaw. GitHub addressed three security vulnerabilities impacting the GitHub Enter ...
Pierluigi Paganini
August 22, 2024
Researchers have disclosed a critical security vulnerability in Microsoft's Copilot Studio that could lead to the exposure of sensitive information. Researchers disclosed a critical security vulne ...
Pierluigi Paganini
August 21, 2024
North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Talos researchers uncovered the infrastructure us ...
Pierluigi Paganini
August 21, 2024
The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine ...
Pierluigi Paganini
August 21, 2024
A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly. Researchers from security firm Quarkslab discovered a backdo ...
Pierluigi Paganini
August 21, 2024
Blockchain analysis firm Chainalysis revealed that ransomware payments rose by approximately 2%, from $449.1 million to $459.8 million. Blockchain analysis firm Chainalysis revealed that while ove ...
Pierluigi Paganini
August 20, 2024
Experts spotted a previously undetected backdoor, dubbed Msupedge, that was employed in an attack against a university in Taiwan.  Broadcom Symantec researchers discovered a previously undetected ...
Pierluigi Paganini
August 20, 2024
Researchers discovered thousands of Oracle NetSuite e-stores that are vulnerable to data leak, sensitive customer information is at risk. Cybersecurity researchers from AppOmni warn of a potential ...
Pierluigi Paganini
August 20, 2024
Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an arc ...
Pierluigi Paganini
August 20, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructu ...
Pierluigi Paganini
August 19, 2024
Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potential ...
Pierluigi Paganini
August 19, 2024
Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit att ...
Pierluigi Paganini
August 19, 2024
Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS sco ...
Pierluigi Paganini
August 19, 2024
New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a n ...
Pierluigi Paganini
August 19, 2024
Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using 'MasterPrints, 'which are fingerprints that can match multiple other prints. A team of researc ...
Pierluigi Paganini
August 18, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Deciphering the Brain Cipher Ransomware Ideal ...
Pierluigi Paganini
August 18, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
August 18, 2024
A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extor ...
Pierluigi Paganini
August 18, 2024
OpenAI announced it had dismantled an Iranian influence operation that was producing content related to the U.S. Presidential election. OpenAI has dismantled an Iran-linked influence operation, tr ...
Pierluigi Paganini
August 17, 2024
Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information.  Background check service National Public D ...
Pierluigi Paganini
August 17, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
August 16, 2024
A Russian national was sentenced to over three years in prison for selling stolen information and credentials on a dark web marketplace. The 27-year-old Russian national Georgy Kavzharadze (also k ...
Pierluigi Paganini
August 16, 2024
Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANS ...
Pierluigi Paganini
August 16, 2024
Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have i ...
Pierluigi Paganini
August 16, 2024
Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP rem ...
Pierluigi Paganini
August 16, 2024
A cybercrime group linked to the RansomHub ransomware was spotted using a new tool designed to kill EDR software. Sophos reports that a cybercrime group, likely linked to the RansomHub ransomware ...
Pierluigi Paganini
August 15, 2024
Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it disrupted a hacking campaign carried out by Iran ...
Pierluigi Paganini
August 15, 2024
Experts linked an ongoing social engineering campaign, aimed at deploying the malware SystemBC, to the Black Basta ransomware group. Rapid7 researchers uncovered a new social engineering campaign ...
Pierluigi Paganini
August 15, 2024
Iranian news outlet reported that a major cyber attack targeted the Central Bank of Iran (CBI) and several other banks causing disruptions. Iran International reported that a massive cyber attack ...
Pierluigi Paganini
August 15, 2024
China-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Earth Baku (a threat actor associated with APT41) ...
Pierluigi Paganini
August 14, 2024
SolarWinds addressed a critical remote code execution vulnerability in its Web Help Desk solution for customer support. SolarWinds fixed a critical vulnerability, tracked as CVE-2024-289 ...
Pierluigi Paganini
August 14, 2024
Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak ...
Pierluigi Paganini
August 14, 2024
Microsoft's August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Micros ...
Pierluigi Paganini
August 14, 2024
Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti addressed a critical ...
Pierluigi Paganini
August 13, 2024
Elon Musk claims that the livestream interview with Donald Trump on the X social media platform was impacted by a cyberattack. Elon Musk claims that a massive DDoS attack caused problems with the ...
Pierluigi Paganini
August 13, 2024
CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukrain ...
Pierluigi Paganini
August 13, 2024
The U.S. DoJ arrested a Tennessee man for running a "laptop farm" that enabled North Korea-linked IT workers to obtain remote jobs with American companies. The U.S. Justice Department arrested Mat ...
Pierluigi Paganini
August 13, 2024
FreeBSD Project maintainers addressed a high-severity flaw in OpenSSH that could allow remote code execution with elevated privileges. The maintainers of the FreeBSD Project have released urgent s ...
Pierluigi Paganini
August 12, 2024
A campaign tracked as EastWind is targeting Russian government and IT organizations with PlugY and GrewApacha Backdoors. In late July 2024, Kaspersky researchers detected a series of targeted cybe ...
Pierluigi Paganini
August 12, 2024
Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclose ...
Pierluigi Paganini
August 12, 2024
Donald Trump's campaign reported that its emails were hacked by "foreign sources hostile to the United States." Donald Trump's presidential campaign announced it was hacked, a spokesman attributes ...
Pierluigi Paganini
August 11, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Surge in Magniber ransomware attacks impact home users worldw ...
Pierluigi Paganini
August 11, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
August 11, 2024
Physical security firm ADT disclosed a data breach, threat actors stole information from 30,000 customers and leaked it. ADT is a provider of alarm and physical security systems, it employs more t ...
Pierluigi Paganini
August 11, 2024
A INC Ransom ransomware attack this week disrupted IT and phone systems at McLaren Health Care hospitals. On Tuesday, an INC Ransom ransomware attack hit the McLaren Health Care hospitals and disr ...
Pierluigi Paganini
August 10, 2024
Crooks took control of a cow milking robot and demanded a ransom from a farmer who refused to pay it, resulting in the death of a cow. An extortion attempt had a tragic outcome, cybercriminals too ...
Pierluigi Paganini
August 10, 2024
NCC Group discovered vulnerabilities in Sonos smart speakers, including a flaw that could have allowed to eavesdrop on users. Researchers from NCC Group have discovered multiple vulnerabilities in ...
Pierluigi Paganini
August 10, 2024
Cisco warns of critical remote code execution zero-day vulnerabilities impacting end-of-life Small Business SPA 300 and SPA 500 series IP phones. Cisco warns of multiple critical remote code execu ...
Pierluigi Paganini
August 09, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...
Pierluigi Paganini
August 09, 2024
Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service sto ...
