Hacking

Pierluigi Paganini December 18, 2020
Fake mobile version of Cyberpunk 2077 spreads ransomware

A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077. Crooks are spreading fake Windows and Android versions of installers for the new Cyberpunk 2077 video game that is delivering the CoderWare ransomware. Cyberpunk 2077 is a 2020 action role-playing video game developed and published by CD Projekt, it […]

Pierluigi Paganini December 17, 2020
5 million WordPress sites potentially impacted by a Contact Form 7 flaw

The development team behind the Contact Form 7 WordPress plugin discloses an unrestricted file upload vulnerability. Jinson Varghese Behanan from Astra Security discovered an unrestricted file upload vulnerability in the popular Contact Form 7 WordPress vulnerability. The WordPress plugin allows users to add multiple contact forms on their site.  “By exploiting this vulnerability, attackers could simply upload files of […]

Pierluigi Paganini December 17, 2020
DoppelPaymer ransomware gang now cold-calling victims, FBI warns

FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay, threatening to send individuals to their homes. FBI is warning of a new escalation in the extortion activities of the DoppelPaymer ransomware gang, the operators have been calling victims, threatening to send individuals to their homes if they don’t pay the ransom. According […]

Pierluigi Paganini December 17, 2020
Experts spotted browser malicious extensions for Instagram, Facebook and others

Avast researchers reported that three million users installed 28 malicious Chrome or Edge extensions that could perform several malicious operations. Avast Threat Intelligence researchers spotted malicious Chrome and Edge browser extensions that were installed by over 3 million users. The extensions were designed to steal user’s data (i.e. birth dates, email addresses, and active devices) and […]

Pierluigi Paganini December 17, 2020
Launched OSSISNa, the Observatory for the Protection of the National Strategic Industrial System

On 11th December 2020, the Observatory for the Protection of the National Strategic Industrial System (OSSISNa) was officially announced. On 11th December 2020, during the international scientific conference on CBRNe events “SICC 2020”, the Observatory for the Protection of the National Strategic Industrial System (OSSISNa) was officially presented. OSSISNa is a project created within the […]

Pierluigi Paganini December 17, 2020
Digging the recently leaked Chinese Communist Party database

KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai. After the announcement of the leak of the database which contains the personal information of 1.9 million Chinese Communist Party (CCP) members in Shanghai, KELA researchers have obtained it. This database includes the members’ name, […]

Pierluigi Paganini December 16, 2020
HPE discloses critical zero-day in Systems Insight Manager

HPE has disclosed a zero-day vulnerability in the latest versions of its HPE Systems Insight Manager (SIM) software for both Windows and Linux. Hewlett Packard Enterprise (HPE) has disclosed a zero-day remote code execution flaw that affects the latest versions of its HPE Systems Insight Manager (SIM) software for Windows and Linux. HPE SIM is a […]

Pierluigi Paganini December 16, 2020
EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

The European Union is going to unveil two laws, the Digital Services and Digital Markets Acts, that will impose new rules for tech giants. The European Union is set to unveil two laws, the Digital Services and Digital Markets Acts, that aim at defining new rules for the digital market, especially for the operations of […]

Pierluigi Paganini December 16, 2020
Sextortion campaign uses Goontact spyware to target Android and iOS users

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected devices and […]

Pierluigi Paganini December 16, 2020
Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack

Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing. Microsoft partnered with other cybersecurity firms to seize the primary domain used in the SolarWinds attack (avsvmcloud[.]com) in an attempt to identify all victims and prevent other systems from being served malicious software. The domain […]