Hacking

Pierluigi Paganini June 29, 2021
New LinkedIn breach exposes data of 700 Million users

A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach made the headlines, a database containing data of 700M users, more than 92% of the total 756M users, is available for sale on forums on […]

Pierluigi Paganini June 29, 2021
PoC exploit for CVE-2021-1675 RCE started circulating online

Proof-of-concept exploit code for CVE-2021-1675 flaw, an attacker could exploit it to compromise Windows systems. Proof-of-concept exploit code for the CVE-2021-1675 flaw has been published online, the flaw impacts the Windows Print Spooler service and could be exploited to compromise Windows systems. Microsoft addressed the flaw with the release of Microsoft June 2021 Patch Tuesday […]

Pierluigi Paganini June 29, 2021
Linux version of REvil ransomware targets ESXi VM

The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware operators are now using a Linux encryptor to encrypts Vmware ESXi virtual machines which are widely adopted by enterprises. The availability of the Linux encryptor was announced by the REvil gang in May, a circumstance […]

Pierluigi Paganini June 29, 2021
Experts developed a free decryptor for the Lorenz ransomware

Researchers analyzed a recently discovered threat, the Lorenz ransomware, and developed a free decryptor for the victims of this new operation. The Lorenz ransomware gang has been active since April and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransoms to the victims. Like other ransomware gangs, Lorenz operators also implement double-extortion […]

Pierluigi Paganini June 29, 2021
GitHub paid out over $500K through its bug bounty program for 203 flaws in 2020

Code repository hosting service GitHub announced that it has paid out more than $1.5 million through its bug bounty program since 2016. Code repository hosting service GitHub announced that it has paid $524,250 through its bug bounty program for 203 vulnerabilities affecting its products and services in 2020. The company revealed that it paid more than $1.5 million […]

Pierluigi Paganini June 28, 2021
Microsoft investigates threat actor distributing malicious Netfilter Driver

Microsoft is investigating an strange attack, threat actor used a driver signed by the company, the Netfilter Driver, to implant a Rootkit. Microsoft announced it is investigating a threat actor distributing malicious drivers in attacks aimed at the gaming industry in China. The actor submitted drivers that were built by a third party for certification […]

Pierluigi Paganini June 28, 2021
The builder for Babuk Locker ransomware was leaked online

The builder for the Babuk Locker ransomware was leaked online, threat actors can use it to create their own ransomware strain. The Record first reported that the builder for the Babuk Locker ransomware was leaked online, threat actors could use it to create their own version of the popular ransomware. The Babuk Locker operators halted […]

Pierluigi Paganini June 28, 2021
Six typosquatting packages in PyPI repository laced with crypto miner

Researchers discovered six rogue packages in the official Python programming language’s PyPI repository containg cryptocurrency mining malware. Experts from security firm Sonatype have uncovered six typosquatting packages in the official Python programming language’s PyPI repository that were laced with cryptomining malware. The Python Package Index (PyPI) is a repository of software for the Python programming language, it allows users […]

Pierluigi Paganini June 27, 2021
Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection.  Researchers from Avast have spotted a strain of cryptocurrency miner, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. “While the Windows system is in safe mode antivirus software doesn’t work. This can enable the malicious Serviceinstaller.exe to […]

Pierluigi Paganini June 27, 2021
Security Affairs newsletter Round 320

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Norway blames China-linked APT31 for 2018 government hack Poland: The leader of the PiS party blames Russia for […]