Hacking

Pierluigi Paganini September 07, 2021
A server of the Jenkins project hacked by exploiting a Confluence flaw

The development team behind the Jenkins server disclose a security breach, threat actors deployed a cryptocurrency miner on one of its servers. The development team behind the Jenkins Project disclosed a security breach after threat actors compromised one of their internal servers and installed a cryptocurrency miner. Jenkins is the most popular open-source automation server, it is […]

Pierluigi Paganini September 07, 2021
Ragnar Locker gang threatens to leak data if victim contacts law enforcement

The Ragnar Locker ransomware operators threaten to leak stolen data if the victims attempt to contact law enforcement agencies. The Ragnar Locker ransomware gang is adopting a new technique to force victims to pay the ransom, the operators threaten to leak stolen data if the victims contact law enforcement agencies. The group announced its new […]

Pierluigi Paganini September 06, 2021
Netgear addresses severe security flaws in 20 of its products

Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The company fixed three security flaws that affect 20 Netgear products, mostly smart switches. Technical details […]

Pierluigi Paganini September 06, 2021
Malware found pre-installed in cheap push-button mobile phones sold in Russia

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores The expert noticed that several push-button telephones contain unwanted […]

Pierluigi Paganini September 06, 2021
FBI IC3 warns of a spike in sextortion attacks

The FBI Internet Crime Complaint Center (IC3) warns of a spike in sextortion attacks since the beginning of 2021 that caused $8M losses. The FBI Internet Crime Complaint Center (IC3) is warning of a significant increase in sextortion complaints since the beginning of 2021. In a sextortion attack, threat actors threaten to distribute the victims […]

Pierluigi Paganini September 05, 2021
Pacific City Bank hit by AVOS Locker Ransomware

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services The bank was hit by AVOS Locker […]

Pierluigi Paganini September 05, 2021
Security Affairs newsletter Round 330

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. SEC warns of investment scams related to Hurricane Ida Apple will delay the rollout of new child […]

Pierluigi Paganini September 05, 2021
Major IPS in New Zealand hit by massive DDoS, Internet outages reported

A massive DDoS hit New Zealand ‘s third-largest internet operator isolating parts of the country from the Internet. A massive DDoS hit Vocus ISP, New Zealand ‘s third-largest internet operator, isolating parts of the country from the Internet. Vocus provides retail, wholesale and corporate telecommunications services across Australia and New Zealand. Vocus offers data network services […]

Pierluigi Paganini September 04, 2021
SEC warns of investment scams related to Hurricane Ida

The US Securities and Exchange Commission warns investors of potential investment scams that leverages Hurricane Ida as a bait. The US Securities and Exchange Commission (SEC)’s Office of Investor Education and Advocacy is warning investors of potential investment scams related to Hurricane Ida. Scammers will likely target individuals and organizations that are eligible to receive large payouts from insurance […]

Pierluigi Paganini September 04, 2021
FIN7 group leverages Windows 11 Alpha-Themed docs to drop Javascript payloads

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The messages used weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript backdoor, […]