Cybersecurity

Pierluigi Paganini January 23, 2022
US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

US CISA added seventeen new actively exploited vulnerabilities to the ‘Known Exploited Vulnerabilities Catalog’. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that threat actors have abused in attacks and that are required to be addressed by Federal Civilian Executive Branch (FCEB) agencies. According to Binding Operational Directive (BOD) 22-01: Reducing the […]

Pierluigi Paganini January 23, 2022
Molerats cyberespionage group uses public cloud services as attack infrastructure

Cyberespionage group Molerats has been observed abusing legitimate cloud services, like Google Drive and Dropbox as attack infrastructure. Zscaler ThreatLabz analyzed an active espionage campaign carried out by Molerats cyberespionage group (aka TA402, Gaza Hackers Team, Gaza Cybergang, and Extreme Jackal) that abuses legitimate cloud services like Google Drive and Dropbox as attack infrastructure. Public […]

Pierluigi Paganini January 22, 2022
US Treasury Department sanctions 4 Ukrainian officials for working with Russian intelligence

The U.S. Treasury Department announced sanctions against four current and former Ukrainian government officials for collaborating with Russia. The U.S. Treasury Department this week announced sanctions against four current and former Ukrainian government officials for having supported influence activities carried out by the Russian government. The officials are accused of having gathered sensitive information about […]

Pierluigi Paganini January 21, 2022
A bug in McAfee Agent allows running code with Windows SYSTEM privileges

McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges. McAfee (now Trellix) has addressed a high-severity vulnerability, tracked as CVE-2022-0166, that resides in McAfee Agent software for Windows. An attacker can exploit this flaw to escalate privileges and execute arbitrary code with SYSTEM privileges. The McAfee Agent is […]

Pierluigi Paganini January 21, 2022
Google Project Zero discloses details of two Zoom zero-day flaws

Google Project Zero experts disclosed details of two zero-day flaws impacting Zoom clients and Multimedia Router (MMR) servers. Google Project Zero researchers Natalie Silvanovich disclosed details of two zero-day vulnerabilities in Zoom clients and Multimedia Router (MMR) servers. An attacker could have exploited the now-fixed issues to crash the service, execute malicious code, and even leak the content […]

Pierluigi Paganini January 21, 2022
MoonBounce UEFI implant spotted in a targeted APT41 attack

Researchers have spotted China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. Kaspersky researchers spotted the China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single […]

Pierluigi Paganini January 21, 2022
Conti ransomware gang started leaking files stolen from Bank Indonesia

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. The Conti ransomware gang claimed the attack and leaked some allegedly stolen files as proof of the security breach. A […]

Pierluigi Paganini January 20, 2022
Red Cross hit by a sophisticated cyberattack

A cyberattack on a Red Cross contactor resulted in the theft of personal data for more than 515,000 highly vulnerable people A cyberattack on a Red Cross contactor resulted in the theft of personal data for more than 515,000 highly vulnerable people seeking missing families. The infamous attack was disclosed by the International Committee of […]

Pierluigi Paganini January 19, 2022
New DDoS IRC Bot distributed through Korean webHard platforms

Researchers spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Researchers from AhnLab’s Security Emergency-response Center (ASEC) spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Vxers use GoLang because it is easy and allows the development […]

Pierluigi Paganini January 18, 2022
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler

Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the AlphV/BlackCat. Moncler confirmed a data breach after an attack that took place in December. The luxury fashion giant was hit by AlphV/BlackCat ransomware that today published the stolen data on its leak site in the Tor network. In December, malware […]