Pierluigi Paganini
August 09, 2024
An 18-year-old bug, dubbed "0.0.0.0 Day," allows malicious websites to bypass security in Chrome, Firefox, and Safari to breach local networks. Oligo Security's research team warns of an 18-year ...
Pierluigi Paganini
August 08, 2024
FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint ...
Pierluigi Paganini
August 08, 2024
The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC. Bayhealth Hospital is a technologically advanced not-for-profit healt ...
Pierluigi Paganini
August 08, 2024
Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts. Sonar’s Vulnerability Research Team discovered a critical ...
Pierluigi Paganini
August 07, 2024
A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown An ...
Pierluigi Paganini
August 07, 2024
Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Gu ...
Pierluigi Paganini
August 07, 2024
The Réunion des Musées Nationaux network, including Paris' Grand Palais and other museums, was hit by a ransomware attack. A ransomware attack hit the Réunion des Musées Nationaux network, inc ...
Pierluigi Paganini
August 06, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
August 06, 2024
Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting ...
Pierluigi Paganini
August 06, 2024
Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, ...
Pierluigi Paganini
August 06, 2024
South Korea's National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea's national security and intelligence agenc ...
Pierluigi Paganini
August 06, 2024
Researchers urge organizations using Apache OFBiz to address a critical bug, following reports of active exploitation of another flaw. Experts urge organizations to address a new critical vulnerab ...
Pierluigi Paganini
August 05, 2024
Printed circuit board assembly (PCBA) manufacturer Keytronic reported that a recent ransomware attack led to expenses and lost revenue exceeding $17 million. In June, Keytronic disclosed a data br ...
Pierluigi Paganini
August 05, 2024
A security bypass bug in Rockwell Automation ControlLogix 1756 devices could allow unauthorized access to vulnerable devices. A high-severity security bypass vulnerability, tracked as CVE-2024-624 ...
Pierluigi Paganini
August 05, 2024
China-linked group APT41 breached a Taiwanese government-affiliated research institute using ShadowPad and Cobalt Strike. Cisco Talos researchers reported that the China-linked group compromised a ...
Pierluigi Paganini
August 05, 2024
A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity researchers reported that a China-linked AP ...
Pierluigi Paganini
August 04, 2024
Jerico Pictures Inc., operating as National Public Data, exposed the personal information of nearly 3 billion individuals in an April data breach. A proposed class action claims that Jerico Pictur ...
Pierluigi Paganini
August 04, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unplugging PlugX: Sinkholing the PlugX USB worm botnet & ...
Pierluigi Paganini
August 04, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
August 04, 2024
The U.S. Department of Justice has sued TikTok and its parent company, ByteDance, for extensive violations of children's privacy laws. The Justice Department and the Federal Trade Commission (FTC) ...
Pierluigi Paganini
August 03, 2024
A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. Palo Alto researchers reported that a Russia-linked threat actor known as Fightin ...
Pierluigi Paganini
August 03, 2024
Investors have sued CrowdStrike because the cybersecurity firm made false claims about its Falcon platform. Investors have sued CrowdStrike because the company made false and misleading claims on ...
Pierluigi Paganini
August 02, 2024
CISA warned that an Avtech camera vulnerability, which is still unpatched, is being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an ad ...
Pierluigi Paganini
August 02, 2024
Today, 24 prisoners were released in an international swap between Russia and Western countries, including convicted Russian cybercriminals. In the recent international prisoner swap two not ...
Pierluigi Paganini
August 02, 2024
Researchers warn of an attack vector in the DNS, called the Sitting Ducks, that exposes over a million domains to hackers' takeover. Researchers from Eclypsium and Infoblox have identified an att ...
Pierluigi Paganini
August 02, 2024
Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation rep ...
Pierluigi Paganini
August 01, 2024
BingoMod is a new Android malware that can wipe devices after stealing money from the victims' bank accounts. Researchers at Cleafy discovered a new Android malware, called 'BingoMod,' that can w ...
Pierluigi Paganini
August 01, 2024
OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and ...
Pierluigi Paganini
July 31, 2024
Apple has issued security updates to address multiple vulnerabilities across iOS, macOS, tvOS, visionOS, watchOS, and Safari. Apple released security updates to address multiple vulnerabilities in ...
Pierluigi Paganini
July 31, 2024
Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishi ...
Pierluigi Paganini
July 31, 2024
Zscaler researchers revealed that a company paid a record-breaking $75 million ransom to the Dark Angels ransomware group. Zscaler discovered a record-breaking ransom payment of US$75 million made ...
Pierluigi Paganini
July 31, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a VMware ESXi bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...
Pierluigi Paganini
July 30, 2024
A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new vers ...
Pierluigi Paganini
July 30, 2024
The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, an ...
Pierluigi Paganini
July 30, 2024
Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research ...
Pierluigi Paganini
July 30, 2024
Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the re ...
Pierluigi Paganini
July 29, 2024
Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked ...
Pierluigi Paganini
July 29, 2024
CrowdStrike warns about a new threat actor targeting German customers by exploiting a recent issue with Falcon Sensor updates. On July 24, 2024, CrowdStrike experts identified a spear-phishing ca ...
Pierluigi Paganini
July 29, 2024
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government's Computer ...
Pierluigi Paganini
July 29, 2024
French authorities and Europol are conducting a "disinfection operation" targeting hosts compromised by the PlugX malware. The French authorities, with the help of Europol, have launched on July ...
Pierluigi Paganini
July 28, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Play Ransomware Group’s New Linux Variant Targets ESXi, Sho ...
Pierluigi Paganini
July 28, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
July 28, 2024
Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs ...
Pierluigi Paganini
July 27, 2024
Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for more than 18 hours. Google has addressed a bug in Chrome's Password Manager that caused u ...
Pierluigi Paganini
July 26, 2024
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released secu ...
Pierluigi Paganini
July 26, 2024
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray express ...
Pierluigi Paganini
July 26, 2024
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for c ...
Pierluigi Paganini
July 25, 2024
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score ...
Pierluigi Paganini
July 25, 2024
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers obse ...
Pierluigi Paganini
July 25, 2024
A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michig ...
Pierluigi Paganini
July 25, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...
Pierluigi Paganini
July 24, 2024
China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Macma. The China-linked APT group Daggerfly (a ...
Pierluigi Paganini
July 24, 2024
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ...
Pierluigi Paganini
July 23, 2024
Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap fil ...
Pierluigi Paganini
July 23, 2024
The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. The United States sanctioned Russian hacktivi ...
Pierluigi Paganini
July 23, 2024
EvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send malicious APK payloads disguised as videos. ESET researchers discovered a zero-day exploit named EvilVideo th ...
Pierluigi Paganini
July 22, 2024
The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. Huntress researchers observed the JavaScript downloader m ...
