Hacking

Pierluigi Paganini May 28, 2021
China-linked APT groups targets orgs via Pulse Secure VPN devices

Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information. FireEye monitored the activities of two […]

Pierluigi Paganini May 28, 2021
Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign conducted by NOBELIUM APT. The NOBELIUM APT is the threat actor that conducted supply chain attack against SolarWinds which involved multiple families of implants, including the SUNBURST […]

Pierluigi Paganini May 28, 2021
Canada Post disclosed a ransomware attack on a third-party service provider

Canada Post disclosed a ransomware attack on a third-party service provider that exposed shipping information for their customers. Canada Post announced that a ransomware attack on a third-party service provider exposed shipping information for their customers. Canada Post is a Crown corporation that functions as the primary postal operator in Canada, it provides service to more than 16 million Canadian […]

Pierluigi Paganini May 27, 2021
APT hacked a US municipal government via an unpatched Fortinet VPN

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN. “The FBI is […]

Pierluigi Paganini May 27, 2021
DHS announces security measures for critical pipeline industry

The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for critical pipeline owners and operators. The Colonial pipeline incident continues to have a serious impact on the critical infrastructure sector. The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for owners and operators of critical pipelines. The new security directive requires critical […]

Pierluigi Paganini May 27, 2021
NASA identified 1,785 cyber incidents in 2020

NASA identified more than 6,000 cyber-related incidents in the last four years, according to a report published by its Office of Inspector General. The U.S. National Aeronautics and Space Administration (NASA) has identified more than 6,000 cyber-related incidents in the last four years, according to a report published by NASA’s Office of Inspector General. The […]

Pierluigi Paganini May 27, 2021
Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool

Threat actors have compromised offices of multiple Japanese agencies via Fujitsu ‘s ProjectWEB information sharing tool. Threat actors have breached the offices of multiple Japanese agencies after they have gained access to projects that uses the Fujitsu ‘s ProjectWEB information sharing tool. ProjectWEB is a software-as-a-service (SaaS) platform for enterprise collaboration and file-sharing that was […]

Pierluigi Paganini May 27, 2021
M1RACLES, the unpatchable bug that impacts new Apple M1 chips

A security expert has discovered a vulnerability in Apple M1 chips, dubbed M1RACLES, that cannot be fixed. Software engineer Hector Martin from Asahi Linux has discovered a vulnerability in the new Apple M1 chips, tracked as CVE-2021-30747, that was named M1RACLES. The expert pointed out that the issue can only be fixed with a redesign […]

Pierluigi Paganini May 26, 2021
Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Researchers discovered about 50,000 IPs across multiple Kubernetes clusters that were compromised by the TeamTNT.threat actors. Researchers from Trend Micro reported that about 50,000 IPs were compromised across multiple Kubernetes clusters in a cryptojacking campaign conducted by TeamTNT group. Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. It aims to […]

Pierluigi Paganini May 26, 2021
French police seized dark web marketplace Le Monde Parallèle

Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police in the fight against cybercrime. French authorities seized the dark web marketplace Le Monde Parallèle, the operation is another success of national police in the fight against cybercrime activity in the dark web. It is […]