hacking news

Pierluigi Paganini September 01, 2023
Talos wars of customizations of the open-source info stealer SapphireStealer

Cisco reported that multiple threat actors are customizing the SapphireStealer information stealer after the leak of its source code. Cisco Talos researchers reported that multiple threat actors have created their own version of the SapphireStealer after that the source code of the stealer was released on GitHub. SapphireStealer is an open-source information stealer written in […]

Pierluigi Paganini September 01, 2023
UNRAVELING EternalBlue: inside the WannaCry’s enabler

WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you should defend against it. What is the EternalBlue vulnerability? EternalBlue is a Windows exploit created by the US National Security Agency (NSA) and used in […]

Pierluigi Paganini September 01, 2023
Researchers released a free decryptor for the Key Group ransomware

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom. The Key Group ransomware gang has been […]

Pierluigi Paganini September 01, 2023
North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks

ReversingLabs researchers linked the VMConnect campaign to the North Korea-linked APT group Labyrinth Chollima. ReversingLabs researchers believe that the North Korea-linked APT group Labyrinth Chollima is behind the VMConnect campaign. Threat actors uploaded a series of malicious packages to the PyPI (Python Package Index) repository, including a rogue package posing as the VMware vSphere connector […]

Pierluigi Paganini August 31, 2023
Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. GCHQ’s National Cyber Security Centre and international partners reported that Russia-linked threat actors are using a new malware to target the Ukrainian military Government experts attribute the attack to the Russian military intelligence service the GRU. […]

Pierluigi Paganini August 31, 2023
Paramount Global disclosed a data breach

Multinational mass media conglomerate Paramount Global suffered a data breach after an unauthorized party accessed files from certain of its systems. Multinational mass media conglomerate Paramount Global disclosed a data breach. According to the data breach notification letter sent to the impacted individuals, an unauthorized party accessed files from certain systems of the company between […]

Pierluigi Paganini August 31, 2023
Abusing Windows Container Isolation Framework to avoid detection by security products

Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. The expert explained that Windows OS separates the file system from each container to the host […]

Pierluigi Paganini August 30, 2023
Chinese GREF APT distributes spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores

China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores. The malware […]

Pierluigi Paganini August 30, 2023
Threat actors started exploiting Juniper flaws shortly after PoC release

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper […]

Pierluigi Paganini August 30, 2023
Why are we seeing such a huge demand for AI at the moment?

This is my interview for TRT Money Talks, speaking about the huge demand for AI and the multiple factors that are sustaining it. Q1 Why are we seeing such a huge demand for A-I at the moment? and how long can we expect the rally to continue? some analysts suggest this could be the peak. […]