Cybersecurity

Pierluigi Paganini August 23, 2021
Memorial Health System forced to cancel surgeries after ransomware attack

Health organization Memorial Health System was hit by a disruptive cyber attack that forced it to cancel surgeries and divert patients last week. The Memorial Health System announced that was hit by a disruptive cyber attack that forced it to suspend some of its operations. The organization operates the Marietta Memorial Hospital, the Selby General […]

Pierluigi Paganini August 19, 2021
NK-linked InkySquid APT leverages IE exploits in recent attacks

North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. Experts from cybersecurity firm Volexity reported that North Korea-linked InkySquid group (aka ScarCruft, APT37, Group123, and Reaper) leverages two Internet Explorer exploits to deliver a custom backdoor in watering hole attacks aimed at the […]

Pierluigi Paganini August 17, 2021
Fortinet FortiWeb OS Command Injection allows takeover servers remotely

Fortinet addresses a command injection vulnerability that can allow attackers to take complete control of servers running vulnerable FortiWeb WAF installs. An authenticated attacker could execute arbitrary commands as the root user on the underlying system via the SAML server configuration page. Experts pointed out that the flaw could be chained with an authentication bypass flaw that […]

Pierluigi Paganini August 15, 2021
Security Affairs newsletter Round 327

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Four years after its takedown, AlphaBay marketplace revamped Classified documents from Lithuanian Ministry of Foreign Affairs are […]

Pierluigi Paganini August 14, 2021
Classified documents from Lithuanian Ministry of Foreign Affairs are available for sale

Emails allegedly stolen from the Lithuanian Ministry of Foreign Affairs are available for sale in a cybercrime forum, some emails include high-sensitive info. An archive containing 1.6 million emails containing highly sensitive messages allegedly stolen from the Lithuanian Ministry of Foreign Affairs is available for sale on the RaidForums hacking forum. The ad doesn’t include […]

Pierluigi Paganini August 12, 2021
Trend Micro warns customers of zero-day attacks against its products

Security firms Trend Micro is warning its customers of attacks exploiting zero-day vulnerabilities in its Apex One and Apex One as a Service products. On July 28, Trend Micro released security patches for multiple incorrect permission assignment privilege escalation, incorrect permission preservation authentication bypass, arbitrary file upload, and local privilege escalation vulnerabilities in Apex One […]

Pierluigi Paganini August 11, 2021
Adobe fixes critical flaws in Magento, patch it immediately

Adobe security updates for August 2021 have addressed critical vulnerabilities in Magento and important bugs in Adobe Connect. Adobe security updates for August 2021 address a total of 29 flaws, including critical vulnerabilities in Magento and important issues in Adobe Connect: APSB21-64 Security updates available for Magento APSB21-66 Security update available for Adobe Connect Multiple critical vulnerabilities could be […]

Pierluigi Paganini August 09, 2021
Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in LockBit 2.0 ransomware attacks against Australian organizations in multiple industry sectors starting July 2021. The Australian agency also published 2021-006: ACSC Ransomware Profile – Lockbit 2.0 which includes info […]

Pierluigi Paganini August 08, 2021
A zero-day RCE in Cisco ASDM has yet to be fixed

A remote code execution (RCE) vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher disclosed in July has yet to be addressed. Cisco provided an update on a remote code execution (RCE) vulnerability (CVE-2021-1585) in the Adaptive Security Device Manager (ASDM) Launcher, the IT giant confirmed that the flaw has yet to be addressed. […]

Pierluigi Paganini August 07, 2021
CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090, impacting home routers with Arcadyan firmware to deploy a Mirai bot. “A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and […]