Pierluigi Paganini
February 17, 2023
Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can trigger […]
Pierluigi Paganini
February 17, 2023
US CISA added actively exploited flaws in Cacti framework, Microsoft Office, Windows, and iOS to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: CVE-2022-46169 – Cacti is an open-source platform that provides a robust and extensible operational monitoring and fault management framework for users. The flaw […]
Pierluigi Paganini
February 16, 2023
During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022. Below is the list […]
Pierluigi Paganini
February 16, 2023
ESXiArgs ransomware continues to spread in Europe, most of the recent infections were observed in France, Germany, the Netherlands, the UK, and Ukraine Researchers from Censys reported that more than 500 hosts have been infected in a new wave of ESXiArgs ransomware attacks, most of which are in France, Germany, the Netherlands, and the U.K.. […]
Pierluigi Paganini
February 16, 2023
Talos researchers observed a financially motivated threat actor using a new ransomware dubbed MortalKombat and a clipper malware named Laplas. Since December 2022, Cisco Talos researchers have been observing an unidentified financially motivated threat actor deploying two new malware, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware. The threat actor […]
Pierluigi Paganini
February 16, 2023
Hyundai and Kia car makers are releasing an emergency software update to fix a flaw that can allow stealing a car with a USB cable. Carmakers Hyundai and KIA are rolling out an emergency update for the software shipped with several car models. The update addresses a bug that can be exploited by thieves to […]
Pierluigi Paganini
February 15, 2023
The City of Oakland has declared a local state of emergency due to the effect of the ransomware attack that hit the city on February 8, 2023. The City of Oakland disclosed last week a ransomware attack, the security breach began on February 8, 2023. In an abundance of caution, the City of Oakland has […]
Pierluigi Paganini
February 15, 2023
Citrix released security updates for multiple High-Severity flaws in Virtual Apps and Desktops, and Workspace apps for Windows and Linux. Citrix released security patches to fix multiple vulnerabilities in Virtual Apps and Desktops, and Workspace apps for Windows and Linux. The first issue listed in the support Knowledge Center of the company, tracked as CVE-2023-24483, […]
Pierluigi Paganini
February 15, 2023
Adobe Patch Tuesday addressed multiple vulnerabilities, including critical issues that expose Windows and macOS to hack. Adobe released security updates to address multiple vulnerabilities impacting Photoshop, Illustrator and After Effects for both Windows and macOS users. Adobe addressed four critical issues (CVE-2022-24094, CVE-2022-24095, CVE-2022-24096, and CVE-2022-24097) affecting the After Effects products, successful exploitation could lead […]
Pierluigi Paganini
February 15, 2023
Experts detected a new evasive malware dubbed Beep, it implements many anti-debugging and anti-sandbox techniques. Researchers from Minerva recently discovered a new evasive malware dubbed Beep, which implements many anti-debugging and anti-sandbox techniques. The name Beep comes from the use of techniques involved in delaying the execution through the use of the Beep API function. The experts […]
