Pierluigi Paganini

Pierluigi Paganini February 07, 2023
VMware has no evidence of zero-day exploitation in ESXiArgs ransomware attacks

VMware said there is no evidence that threat actors are exploiting a zero-day flaw in its software as part of an ongoing ESXiArgs ransomware campaign. VMware said that it found no evidence that the threat actors behind the ongoing ESXiArgs ransomware attacks are leveraging a zero-day vulnerability in VMware ESXi servers. “VMware has not found evidence […]

Pierluigi Paganini February 07, 2023
OpenSSH addressed a new pre-auth double free vulnerability

The maintainers of OpenSSH address multiple security issues, including a memory safety bug in the OpenSSH server (sshd). The maintainers of OpenSSH have addressed a number of security vulnerabilities with the release of version 9.2. One of the issues addressed by the maintainers is a memory safety bug in the OpenSSH server (sshd) tracked as […]

Pierluigi Paganini February 07, 2023
Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance

The popular collective Anonymous has leaked 128 GB of data allegedly stolen from the Russian Internet Service Provider Convex. The collective Anonymous released last week 128 gigabytes of documents that were allegedly stolen from the Russian Internet Service Provider Convex. The huge trove of data was leased by an affiliate of Anonymous’s affiliate group called […]

Pierluigi Paganini February 06, 2023
Italy, France and Singapore Warn of a Spike in ESXI Ransomware

ESXi ransomware targeted thousands of VMware servers in a global-scale campaign, security experts and international CERTs warn. Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers. ESXi is VMware’s hypervisor, a technology that allows organizations to host several virtualized computers running multiple operating systems on a […]

Pierluigi Paganini February 06, 2023
Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]

Pierluigi Paganini February 06, 2023
Italian National Cybersecurity Agency (ACN) warns of massive ransomware campaign targeting VMware ESXi servers

The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers. The Italian National Cybersecurity Agency (ACN) warns of an ongoing massive ransomware campaign targeting VMware ESXi servers worldwide, including Italian systems. The attackers are attempting to exploit the CVE-2021–21974 vulnerability. According to the ACN, most of the attacks […]

Pierluigi Paganini February 05, 2023
Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT

Microsoft attributes a recent cyber attack against the satirical French magazine Charlie Hebdo to an Iran-linked NEPTUNIUM APT group.  Microsoft’s Digital Threat Analysis Center (DTAC) attributes a recent cyberattacks against the satirical French magazine Charlie Hebdo to an Iran-linked threat actor tracked as NEPTUNIUM (aka Emennet Pasargad, Holy Souls). The attack is a retaliation for […]

Pierluigi Paganini February 05, 2023
Security Affairs newsletter Round 405 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog GoAnywhere MFT zero-day flaw actively […]

Pierluigi Paganini February 04, 2023
CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog

US CISA added actively exploited vulnerabilities in SugarCRM and Oracle products to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added Oracle and SugarCRM flaws, respectively tracked as CVE-2022-21587 and CVE-2023-22952, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-21587 flaw (CVSS score 9.8) affects the Oracle E-Business Suite, which is a set […]

Pierluigi Paganini February 04, 2023
GoAnywhere MFT zero-day flaw actively exploited

Threat actors are actively exploiting a zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application. Experts warn that threat actors are actively exploiting a zero-day vulnerability in Fortra’s GoAnywhere MFT managed file transfer application. The popular investigator Brian Krebs first revealed details about the zero-day on Mastodon and pointed out that Fortra has yet […]