Category: Securityaffairs

MITRE and CISA release Caldera for OT attack emulation
20
Apr
2024

MITRE revealed that nation-state actors breached its systems via Ivanti zero-days

MITRE revealed that nation-state actors breached its systems via Ivanti zero-days Pierluigi Paganini April 19, 2024 The MITRE Corporation revealed…

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake
19
Apr
2024

FBI chief says China is preparing to attack US critical infrastructure

FBI chief says China is preparing to attack US critical infrastructure Pierluigi Paganini April 19, 2024 China-linked threat actors are…

United Nations Development Programme (UNDP) investigates data breach
19
Apr
2024

United Nations Development Programme (UNDP) investigates data breach

United Nations Development Programme (UNDP) investigates data breach Pierluigi Paganini April 19, 2024 The United Nations Development Programme (UNDP) has…

FIN7 targeted a large U.S. carmaker phishing attacks
18
Apr
2024

FIN7 targeted a large U.S. carmaker phishing attacks

FIN7 targeted a large U.S. carmaker phishing attacks Pierluigi Paganini April 18, 2024 BlackBerry reported that the financially motivated group…

International police operation dismantled prominent Ukraine-based Ransomware group
18
Apr
2024

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Law enforcement operation dismantled phishing-as-a-service platform LabHost Pierluigi Paganini April 18, 2024 An international law enforcement operation led to the…

Previously unknown Kapeka backdoor linked to Sandworm APT
18
Apr
2024

Previously unknown Kapeka backdoor linked to Sandworm APT

Previously unknown Kapeka backdoor linked to Russian Sandworm APT Pierluigi Paganini April 18, 2024 Russia-linked APT Sandworm employed a previously…

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks
18
Apr
2024

Cisco warns of a command injection escalation flaw in its IMC

Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available Pierluigi Paganini April 18, 2024 Cisco…

Linux variant of Cerber ransomware targets Atlassian servers
17
Apr
2024

Linux variant of Cerber ransomware targets Atlassian servers

Linux variant of Cerber ransomware targets Atlassian servers Pierluigi Paganini April 17, 2024 Threat actors are exploiting the CVE-2023-22518 flaw in…

Ivanti fixed a critical EPM flaw that can result in RCE
17
Apr
2024

Ivanti fixed two critical flaws in its Avalanche MDM

Ivanti fixed two critical flaws in its Avalanche MDM Pierluigi Paganini April 17, 2024 Ivanti addressed two critical vulnerabilities in…

Palo Alto Networks fixed multiple DoS bugs in its firewalls
17
Apr
2024

Researchers released exploit code for actively exploited Palo Alto PAN-OS bug

Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Pierluigi Paganini April 17, 2024 Researchers released an exploit…

City of Philadelphia suffers a data breach
17
Apr
2024

Cisco warns of large-scale brute-force attacks against VPN and SSH services

Cisco warns of large-scale brute-force attacks against VPN and SSH services Pierluigi Paganini April 17, 2024 Cisco Talos warns of…

PuTTY SSH Client flaw allows of private keys recovery
16
Apr
2024

PuTTY SSH Client flaw allows of private keys recovery

PuTTY SSH Client flaw allows of private keys recovery Pierluigi Paganini April 16, 2024 The PuTTY Secure Shell (SSH) and…