IT Information Security

Pierluigi Paganini March 17, 2023
Hitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitation

Hitachi Energy disclosed a data breach, the Clop ransomware gang stole the company data by exploiting the recent GoAnywhere zero-day flaw. Hitachi Energy disclosed a data breach, the company was hacked by the Clop ransomware gang that stole its data by exploiting the recently disclosed zero-day vulnerability in the GoAnywhere MFT (Managed File Transfer). The […]

Pierluigi Paganini March 17, 2023
HinataBot, a new Go-Based DDoS botnet in the threat landscape

A new Golang-based DDoS botnet, tracked as HinataBot, targets routers and servers by exploiting known vulnerabilities. Akamai researchers spotted a new DDoS Golang-based botnet, dubbed HinataBot, which has been observed exploiting known flaws to compromise routers and servers. The experts reported that the HinataBot bot was seen being distributed since the beginning of 2023 and its operators are actively […]

Pierluigi Paganini March 17, 2023
Top 5 Insider Threats to Look Out For in 2023

Unquestionably, ‘insider threats’ is one of the most neglected aspects of cybersecurity and some companies fail to recognize associated dangers. Cyberattacks are growing more complex as technology advances. Many businesses concentrate their cybersecurity efforts solely on external attacks, which leaves more openings for internal risks. Some companies fail to recognise the danger of losing confidential […]

Pierluigi Paganini March 17, 2023
China-linked APT likely linked to Fortinet zero-day attacks

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328, in attacks aimed at government organizations. A few days ago, Fortinet researchers warned of an advanced threat actor that is targeting governmental or government-related […]

Pierluigi Paganini March 16, 2023
Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack

Google’s Project Zero hackers found multiple flaws in Samsung ’s Exynos chipsets that expose devices to remote hack with no user interaction. White hat hackers at Google’s Project Zero unit discovered multiple vulnerabilities Samsung ’s Exynos chipsets that can be exploited by remote attackers to compromise phones without user interaction. The researchers discovered a total […]

Pierluigi Paganini March 16, 2023
Microsoft sheds light on a year of Russian hybrid warfare in Ukraine

Russia-linked threat actors targeted at least 17 European nations in 2023, and 74 countries since the start of the invasion of Ukraine. Microsoft revealed that Russia-linked threat actors targeted at least 17 European nations between January and mid-February 2023. According to a report published by the IT giant, the state-sponsored hackers have targeted 74 countries […]

Pierluigi Paganini March 16, 2023
Polish intelligence dismantled a network of Russian spies

Polish intelligence dismantled a cell of Russian spies that gathered info on military equipment deliveries to Ukraine via the EU member. Polish counter-intelligence has dismantled a cell of Russian spies that gathered information on the provisioning of military equipment to Ukraine via the EU member. “The ABW counter-intelligence agency has arrested nine people suspected of […]

Pierluigi Paganini March 16, 2023
Multiple threat actors exploited Progress Telerik bug to breach U.S. federal agency

Multiple threat actors exploited a critical flaw in Progress Telerik to breach an unnamed US federal agency, said the US government. A joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) revealed that multiple threat actors, including a nation-state actor, exploited a […]

Pierluigi Paganini March 16, 2023
CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog

US CISA added an actively exploited vulnerability in Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Adobe ColdFusion, tracked as CVE-2023-26360 (CVSS score: 8.6), to its Known Exploited Vulnerabilities Catalog. This week Adobe released security updates for ColdFusion versions 2021 and 2018 to resolve the critical flaw […]

Pierluigi Paganini March 15, 2023
Russia-linked APT29 abuses EU information exchange systems in recent attacks

Russia-linked APT29 group abused the legitimate information exchange systems used by European countries to target government entities. Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU […]