cybersecurity news

Pierluigi Paganini January 31, 2022
Americans lost $770 million from social media fraud in 2021, FTC reports

A report from the US Federal Trade Commission (FTC) revealed that in 2021 Americans lost $770 million from social media frauds The US Federal Trade Commission (FTC) revealed that in 2021 Americans lost $770 million from social media frauds. These data are the result of the increased exposure of netizens through social media. The US […]

Pierluigi Paganini January 30, 2022
Expert releases PoC for CVE-2022-21882 Windows local privilege elevation issue

A researcher disclosed an exploit for a Windows local privilege elevation issue (CVE-2022-21882) that allows anyone to gain admin privileges in Windows 10. The security researchers RyeLv has publicly released an exploit for a Windows local privilege elevation flaw (CVE-2022-21882) that allows anyone to gain admin privileges in Windows 10. The Win32k elevation of privilege […]

Pierluigi Paganini January 29, 2022
US FCC bans China Unicom Americas telecom over national security risks

The Federal Communications Commission (FCC) revoked the license for the China Unicom Americas over serious national security concerns. The Federal Communications Commission (FCC) has revoked the license for China Unicom Americas over “serious national security concerns.” China Unicom is the world’s sixth-largest mobile service provider by subscriber base. The telecom company is a foreign subsidiary of […]

Pierluigi Paganini January 28, 2022
Delta Electronics, a tech giants’ contractor, hit by Conti ransomware

Delta Electronics, a Taiwanese contractor for multiple tech giants such as Apple, Dell, HP and Tesla, was hit by Conti ransomware Taiwanese electronics manufacturing company Delta Electronics was hit by the Conti ransomware that took place this week. Delta Electronics operates as a contractor for major tech giants such as Apple, Tesla, HP, and Dell. […]

Pierluigi Paganini January 27, 2022
Lockbit ransomware gang claims to have hacked Ministry of Justice of France

A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. The Ministry of Justice of France is a body of the French government, which is responsible for: supervision of the judiciary, its maintenance and administration; participation as Vice President of the Judicial Council; supervision of the prosecutor’s […]

Pierluigi Paganini January 27, 2022
A new highly evasive technique used to deliver the AsyncRAT Malware

Experts spotted a sophisticated malware campaign delivering the AsyncRAT trojan since September 2021. Researchers from Morphisec spotted a sophisticated phishing campaign delivering the AsyncRAT trojan since September 2021. The phishing messages use an html attachment disguised in the form of an order confirmation receipt (e.g., Receipt-<digits>.html). Experts pointed out the malware employed has the lowest […]

Pierluigi Paganini January 25, 2022
Latest version of Android RAT BRATA wipes devices after stealing data

A new version of the BRATA malware implements a functionality to perform a factory reset of the device to wipe all data. The new version of the BRATA Android malware supports new features, including GPS tracking and a functionality to perform a factory reset on the device. Security experts at Kaspersky discovered the Android RAT […]

Pierluigi Paganini January 24, 2022
A flaw in Rust Programming language could allow to delete files and directories

The maintainers of the Rust programming language fixed a high-severity flaw that could allow attackers to delete files and directories from a vulnerable system. The maintainers of the Rust programming language have released a security update for a high-severity vulnerability, tracked as CVE-2022-21658. An attacker can trigger the vulnerability to delete files and directories from a vulnerable […]

Pierluigi Paganini January 24, 2022
F5 fixes 25 flaws in BIG-IP, BIG-IQ, and NGINX products

Cybersecurity provider F5 released security patches to address 25 vulnerabilities affecting its BIG-IP, BIG-IQ, and NGINX products. Cybersecurity firm F5 announced security patches for 25 vulnerabilities affecting its BIG-IP, BIG-IQ, and NGINX products. Most of the vulnerabilities (23) addressed by the company affect the BIG-IP application delivery controller (ADC), 13 of them have been rated […]

Pierluigi Paganini January 23, 2022
US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

US CISA added seventeen new actively exploited vulnerabilities to the ‘Known Exploited Vulnerabilities Catalog’. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that threat actors have abused in attacks and that are required to be addressed by Federal Civilian Executive Branch (FCEB) agencies. According to Binding Operational Directive (BOD) 22-01: Reducing the […]