Pierluigi Paganini
July 22, 2024
Law enforcement arrested a 17-year-old boy from Walsall, U.K., for suspected involvement in the Scattered Spider cybercrime syndicate. Law enforcement in the U.K. arrested a 17-year-old teenager f ...
Pierluigi Paganini
July 22, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Hardening of HardBit 10,000 Victims a Da ...
Pierluigi Paganini
July 21, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
July 21, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog. The ...
Pierluigi Paganini
July 21, 2024
CrowdStrike warns that threat actors are exploiting the recent IT outage caused by their faulty update to distribute Remcos RAT malware. CrowdStrike spotted threat actors attempting to benefit fr ...
Pierluigi Paganini
July 20, 2024
Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and M ...
Pierluigi Paganini
July 20, 2024
Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provide ...
Pierluigi Paganini
July 19, 2024
Windows machines worldwide displayed BSoD screen following a faulty update pushed out by cybersecurity firm CrowdStrike. A faulty update released by CrowdStrike Falcon is causing Windows systems t ...
Pierluigi Paganini
July 19, 2024
Cisco has addressed a critical vulnerability that could allow attackers to add new root users to Security Email Gateway (SEG) appliances. Cisco fixed a critical vulnerability, tracked as CVE-2024- ...
Pierluigi Paganini
July 19, 2024
Researchers discovered security flaws in SAP AI Core cloud-based platform that could expose customers' data. Cybersecurity researchers at Wiz uncovered five security flaws, collectively tracked ...
Pierluigi Paganini
July 18, 2024
The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivat ...
Pierluigi Paganini
July 18, 2024
AI systems are transforming technology and driving innovation across industries. How to protect privacy and build secure AI products? How to Protect Privacy and Build Secure AI Products AI syst ...
Pierluigi Paganini
July 18, 2024
A vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers allows threat actors to change any user's password. Cisco has addressed a critical vulnerability, tracke ...
Pierluigi Paganini
July 17, 2024
The world's largest recreational boat and yacht retailer MarineMax, disclosed a data breach following a cyber attack. The world's largest recreational boat and yacht retailer MarineMax disclosed a ...
Pierluigi Paganini
July 17, 2024
Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void Banshee was spotted exploiting the Windows zer ...
Pierluigi Paganini
July 17, 2024
Microsoft said that in Q2 2024, the Octo Tempest cybercrime gang added RansomHub and Qilin ransomware to its arsenal. In the second quarter of 2024, financially motivated threat actor Octo Tempest ...
Pierluigi Paganini
July 17, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Pierluigi Paganini
July 16, 2024
Kaspersky is leaving the U.S. market following the recent ban on the sales of its software imposed by the Commerce Department. Russian cybersecurity firm Kaspersky announced its exit from the U.S. ...
Pierluigi Paganini
July 16, 2024
The FBI gained access to the password-protected phone of the suspect in the assassination attempt on Donald Trump. The independent website 404 Media first reported that the FBI had successfully ac ...
Pierluigi Paganini
July 16, 2024
Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) impacts the ...
Pierluigi Paganini
July 15, 2024
Wired attributes the recently disclosed AT&T data breach to a hacker living in Turkey and reported the company paid a $370,000 ransom. An American hacker who lives in Turkey claimed responsibi ...
Pierluigi Paganini
July 15, 2024
Cybersecurity researchers detailed a new version of the HardBit ransomware that supports new obfuscation techniques to avoid detection. The new version (version 4.0) of the HardBit ransomware come ...
Pierluigi Paganini
July 15, 2024
A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details abo ...
Pierluigi Paganini
July 15, 2024
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Android Spyware Steals Data from Gamers and TikTok Users& ...
Pierluigi Paganini
July 14, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
July 14, 2024
Ukrainian national Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID malware operations. The U.S. DoJ sentenced the Ukrainian national Vyacheslav Igorevich Pen ...
Pierluigi Paganini
July 13, 2024
The American drugstore chain Rite Aid Corporation disclosed a data breach following the cyber attack that hit the company in June. The American drugstore chain giant Rite Aid suffered a data breac ...
Pierluigi Paganini
July 13, 2024
AT&T disclosed a new data breach that exposed phone call and text message records for approximately 110 million people. AT&T suffered a massive data breach, attackers stole the call logs f ...
Pierluigi Paganini
July 12, 2024
A critical vulnerability in Exim mail server allows attackers to deliver malicious executable attachments to mailboxes. Attackers can exploit a critical security flaw, tracked as CVE-2024-39929 (C ...
Pierluigi Paganini
July 12, 2024
Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security ...
Pierluigi Paganini
July 12, 2024
Resecurity has identified a new campaign by the Smishing Triad that is targeting India to steal personal and payment data at scale Resecurity (USA) identified a new campaign targeting India Post ( ...
Pierluigi Paganini
July 12, 2024
The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas Co ...
Pierluigi Paganini
July 12, 2024
A threat actor known as CrystalRay targeted 1,500 victims since February using tools like SSH-Snake and various open-source utilities. The Sysdig Threat Research Team (TRT) first spotted the thr ...
Pierluigi Paganini
July 11, 2024
Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The Akamai Security Intelligence Response Team (SIRT) warns that multiple ...
Pierluigi Paganini
July 11, 2024
The US and its allies disrupted an AI-powered Russia-linked bot farm on the social media platform X relying on the Meliorator AI software. The U.S. FBI and Cyber National Mission Force, along with ...
Pierluigi Paganini
July 11, 2024
VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tr ...
Pierluigi Paganini
July 11, 2024
IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity iss ...
Pierluigi Paganini
July 10, 2024
A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select ver ...
Pierluigi Paganini
July 10, 2024
Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnera ...
Pierluigi Paganini
July 10, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ...
Pierluigi Paganini
July 10, 2024
The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached ...
Pierluigi Paganini
July 09, 2024
The recent data breach suffered by the American luxury department store chain Neiman Marcus has exposed more than 31 million customer email addresses. In May 2024, the American luxury retailer and ...
Pierluigi Paganini
July 09, 2024
Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomw ...
Pierluigi Paganini
July 09, 2024
Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password comp ...
Pierluigi Paganini
July 08, 2024
Threat actors are exploiting Ghostscript vulnerability CVE-2024-29510 to bypass the sandbox and achieve remote code execution. Threat actors are actively exploiting a Ghostscript vulnerability, tr ...
Pierluigi Paganini
July 08, 2024
Apple removed several virtual private network (VPN) apps from its App Store in Russia following a request from the Russian Government. Russia is tightening its citizens' control over Internet acce ...
Pierluigi Paganini
July 08, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securi ...
Pierluigi Paganini
July 08, 2024
The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple vulnerabiliti ...
