Security

Pierluigi Paganini March 28, 2024
Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. Google’s Threat Analysis Group (TAG) and its subsidiary Mandiant reported that in 2023 97 zero-day vulnerabilities were exploited in attacks, while in 2022 the actively exploited zero-day flaws were 62. In 2023, Google (TAG) and […]

Pierluigi Paganini March 28, 2024
Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during the Pwn2Own Vancouver 2024. Google addressed several vulnerabilities in the Chrome web browser this week, including two zero-day vulnerabilities, tracked as CVE-2024-2886 and CVE-2024-2887, which were demonstrated during the Pwn2Own Vancouver 2024 hacking competition. The high-severity vulnerability CVE-2024-2886 is a […]

Pierluigi Paganini March 27, 2024
CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Microsoft addressed the remote code execution flaw in SharePoint Server, […]

Pierluigi Paganini March 27, 2024
The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build a real-time data defense. In cybersecurity, and in life, by the time you find out that something went wrong it is often too late. The advantage of Data Detection and Response (DDR) is that you no longer have to wait […]

Pierluigi Paganini March 27, 2024
Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to the China-linked group APT31. The Finnish Police attributed the March 2021 attack on the parliament to the China-linked group APT31. The Finnish authorities investigated multiple offenses, including aggravated espionage, aggravated unlawful access to an information system, and aggravated violation of […]

Pierluigi Paganini March 26, 2024
TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “TheMoon” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices. The new version of the bot has been […]

Pierluigi Paganini March 26, 2024
UK, New Zealand against China-linked cyber operations

UK, Australia and New Zealand are accusing China-linked threat actors of cyber operations against UK institutions and parliamentarians. GCHQ’s National Cyber Security Centre believes that China-linked cyberespionage group APT31 was responsible for cyber attacks against UK parliamentarians’ emails in 2021. The UK intelligence believes that China-linked threat actors also compromised the UK Electoral Commission’s systems […]

Pierluigi Paganini March 26, 2024
US Treasury Dep announced sanctions against members of China-linked APT31

The US Treasury Department announced sanctions on two APT31 Chinese hackers linked to attacks against organizations in the US critical infrastructure sector. The US government announced sanctions against a pair of Chinese hackers (Zhao Guangzong and Ni Gaobin), alleged members of the China-linked APT31 group, who are responsible for “malicious cyber operations targeting U.S. entities that operate […]

Pierluigi Paganini March 25, 2024
CISA adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-48788 (CVSS score 9.3) is a critical pervasive SQL injection issue that resides […]

Pierluigi Paganini March 25, 2024
GoFetch side-channel attack against Apple systems allows secret keys extraction

Researchers demonstrated a new side-channel attack, named GoFetch, against Apple CPUs that could allow an attacker to obtain secret keys. A team of researchers from several US universities demonstrated a new microarchitectural side-channel attack named GoFetch that could allow attackers to extract secret keys from systems using Apple CPUs. GoFetch side-channel attack can extract secret […]