Uncategorized

Pierluigi Paganini March 18, 2024
The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats

Resecurity reported about the increasing wave of cyber incidents targeting the aerospace and aviation sectors. The experts emphasized the importance of rigorous cybersecurity risk assessments for airports and proactive threat intelligence in the context of the activity of major ransomware groups and advanced threat actors. As geopolitical tensions rise globally, there’s a heightened risk of […]

Pierluigi Paganini October 13, 2023
FBI and CISA published a new advisory on AvosLocker ransomware

FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) published by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) provides known IOCs, TTPs, and detection methods associated with the AvosLocker ransomware variant employed […]

Pierluigi Paganini April 20, 2023
Multinational ICICI Bank leaks passports and credit card numbers

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national […]

Pierluigi Paganini January 01, 2023
Security Affairs newsletter Round 400 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Personal health information of 42M Americans leaked between 2016 and 2021 Malvertising campaign MasquerAds abuses Google […]

Pierluigi Paganini November 01, 2022
Experts warn of critical RCE in ConnectWise Server Backup Solution

ConnectWise has addressed a critical remote code execution vulnerability impacting Recover and R1Soft Server Backup Manager (SBM). According to the advisory published by ConnectWise, the vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component. An attacker can exploit the vulnerability to execute remote code or directly access confidential data. […]

Pierluigi Paganini September 28, 2022
Threat actors use Quantum Builder to deliver Agent Tesla malware

The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. “Quantum Builder (aka “Quantum Lnk Builder”) is used to create malicious shortcut […]

Pierluigi Paganini September 06, 2022
The Los Angeles Unified School District hit by a ransomware attack

One of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack during the weekend. The Los Angeles Unified School District is one of the largest school distinct in the US, it was hit by a ransomware attack during the Labor Day weekend. The security breach took place a few […]

Pierluigi Paganini March 01, 2022
China-linked APT used Daxin, one of the most sophisticated backdoor even seen

Daxin is the most advanced backdoor in the arsenal of China-linked threat actors designed to avoid the detection of sophisticated defense systems. ​Symantec researchers discovered a highly sophisticated backdoor, named Daxin, which is being used by China-linked threat actors to avoid advanced threat detection capabilities. The malicious code was likely designed for long-running espionage campaigns […]

Pierluigi Paganini January 28, 2022
Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits

Zero-day exploit broker Zerodium announced it will pay $400,000 for zero-day RCE in Microsoft Outlook email client. The zero-day exploit broker Zerodium has announced it will pay $400,000 for zero-day remote code execution (RCE) vulnerabilities in the Microsoft Outlook email client. The company pointed out that the increased payout for this specific vulnerability exploit is […]

Pierluigi Paganini December 06, 2021
330 SPAR stores close or switch to cash-only payments after a cyberattack

A cyber attack hit the international supermarket franchise SPAR forcing 330 shops in North East England to shut down. A cyberattack hit the international supermarket franchise SPAR impacting the operations at 330 shops in North East England. Many stores were forced to close or switch to cash-only payments after the attack. SPAR operates 13,320 stores […]