Pierluigi Paganini
July 07, 2024
Today marks the launch of the Security Affairs newsletter, specializing in Malware. This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best ...
Pierluigi Paganini
July 07, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
July 07, 2024
Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had th ...
Pierluigi Paganini
July 07, 2024
Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereaso ...
Pierluigi Paganini
July 06, 2024
The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the ...
Pierluigi Paganini
July 06, 2024
The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3 ...
Pierluigi Paganini
July 05, 2024
Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still refer ...
Pierluigi Paganini
July 05, 2024
Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based bo ...
Pierluigi Paganini
July 05, 2024
Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automatio ...
Pierluigi Paganini
July 05, 2024
Hackers compromised Ethereum 's mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum's mailing list provider and on ...
Pierluigi Paganini
July 05, 2024
OVHcloud successfully mitigated a record-breaking DDoS attack in April, which reached 840 million packets per second (Mpps). The cloud services provider OVHcloud announced it has mitigated a recor ...
Pierluigi Paganini
July 04, 2024
Healthcare firm HealthEquity disclosed a data breach caused by a partner's compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data brea ...
Pierluigi Paganini
July 04, 2024
Brazil’s data protection authority temporarily banned Meta from using data originating in the country to train its artificial intelligence. Brazil's data protection authority, Autoridade Naciona ...
Pierluigi Paganini
July 04, 2024
Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterpri ...
Pierluigi Paganini
July 04, 2024
An international law enforcement operation code-named Operation Morpheus led to the takedown of 593 Cobalt Strike servers used by crooks. An international law enforcement operation, code-named Ope ...
Pierluigi Paganini
July 03, 2024
The LockBit ransomware group breached another hospital in the United States, the victim is the Fairfield Memorial Hospital in Illinois. It has happened again, another US healthcare organization su ...
Pierluigi Paganini
July 03, 2024
The American credit union Patelco Credit Union shut down several of its banking systems to contain a ransomware attack. Patelco Credit Union is a member-owned, not-for-profit credit union that se ...
Pierluigi Paganini
July 03, 2024
The Polish government is investigating a potential connection between Russia and a cyberattack on the country’s state news agency. The Polish government is investigating a suspected link between ...
Pierluigi Paganini
July 03, 2024
Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by ...
Pierluigi Paganini
July 02, 2024
Prudential Financial confirmed that more than 2.5 million individuals were affected by the data breach it suffered in February 2024. The insurance company Prudential Financial confirmed that the d ...
Pierluigi Paganini
July 02, 2024
An Australian man has been charged with carrying out 'Evil Twin' Wi-Fi attack during a domestic flight to steal user credentials and data. An Evil Twin Wi-Fi attack is a type of cyberattack where ...
Pierluigi Paganini
July 02, 2024
Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-202 ...
Pierluigi Paganini
July 02, 2024
A critical flaw in the OpenSSH server can be exploited to achieve unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintainers addressed a critical ...
Pierluigi Paganini
July 01, 2024
Wayne Memorial Hospital in Pennsylvania was the victim of a cyber attack, Monti gang claimed to have hacked the healthcare infrastructure. Another critical infrastructure healthcare suffered a sec ...
Pierluigi Paganini
July 01, 2024
Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation a ...
Pierluigi Paganini
July 01, 2024
Microsoft warned more customers about email theft linked to the previously reported Midnight Blizzard hacking campaign. The Russia-linked cyberespionage group Midnight Blizzard continues to target ...
Pierluigi Paganini
June 30, 2024
Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer 's corporate network. TeamViewer discovered that a threat actor has breached its corporate network and som ...
Pierluigi Paganini
June 30, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
June 30, 2024
Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing ...
Pierluigi Paganini
June 29, 2024
A cyber attack started targeting the University Hospital Centre Zagreb (KBC Zagreb) on Wednesday night, reported the Croatian Radiotelevision. A cyber attack began targeting the University Hospita ...
Pierluigi Paganini
June 28, 2024
The US DoJ announced charges against a member of Russia's military intelligence service GRU for conducting wiper attacks on Ukraine in 2022. The US Department of Justice (DoJ) announced charges ag ...
Pierluigi Paganini
June 28, 2024
The LockBit ransomware group seems to have lied when they announced the hack of the US Federal Reserve. The real victim is the Evolve Bank. The LockBit ransomware group hasn't hacked the Federal R ...
Pierluigi Paganini
June 27, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...
Pierluigi Paganini
June 27, 2024
Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in atta ...
Pierluigi Paganini
June 27, 2024
Experts warn of active exploitation of a critical authentication bypass vulnerability in MOVEit Transfer file transfer software. Progress Software addressed two critical authentication bypass vuln ...
Pierluigi Paganini
June 26, 2024
A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer, called Caesar Cipher Ski ...
Pierluigi Paganini
June 26, 2024
Researchers warn that a Mirai-based botnet is exploiting a recently disclosed critical vulnerability in EoL Zyxel NAS devices. Researchers at the Shadowserver Foundation warn that a Mirai-based bo ...
Pierluigi Paganini
June 25, 2024
WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five years in Belmarsh prison. Julian Assange is free after five years in Belmarsh prison, the WikiLe ...
Pierluigi Paganini
June 25, 2024
CISA warned chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was compromised in January. CISA warns chemical facilities that its Chemical Security Assessment Tool ...
Pierluigi Paganini
June 25, 2024
Threat actors breached 1,590 cryptocurrency wallets of the cryptocurrency portfolio management and tracking platform CoinStats. The cryptocurrency portfolio management and tracking platform CoinSt ...
Pierluigi Paganini
June 24, 2024
Multiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research identified multiple threat actors using Rafel, ...
Pierluigi Paganini
June 24, 2024
The Lockbit ransomware group announced that it had breached the US Federal Reserve and exfiltrated 33 TB of sensitive data. The Lockbit ransomware group announced that it had breached the systems ...
Pierluigi Paganini
June 24, 2024
Between Jan and Apr 2024, the global ransomware landscape witnessed significant activity, with 1420 ransomware claims reported worldwide. In the first four months of 2024, the global ransomware la ...
Pierluigi Paganini
June 24, 2024
The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gan ...
Pierluigi Paganini
June 24, 2024
A threat actor is offering for sale customer data allegedly stolen from the Australia-based live events and ticketing company TEG. TEG (Ticketek Entertainment Group) is an Australian company that ...
Pierluigi Paganini
June 23, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Pierluigi Paganini
June 23, 2024
Threat actors are actively exploiting a recently discovered vulnerability in SolarWinds Serv-U software using publicly available proof-of-concept (PoC) code. Threat actors are actively exploiting ...
Pierluigi Paganini
June 23, 2024
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned twelve Kaspersky Lab executives for their role in the Russian company. The Treasury Department's Office of Foreign Ass ...
