Security News

Pierluigi Paganini March 18, 2024
Fujitsu suffered a malware attack and probably a data breach

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed that multiple work computers were infected with malware, in response to […]

Pierluigi Paganini March 18, 2024
Remove WordPress miniOrange plugins, a critical flaw can allow site takeover

A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the company Bug Bounty initiative Extravaganza. This WordPress plugin has more than 10,000+ active installations. The […]

Pierluigi Paganini March 18, 2024
The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats

Resecurity reported about the increasing wave of cyber incidents targeting the aerospace and aviation sectors. The experts emphasized the importance of rigorous cybersecurity risk assessments for airports and proactive threat intelligence in the context of the activity of major ransomware groups and advanced threat actors. As geopolitical tensions rise globally, there’s a heightened risk of […]

Pierluigi Paganini March 18, 2024
Email accounts of the International Monetary Fund compromised

Threat actors compromised at least 11 International Monetary Fund (IMF) email accounts earlier this year, the organization revealed. The International Monetary Fund (IMF) disclosed a security breach, threat actors compromsed 11 email accounts earlier this year. The agency discovered the incident on February 16, 2024, and immediately launched an investigation with the help of cybersecurity […]

Pierluigi Paganini March 17, 2024
“gitgub” malware campaign targets Github users with RisePro info-stealer

Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. G-Data researchers found at least 13 such Github repositories hosting cracked software designed to deliver the RisePro info-stealer. The experts noticed that this campaign was named “gitgub” by its operators. The researchers started the investigation following Arstechnica’s story about […]

Pierluigi Paganini March 17, 2024
Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware […]

Pierluigi Paganini March 16, 2024
France Travail data breach impacted 43 Million people

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach. The press release published by the agency states that its information systems are not […]

Pierluigi Paganini March 16, 2024
Scranton School District in Pennsylvania suffered a ransomware attack

School districts continue to be under attack, schools in Scranton, Pennsylvania, are suffering a ransomware attack. This week, schools in Scranton, Pennsylvania, experienced a ransomware attack, resulting in IT outages. The Scranton School District is working with third-party forensic specialists to investigate the security breach and restore impacted systems. “The attack is causing a temporary […]

Pierluigi Paganini March 16, 2024
Lazarus APT group returned to Tornado Cash to launder stolen funds

North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million.  North Korea-linked Lazarus APT group allegedly has reportedly resumed using the mixer platform Tornado Cash to launder $23 million. Blockchain cybersecurity firm Elliptic linked the theft of $112.5 million from exchange HTX, which took place in November 2023, […]

Pierluigi Paganini March 15, 2024
Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. U.S. District Court sentenced the Moldovan national (31) Sandu Boris Diaconu to 42 months in federal prison for conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized access devices. Diaconu […]