Security News

Pierluigi Paganini January 19, 2022
Is White Rabbit ransomware linked to FIN8 financially motivated group?

A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8 hacking group. A new ransomware gang called ‘White Rabbit’ launched its operations and according to the experts, it is likely linked to the FIN8 financially motivated group. In December the popular malware researcher Michael Gillespie, […]

Pierluigi Paganini January 18, 2022
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler

Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the AlphV/BlackCat. Moncler confirmed a data breach after an attack that took place in December. The luxury fashion giant was hit by AlphV/BlackCat ransomware that today published the stolen data on its leak site in the Tor network. In December, malware […]

Pierluigi Paganini January 18, 2022
Financially motivated Earth Lusca threat actors targets organizations worldwide

A sophisticated threat actor, tracked as Earth Lusca, is targeting government and private organizations worldwide as for financial purposes. Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks.  According to the security firm, the group is financially motivated, its cyberespionage campaign hit high value […]

Pierluigi Paganini January 18, 2022
Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. “This week, law enforcement authorities took action against the criminal misuse […]

Pierluigi Paganini January 18, 2022
Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Microsoft released Windows emergency out-of-band (OOB) updates to fix multiple issues caused by January 2021 Patch Tuesday updates. Microsoft has released emergency out-of-band (OOB) updates for Windows to address multiple issues caused by security updates issued as part of the January 2021 Patch Tuesday. The Windows Server updates for January were causing a series of issues […]

Pierluigi Paganini January 18, 2022
A small number of Crypto.com users reported suspicious activity on their wallet

Several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) from their wallets. Several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) despite their accounts being protected with 2FA. Crypto.com is a cryptocurrency exchange app based in Singapore, the app currently has 10 million users and 3,000 employees. […]

Pierluigi Paganini January 17, 2022
Oracle Critical Patch Update for January 2022 will fix 483 new flaws

The pre-release announcement for Critical Patch Update (CPU) for January 2022 states that Oracle will fix 483 new flaws. This pre-release announcement for Critical Patch Update (CPU) for January 2022 confirms that Oracle security updates will address 483 new security patches. The Critical Patch Update for January will be released on Tuesday, January 18, 2022.  […]

Pierluigi Paganini January 17, 2022
Zoho fixes a critical vulnerability (CVE-2021-44757) in Desktop Central solutions

Zoho addressed a new critical severity flaw (CVE-2021-44757) that affects its Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions Zoho fixed a new critical severity flaw, tracked as CVE-2021-44757, that affects its Desktop Central and Desktop Central MSP unified endpoint management (UEM) solutions. The issue is an authentication bypass vulnerability, a remote attacker […]

Pierluigi Paganini January 17, 2022
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites

Researchers discovered a high-severity vulnerability in three different WordPress plugins that impact over 84,000 websites. Researchers from WordPress security company Wordfence discovered a high-severity vulnerability that affects three different WordPress plugins that impact over 84,000 websites. The vulnerability tracked as CVE-2022-0215 is a cross-site request forgery (CSRF) issue that received a CVSS score of 8.8. […]

Pierluigi Paganini January 17, 2022
Experts warn of attacks using a new Linux variant of SFile ransomware

The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems. Some variants of the ransomware append the English name of the target company to the filenames of the encrypted files. […]