Pierluigi Paganini
June 22, 2024
The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encry ...
Pierluigi Paganini
June 22, 2024
A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware security firm Eclypsium discovered a vulnerability, ...
Pierluigi Paganini
June 21, 2024
French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information sec ...
Pierluigi Paganini
June 21, 2024
The US government announced the ban on selling Kaspersky software due to security risks from Russia and urged citizens to replace it. The Biden administration announced it will ban the sale of Kas ...
Pierluigi Paganini
June 20, 2024
Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-se ...
Pierluigi Paganini
June 20, 2024
A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has ...
Pierluigi Paganini
June 20, 2024
New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration A new Rust malware called Fickle Stealer spreads through various attack methods and steals sensitive information. ...
Pierluigi Paganini
June 20, 2024
A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered ...
Pierluigi Paganini
June 20, 2024
Resecurity researchers warn of a new activity of Smishing Triad, which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad, which has expanded its o ...
Pierluigi Paganini
June 20, 2024
Alleged researchers have exploited a zero-day in Kraken crypto exchange to steal $3 million worth of cryptocurrency. Kraken Chief Security Officer Nick Percoco revealed that alleged security resea ...
Pierluigi Paganini
June 19, 2024
Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing s ...
Pierluigi Paganini
June 19, 2024
AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they we ...
Pierluigi Paganini
June 19, 2024
A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the at ...
Pierluigi Paganini
June 19, 2024
VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exp ...
Pierluigi Paganini
June 18, 2024
Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its ...
Pierluigi Paganini
June 18, 2024
Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly sto ...
Pierluigi Paganini
June 18, 2024
Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim's ...
Pierluigi Paganini
June 18, 2024
Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka "Dopenugget ...
Pierluigi Paganini
June 17, 2024
Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances to breach target networks. In late 2023, Sygnia researchers responded to an incident suffere ...
Pierluigi Paganini
June 17, 2024
The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the ...
Pierluigi Paganini
June 17, 2024
A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of be ...
Pierluigi Paganini
June 17, 2024
Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid scheme ...
Pierluigi Paganini
June 17, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
June 16, 2024
Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerabil ...
Pierluigi Paganini
June 16, 2024
NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were forced to cancel planned operations. NHS England confirmed that the recent ransomware attack ...
Pierluigi Paganini
June 15, 2024
In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and an ...
Pierluigi Paganini
June 14, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ...
Pierluigi Paganini
June 14, 2024
Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was t ...
Pierluigi Paganini
June 14, 2024
Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tr ...
Pierluigi Paganini
June 13, 2024
Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS a ...
Pierluigi Paganini
June 13, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...
Pierluigi Paganini
June 12, 2024
The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (2 ...
Pierluigi Paganini
June 12, 2024
JetBrains warned to fix a critical vulnerability in IntelliJ integrated development environment (IDE) apps that exposes GitHub access tokens. JetBrains warned customers to address a critical vulne ...
Pierluigi Paganini
June 12, 2024
Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw. Microsoft Patch Tuesday security updates for June 2024 ...
Pierluigi Paganini
June 12, 2024
A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000. A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen dat ...
Pierluigi Paganini
June 11, 2024
Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, track ...
Pierluigi Paganini
June 11, 2024
A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Ent ...
Pierluigi Paganini
June 11, 2024
The Japanese video-sharing platform, Niconico, was forced to suspend its services following a cybersecurity incident. The Japanese video-sharing platform, Niconico, temporarily suspended its servi ...
Pierluigi Paganini
June 10, 2024
The UK NHS issued an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals. The UK National Health Service (NHS) issued an urgent call for ...
Pierluigi Paganini
June 10, 2024
Auction house Christie’s revealed that the data breach caused by the recent ransomware attack impacted 45,000 individuals. At the end of May, the auction house Christie’s disclosed a data bre ...
Pierluigi Paganini
June 10, 2024
Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023, initial ...
Pierluigi Paganini
June 10, 2024
Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen ...
Pierluigi Paganini
June 10, 2024
A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE disc ...
Pierluigi Paganini
June 09, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
June 09, 2024
SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address mul ...
Pierluigi Paganini
June 07, 2024
Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pa ...
Pierluigi Paganini
June 07, 2024
Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA ...
Pierluigi Paganini
June 07, 2024
A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell sc ...
Pierluigi Paganini
June 06, 2024
The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. The FBI is inviting victims of LockBit ra ...
Pierluigi Paganini
June 06, 2024
Researchers believe the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation. Cybersecurity experts who analyzed the recently emerged ransomware operation Ra ...
Pierluigi Paganini
June 06, 2024
Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to ...
Pierluigi Paganini
June 05, 2024
Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited v ...
Pierluigi Paganini
June 05, 2024
A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing p ...
Pierluigi Paganini
June 05, 2024
Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical ...
Pierluigi Paganini
June 05, 2024
A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnosti ...
Pierluigi Paganini
June 04, 2024
The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stol ...
Pierluigi Paganini
June 04, 2024
Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. Resecurity has uncovered a new cybercriminal group pro ...
Pierluigi Paganini
June 04, 2024
Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Researchers published a proof-of-concept (PoC) exploit code for an authentic ...
Pierluigi Paganini
June 04, 2024
Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox ...
Pierluigi Paganini
June 04, 2024
CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracl ...
Pierluigi Paganini
June 03, 2024
Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distri ...
Pierluigi Paganini
June 03, 2024
Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU's unit APT28 targeti ...
Pierluigi Paganini
June 03, 2024
Personal information of hundreds of British and EU politicians is available on dark web marketplaces. According to research conducted by Proton and Constella Intelligence, the email addresses and ...
Pierluigi Paganini
June 03, 2024
Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a R ...
Pierluigi Paganini
June 02, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
June 02, 2024
Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently cla ...
Pierluigi Paganini
June 01, 2024
The vulnerability CVE-2021-44832 is Apache Log4j2 library is still a serious problem for multiple industries, expert warns it threatens global Finance. The independent cyber threat intelligence an ...
Pierluigi Paganini
June 01, 2024
Crooks stole approximately 48.2 billion yen ($304 million) worth of Bitcoin from the Japanese cryptocurrency exchange DMM Bitcoin. The Japanese cryptocurrency exchange DMM Bitcoin announced that c ...
Pierluigi Paganini
June 01, 2024
The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a hug ...
Pierluigi Paganini
May 31, 2024
The Chalubo trojan destroyed over 600,000 SOHO routers from a single ISP, researchers from Lumen Technologies reported. Between October 25 and October 27, 2023, the Chalubo malware destroyed more ...
Pierluigi Paganini
May 31, 2024
A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021. Cisco Talos researchers reported that a previously undocumented ...
