Categories
Uncategorized

Governments Warn Iran Is Targeting Microsoft and Fortinet Flaws to Plant Ransomware (Mariam Baksh, Nextgov)

The cybersecurity agencies of the U.S., U.K. and Australia are urging critical infrastructure organizations to patch vulnerabilities in Microsoft and Fortinet products that they say hackers associated with Iran use in ransomware attacks. “FBI and CISA have observed this Iranian government-sponsored [advanced persistent threat] group exploit Fortinet vulnerabilities since at least March 2021 and a […]

Categories
Uncategorized

The Biden administration will work with 30 countries to curb global cybercrime (Pierluigi Paganini, Security Affrairs)

The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. The Biden administration will work with 30 countries curb global cybercrimeSecurity Affairs

Categories
Uncategorized

Bitdefender released free REvil ransomware decryptor that works for past victims (Pierluigi Paganini, Security Affairs)

Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free Bitdefender released free REvil ransomware decryptorSecurity Affairs

Categories
Uncategorized

Cybersecurity. Vulnerabilità dannosa per milioni di dispositivi IoT scoperta da FireEye (Barbara Tomasi, Tech From The Net)

FireEye ha scoperto una vulnerabilità critica che da remoto può colpire milioni di dispositivi IoT che utilizzano la rete ThroughTek “Kalay” e i loro clienti. Questa vulnerabilità può consentire agli aggressori di compromettere da remoto i dispositivi IoT delle vittime. Permettendo loro di ascoltare audio dal vivo, guardare dati video in tempo reale e compromettere le credenziali del dispositivo. […]

Categories
Uncategorized

Cybersecurity. Vermilion Strike, a Linux implementation of Cobalt Strike Beacon used in attacks (Pierluigi Paganini, Security Affairs)

Researchers discovered Linux and Windows implementations of the Cobalt Strike Beacon developed by attackers that were actively used in attacks in the wild Vermilion Strike, a Linux implementation of Cobalt Strike used in attacksSecurity Affairs

Categories
Uncategorized

Cybersecurity. Popular NPM package Pac-Resolver affected by a critical flaw (Pierluigi Paganini, Security Affairs)

Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week Popular NPM package Pac-Resolver affected by a critical flawSecurity Affairs

Categories
Uncategorized

Cybersecurity. Apple fixes actively exploited FORCEDENTRY zero-day flaws (Pierluigi Paganini, Security Affairs)

Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild Apple fixes actively exploited FORCEDENTRY zero-day flawsSecurity Affairs

Categories
Uncategorized

Cybersecurity. Facebook announces WhatsApp end-to-end encrypted (E2EE) backups (Pierluigi Paganini, Security Affairs)

Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud Facebook announces WhatsApp end-to-end encrypted (E2EE) backupsSecurity Affairs

Categories
Uncategorized

Cybersecurity. New Spook.Js attack allows to bypass Google Chrome Site Isolation protections (Pierluigi Paganini, Security Affairs)

Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome Spook.Js attack allows to bypass Google Chrome Site Isolation protectionsSecurity Affairs

Categories
Uncategorized

Cybersecurity. BlackMatter ransomware gang hit Technology giant Olympus (Pierluigi Paganini, Security Affairs)

Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident BlackMatter ransomware gang hit Technology giant OlympusSecurity Affairs

Categories
Uncategorized

Cybersecurity. The new maxtrilha trojan is being disseminated and targeting several banks (Pierluigi Paganini, Security Affairs)

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks New maxtrilha trojan is being disseminated and targeting several banksSecurity Affairs

Categories
Uncategorized

Cybersecurity/South Africa. Department of Justice and Constitutional Development of South Africa hit by a ransomware attack (Pierluigi Paganini, Security Affairs)

The Department of Justice and Constitutional Development of South Africa was hit by a ransomware attack that crippled bail services Department of Justice and Constitutional Development of South Africa hit by a ransomware attackSecurity Affairs