Breaking News

Pierluigi Paganini July 23, 2020
New MATA Multi-platform malware framework linked to NK Lazarus APT

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide The notorious Lazarus Group is using a new multi-platform malware framework, dubbed MATA, in attacks aimed at organizations worldwide, to deploy Kaspersky researchers observed that MATA was used by the threat actors to distribute ransomware (i.e. VHD […]

Pierluigi Paganini July 23, 2020
Prometei, a new modular crypto-mining botnet exploits Windows SMB

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.move laterally across systems while covertly mining for cryptocurrency.  The Prometei […]

Pierluigi Paganini July 22, 2020
US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

The US State Department and Secret Service offered $2 million in reward money for help capturing two Ukrainian SEC hackers. The US State Department and Secret Service offered $2 million in reward money for help capturing two Ukrainian hackers that have been charged with hacking and selling insider corporate data stolen from the Securities and […]

Pierluigi Paganini July 22, 2020
Dozens of unsecured databases wiped by mysterious Meow attack

Dozens of unsecured databases exposed online web wiped by threat actors as part of a campaign tracked as Meow attack. Experts observed dozens of unsecured Elasticsearch and MongoDB instances exposed online that were inexplicably wiped by threat actors as part of a campaign tracked as Meow attack. The Meow attack began recently and attackers did […]

Pierluigi Paganini July 22, 2020
Citrix Workspace flaw can allow remote hack of devices running vulnerable app

Citrix addressed a vulnerability in its Citrix Workspace app that can allow an attacker to remotely hack the computer running the vulnerable application Citrix has patched a high severity vulnerability, tracked as CVE-2020-8207, affecting its Workspace app that can be exploited by an attacker to remotely hack the computer running the flawed application. The flaw affects […]

Pierluigi Paganini July 22, 2020
US DoJ charged two Chinese hackers working with MSS

US DoJ charged two Chinese hackers working with China’s Ministry of State Security with hacking into computer systems of government organizations and companies worldwide. US DoJ charged two Chinese hackers working with China’s Ministry of State Security with hacking into computer systems of government organizations and companies worldwide. According to the Department of Justice’s Office […]

Pierluigi Paganini July 22, 2020
Adobe fixed critical code execution flaws in Bridge, Photoshop and Prelude products

This week, Adobe has addressed several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. Adobe has released security updates to address several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. “Adobe has published security bulletins for Adobe Bridge (APSB20-44), Adobe Photoshop (APSB20-45), Adobe Prelude (APSB20-46) and Adobe Reader Mobile […]

Pierluigi Paganini July 21, 2020
US DoJ charges Chinese hackers for targeting COVID-19 research

US Justice Department accused two Chinese hackers of stealing trade secrets from companies worldwide and targeting firms developing a COVID-19 vaccine. This week, the US Justice Department accused two Chinese hackers of stealing trade secrets from companies worldwide and recently involved in attacks against firms developing a vaccine for the COVID-19. According to the indictment, […]

Pierluigi Paganini July 21, 2020
Phishing campaign aimed at stealing Office 365 logins abuses Google Cloud Services

Cybercriminals are increasingly leveraging public cloud services such as Google Cloud Services in phishing campaigns against Office 365 users. Cybercriminals are increasingly abusing cloud services, such as Google Cloud Services, to arrange phishing campaign aimed at stealing Office 365 logins Fraudsters use to host phishing pages on multiple cloud services and trick victims into landing […]

Pierluigi Paganini July 21, 2020
7 VPN services left data of millions of users exposed online

vpnMentor experts reported that seven Virtual Private Network (VPN)  recently left 1.2 terabytes of private user data exposed to online. Security experts from vpnMentor have discovered a group of seven free VPN (virtual private network) apps that left their server unsecured online exposing private user data for anyone to see.  The impacted VPN services are UFO […]