Pierluigi Paganini
May 31, 2024
The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members. The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files o ...
Pierluigi Paganini
May 31, 2024
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the f ...
Pierluigi Paganini
May 30, 2024
Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of ...
Pierluigi Paganini
May 30, 2024
An international law enforcement operation, called Operation Endgame targeted multiple botnets and their operators. Between 27 and 29 May 2024, an international law enforcement operation coordinat ...
Pierluigi Paganini
May 30, 2024
An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcem ...
Pierluigi Paganini
May 30, 2024
Identity and access management firm Okta warns of credential stuffing attacks targeting the Customer Identity Cloud (CIC) feature. Okta warns of credential stuffing attacks targeting its Custome ...
Pierluigi Paganini
May 30, 2024
Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero- ...
Pierluigi Paganini
May 29, 2024
Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provid ...
Pierluigi Paganini
May 29, 2024
Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred this month. Auction house Christie’s disclosed a data breach after the ransomware group RansomHub ...
Pierluigi Paganini
May 28, 2024
Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at Horizon3's Attack Team released a proof-of-co ...
Pierluigi Paganini
May 28, 2024
Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress ...
Pierluigi Paganini
May 28, 2024
Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router. Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerabil ...
Pierluigi Paganini
May 28, 2024
Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2 ...
Pierluigi Paganini
May 27, 2024
Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. What is the impact? The almost overnight shift to remote work ...
Pierluigi Paganini
May 27, 2024
Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to ...
Pierluigi Paganini
May 27, 2024
Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software.  Cisco addressed a vulnerability, tracked as CVE-2024-20360 ...
Pierluigi Paganini
May 27, 2024
The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned o ...
Pierluigi Paganini
May 26, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
May 26, 2024
Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for ...
Pierluigi Paganini
May 26, 2024
Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advance ...
Pierluigi Paganini
May 25, 2024
The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update abou ...
Pierluigi Paganini
May 25, 2024
GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked ...
Pierluigi Paganini
May 24, 2024
Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a n ...
Pierluigi Paganini
May 24, 2024
CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healt ...
Pierluigi Paganini
May 24, 2024
The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provi ...
Pierluigi Paganini
May 24, 2024
UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user's laptop every few seconds. The UK data watchdog, the Information ...
Pierluigi Paganini
May 24, 2024
Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware T ...
Pierluigi Paganini
May 23, 2024
Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabil ...
Pierluigi Paganini
May 23, 2024
A previously unknown China-linked threat actor dubbed 'Unfading Sea Haze' has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown Ch ...
Pierluigi Paganini
May 23, 2024
A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app ...
Pierluigi Paganini
May 23, 2024
A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in ...
Pierluigi Paganini
May 22, 2024
Resecurity warns of a surge in malicious cyber activity targeting the election in India, orchestrated by several independent hacktivist groups Resecurity has identified a spike of malicious cyber ...
Pierluigi Paganini
May 22, 2024
GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentica ...
Pierluigi Paganini
May 22, 2024
The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. OmniVision Technologies is a company that specializes in developing advanced digital ...
Pierluigi Paganini
May 22, 2024
CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
May 21, 2024
The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. Atlas is one of the largest national fuel distributors to 49 cont ...
Pierluigi Paganini
May 21, 2024
A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulner ...
Pierluigi Paganini
May 21, 2024
Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor's NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabili ...
Pierluigi Paganini
May 21, 2024
Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future's Insikt Group discovered a sophisticated cy ...
Pierluigi Paganini
May 20, 2024
Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and ai ...
Pierluigi Paganini
May 20, 2024
A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan ...
Pierluigi Paganini
May 20, 2024
WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare managem ...
Pierluigi Paganini
May 19, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
May 19, 2024
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.  Symantec researchers observed the North Korea-linked ...
Pierluigi Paganini
May 19, 2024
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an A ...
Pierluigi Paganini
May 18, 2024
Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors na ...
Pierluigi Paganini
May 17, 2024
The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas's city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware ...
Pierluigi Paganini
May 17, 2024
CISA adds two D-Link DIR-600 and DIR-605 router vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the followi ...
Pierluigi Paganini
May 17, 2024
CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabil ...
Pierluigi Paganini
May 17, 2024
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genians Security Center (GSC) identified a new at ...
Pierluigi Paganini
May 17, 2024
Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. MediSecure is a company that provides digital health solutions, pa ...
Pierluigi Paganini
May 16, 2024
Google released security updates to address a new actively exploited Chrome zero-day vulnerability, the third in a week. Google has released a new emergency security update to address a new vulner ...
Pierluigi Paganini
May 16, 2024
The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay. The Spanish financial institution Santander revealed a data breac ...
Pierluigi Paganini
May 16, 2024
An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purcha ...
Pierluigi Paganini
May 15, 2024
One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison. Alexey Pertsev (29), one of the main developers of the Tornado Cash cryptocurrency mixer h ...
Pierluigi Paganini
May 15, 2024
Adobe addressed multiple code execution vulnerabilities in several products, including Adobe Acrobat and Reader. Adobe addressed multiple code execution vulnerabilities in its products, including ...
Pierluigi Paganini
May 15, 2024
The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and ...
Pierluigi Paganini
May 15, 2024
Microsoft Patch Tuesday security updates for May 2024 fixed 59 flaws across various products including an actively exploited zero-day. Microsoft Patch Tuesday security updates for May 2024 address ...
Pierluigi Paganini
May 14, 2024
VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024 VMware addressed four vulnerabilities in its Workstatio ...
Pierluigi Paganini
May 14, 2024
The non-profit technology organization MITRE released the EMB3D threat model for embedded devices used in critical infrastructure. MITRE announced the public release of its EMB3D threat model for ...
Pierluigi Paganini
May 14, 2024
Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulner ...
Pierluigi Paganini
May 14, 2024
Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey's Cybersecurity and Communications Integration Cell (NJCCIC)¬ ...
Pierluigi Paganini
May 14, 2024
Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhon ...
Pierluigi Paganini
May 13, 2024
The City of Helsinki suffered a data breach that impacted tens of thousands of students, guardians, and personnel. The Police of Finland is investigating a data breach suffered by the City of Hels ...
Pierluigi Paganini
May 13, 2024
A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be "first-class ...
Pierluigi Paganini
May 13, 2024
Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders i ...
Pierluigi Paganini
May 13, 2024
Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government's support to Ukraine with military equipment. Pro-Russia hackers targeted Kosovo government websites, in ...
Pierluigi Paganini
May 12, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
May 12, 2024
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Adv ...
Pierluigi Paganini
May 12, 2024
The cyber attack on the Ohio Lottery on Christmas Eve exposed the personal data of over 538,000 individuals. On Christmas Eve, a cyberattack targeting the Ohio Lottery resulted in the exposure of ...
Pierluigi Paganini
May 11, 2024
Notorius threat actor IntelBroker claims that Europol has suffered a data breach that exposed FOUO and other classified data. The threat actor IntelBroker announced on the cybercrime forum Breach ...
Pierluigi Paganini
May 11, 2024
A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country. Ascension is one of the largest private healthcare systems in the Unit ...
Pierluigi Paganini
May 11, 2024
Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address a zer ...
Pierluigi Paganini
May 10, 2024
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale ma ...
Pierluigi Paganini
May 10, 2024
Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin's private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR ...
Pierluigi Paganini
May 10, 2024
Dell disclosed a security breach that exposed millions of customers' names and physical mailing addresses. IT giant Dell suffered a data breach exposing customers’ names and physical addresses, ...
Pierluigi Paganini
May 09, 2024
Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting rec ...
Pierluigi Paganini
May 09, 2024
Cybersecurity firm Zscaler is investigating claims of a data breach after hackers offered access to its network. Cybersecurity firm Zscaler is investigating allegations of a data breach following ...
Pierluigi Paganini
May 09, 2024
Two high-severity vulnerabilities in BIG-IP Next Central Manager can be exploited to gain admin control and create hidden accounts on any managed assets. F5 has addressed two high-severity vulnera ...
Pierluigi Paganini
May 09, 2024
The LockBit ransomware group has added the City of Wichita to its Tor leak site and threatened to publish stolen data. Last week, the City of Wichita, Kansas, was the victim of a ransomware attack ...
Pierluigi Paganini
May 08, 2024
TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack ...
Pierluigi Paganini
May 08, 2024
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites. WPScan researchers reported that threat actors are exploiting a high- ...
Pierluigi Paganini
May 08, 2024
A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. Researchers from Cisco Talos reported a use-after-free vulnerability in ...
Pierluigi Paganini
May 08, 2024
The UK Ministry of Defense disclosed a data breach at a third-party payroll system that exposed data of armed forces personnel and veterans. The UK Ministry of Defense disclosed a data breach impa ...
Pierluigi Paganini
May 08, 2024
The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of the LockBit operation and sanctioned him. The FBI, UK National Crime Agency, and Europol have unmasked the ...
Pierluigi Paganini
May 07, 2024
MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence. MITRE has shared more details on the recent hack, including the new malware ...
Pierluigi Paganini
May 07, 2024
Alexander Vinnik, a Russian operator of virtual currency exchange BTC-e pleaded guilty to participating in a money laundering scheme. Alexander Vinnik, a Russian national, pleaded guilty to conspi ...
Pierluigi Paganini
May 07, 2024
The City of Wichita in Kansas was forced to shut down its computer systems after a ransomware attack. The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network t ...
Pierluigi Paganini
May 06, 2024
Resecurity found a massive leak involving the exposure of personally identifiable information (PII) of over five million citizens of El Salvador on the Dark Web. Resecurity identified a massive le ...
Pierluigi Paganini
May 06, 2024
Finland's Transport and Communications Agency (Traficom) warned about an ongoing Android malware campaign targeting bank accounts. Traficom, Finland's Transport and Communications Agency, issued a ...
Pierluigi Paganini
May 06, 2024
Law enforcement seized the Lockbit group's Tor website again and announced they will reveal more identities of its operators Law enforcement seized the Lockbit group's Tor website again. The autho ...
Pierluigi Paganini
May 05, 2024
NATO and the European Union formally condemned cyber espionage operations carried out by the Russia-linked APT28 against European countries. NATO and the European Union condemned cyber espionage o ...
Pierluigi Paganini
May 05, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
May 05, 2024
The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia. Since April 18, Synlab Italia, a major provider of medical dia ...
Pierluigi Paganini
May 04, 2024
LockBit ransomware operators have published sensitive data allegedly stolen from the Simone Veil hospital in Cannes. In April, a cyber attack hit the Hospital Simone Veil in Cannes (CHC-SV), impac ...
Pierluigi Paganini
May 03, 2024
The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet, called Moobot, used by the ...
Pierluigi Paganini
May 03, 2024
Microsoft devised an attack technique, dubbed 'Dirty Stream,' impacting widely used Android applications, billions of installations are at risk. Microsoft is warning Android users about a new atta ...
Pierluigi Paganini
May 03, 2024
Zloader continues to evolve, its authors added an anti-analysis feature that was originally present in the Zeus banking trojan. Zloader (aka Terdot, DELoader, or Silent Night) is a modular trojan ...
Pierluigi Paganini
May 03, 2024
A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities. The Ukrainian national, Yaroslav Vasinskyi (24), aka Rab ...
Pierluigi Paganini
May 02, 2024
HPE Aruba Networking addressed four critical remote code execution vulnerabilities impacting its ArubaOS network operating system. HPE Aruba Networking released April 2024 security updates that ad ...
Pierluigi Paganini
May 02, 2024
Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached t ...
Pierluigi Paganini
May 02, 2024
CISA adds GitLab Community and Enterprise Editions improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Pierluigi Paganini
May 02, 2024
Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates' personal information. Panda Restaurant Group disclosed a data breach that occurred in M ...
Pierluigi Paganini
May 02, 2024
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia. Jareh Sebastian Dalke (32), of Colorado Springs, is a former emplo ...
Pierluigi Paganini
May 01, 2024
A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Researchers at Lumen’s Black Lotus Labs discovere ...
Pierluigi Paganini
May 01, 2024
A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files. A vulnerability, tracked as CVE-2024-27322 (CVSS v3: 8.8), ...
Pierluigi Paganini
May 01, 2024
The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophis ...
Pierluigi Paganini
May 01, 2024
Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion. A popular 26-year-old Finnish hacker Aleksanteri Kivimäki wa ...
Pierluigi Paganini
April 30, 2024
The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure against AI-based attacks. CISA collaborated with Sector Risk Management Agencies ...
Pierluigi Paganini
April 30, 2024
The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. The U.K. National Cyber Security Centre (NCSC) is urging manuf ...
Pierluigi Paganini
April 30, 2024
The Federal Communications Commission (FCC) fined the largest U.S. wireless carriers $200 million for sharing customers' real-time location data without consent. The FCC has fined four major U. ...
Pierluigi Paganini
April 30, 2024
Google announced they have prevented 2.28 million policy-violating apps from being published in the official Google Play. Google announced that in 2023, they have prevented 2.28 million policy-vio ...
Pierluigi Paganini
April 29, 2024
Financial Business and Consumer Solutions (FBCS) suffered a data breach that exposed information 2 million individuals. Debt collection agency Financial Business and Consumer Solutions (FBCS) disc ...
Pierluigi Paganini
April 29, 2024
A Belarusian group of activist group claims to have infiltrated the network of the country’s main KGB agency. The Belarusian hacktivist group Cyber-Partisans claims to have infiltrated the netwo ...
Pierluigi Paganini
April 29, 2024
The Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients' personal and health information. The Los Angeles County Department of Health Service ...
Pierluigi Paganini
April 29, 2024
Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances. Multiple vulnerabilities found in the Brocade SANnav storage area ne ...
Pierluigi Paganini
April 29, 2024
ICICI Bank, a major private bank in India, mistakenly exposed the sensitive data of thousands of new credit cards to unintended recipients. ICICI Bank, one of the leading private banks in India, a ...
Pierluigi Paganini
April 28, 2024
Identity and access management services provider Okta warned of a spike in credential stuffing attacks aimed at online services. In recent weeks, Okta observed a surge in credential stuffing attac ...
Pierluigi Paganini
April 28, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
April 28, 2024
A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike. Security experts at Deep Instinct Threat Lab have uncovered a targeted c ...
Pierluigi Paganini
April 28, 2024
Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedic ...
Pierluigi Paganini
April 27, 2024
ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware n ...
Pierluigi Paganini
April 27, 2024
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites WordPress security scanner WPScan warns that threat actors are exploi ...
Pierluigi Paganini
April 26, 2024
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new ...
Pierluigi Paganini
April 26, 2024
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals in the United States. Kaiser Permanente is an American integrated managed care  ...
Pierluigi Paganini
April 26, 2024
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over 1,400 CrushFTP internet-facing servers are vulnerable to attac ...
Pierluigi Paganini
April 26, 2024
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply.  Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail c ...
Pierluigi Paganini
April 26, 2024
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following v ...
Pierluigi Paganini
April 25, 2024
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-3 ...
Pierluigi Paganini
April 25, 2024
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer Samourai. The U.S. Department of Justice (DoJ) has arrested two co-founders of the cryptocur ...
Pierluigi Paganini
April 25, 2024
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine. Google addressed four vulnerabilities in the Chrome web browser, includ ...
Pierluigi Paganini
April 25, 2024
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Cisco Talos warned that the nation-state actor UAT4356 (aka ...
Pierluigi Paganini
April 24, 2024
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign ...
Pierluigi Paganini
April 24, 2024
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their role in cyberattacks against the U.S.. The U.S. Treasury Department's Office of Foreig ...
Pierluigi Paganini
April 24, 2024
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted the council's operations The Leicester City Council suffered a cybe ...
Pierluigi Paganini
April 24, 2024
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities. The National Police Agency in South Korea warns that North Korea-link ...
Pierluigi Paganini
April 23, 2024
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the commercial spyware business. The US Department of State is imposing visa restrictions on 13 individ ...
Pierluigi Paganini
April 23, 2024
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical diagnosis services, since April 18. Since April 18, Synlab Italia, a major provider of medical diagno ...
Pierluigi Paganini
April 23, 2024
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “Forest Blizz ...
Pierluigi Paganini
April 22, 2024
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations ...
Pierluigi Paganini
April 22, 2024
Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server. Japan's CERT warned that the WordPress plugin Forminator, developed b ...
Pierluigi Paganini
April 22, 2024
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. A joint advisory published by CISA, the FBI, Europol, ...
Pierluigi Paganini
April 21, 2024
Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote. Researchers from Kaspersky discovered the DuneQuixote ca ...
Pierluigi Paganini
April 21, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
April 21, 2024
Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn. CrushFTP is a file transfer server software that enables secure ...
Pierluigi Paganini
April 20, 2024
A French hospital was forced to return to pen and paper and postpone medical treatments after a cyber attack. A cyber attack hit Hospital Simone Veil in Cannes (CHC-SV) on Tuesday, impacting med ...
Pierluigi Paganini
April 20, 2024
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its ...
Pierluigi Paganini
April 19, 2024
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher Wray. FBI Director Christopher Wray warned this week that China-linked t ...
Pierluigi Paganini
April 19, 2024
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) i ...
Pierluigi Paganini
April 19, 2024
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the thre ...
Pierluigi Paganini
April 18, 2024
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordin ...
Pierluigi Paganini
April 18, 2024
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapek ...
Pierluigi Paganini
April 18, 2024
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Man ...
Pierluigi Paganini
April 18, 2024
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical ...
Pierluigi Paganini
April 17, 2024
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can lead to remote command execution. Ivanti addressed multiple flaws in its Avalanche ...
Pierluigi Paganini
April 17, 2024
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks' PAN-OS. Researchers at watchTowr Labs have released a technical analysis of the ...
Pierluigi Paganini
April 17, 2024
Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.   Cisco Talos researchers wa ...
Pierluigi Paganini
April 17, 2024
The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys. PuTTY tools from 0.68 to 0.80 inclusive are affected by a ...
Pierluigi Paganini
April 16, 2024
Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign target ...
Pierluigi Paganini
April 16, 2024
Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024. Amidst rising tensions with China in the South China Se ...
Pierluigi Paganini
April 16, 2024
Czech transport minister warned that Russia conducted ‘thousands’ of attempts to sabotage railways, attempting to interfere with train networks and signals. Early this month, the Czech transpo ...
Pierluigi Paganini
April 16, 2024
The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibil ...
Pierluigi Paganini
April 16, 2024
Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers.  Cisco Duo war ...
Pierluigi Paganini
April 15, 2024
The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that ...
Pierluigi Paganini
April 15, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infras ...
Pierluigi Paganini
April 15, 2024
Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2 ...
Pierluigi Paganini
April 15, 2024
A joint investigation conducted by U.S. and Australian authorities led to the arrest of two key figures behind the Firebird RAT operation. A joint law enforcement operation conducted by the Austra ...
Pierluigi Paganini
April 15, 2024
A threat actor claimed the hack of the Canadian retail chain Giant Tiger and leaked 2.8 million records on a hacker forum. A threat actor, who goes online with the moniker ShopifyGUY, claimed re ...
Pierluigi Paganini
April 14, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Pierluigi Paganini
April 14, 2024
Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that threat actors are manipulating GitHub search ...
Pierluigi Paganini
April 13, 2024
A critical vulnerability, named ‘BatBadBut’, impacts multiple programming languages, its exploitation can lead to command injection in Windows applications. The cybersecurity researcher RyotaK ...
Pierluigi Paganini
April 13, 2024
Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat act ...
Pierluigi Paganini
April 12, 2024
Crooks targeted a LastPass employee using deepfake technology to impersonate the company's CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate Las ...
Pierluigi Paganini
April 12, 2024
TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targe ...
Pierluigi Paganini
April 12, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...
Pierluigi Paganini
April 11, 2024
