Pierluigi Paganini

BMW exposes data of clients in Italy, experts warn

Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on. Original post at: https://cybernews.com/security/bmw-exposes-italy-clients/ Hackers have been enjoying their fair share of the spotlight by breaching car manufacturers’ defenses. The latest Cybernews discovery showcases that popular car brands sometimes leave their doors open, as if inviting […]

The post BMW exposes data of clients in Italy, experts warn appeared first on Security Affairs.

March 10, 2023
0 comment
Read More >>

Akamai mitigated a record-breaking DDoS attack that peaked 900Gbps

Akamai has mitigated the largest DDoS (distributed denial of service) attack ever, which peaked at 900.1 gigabits per second. Akamai reported that on February 23, 2023, at 10:22 UTC, it mitigated the largest DDoS attack ever. The attack traffic peaked at 900.1 gigabits per second and 158.2 million packets per second. The record-breaking DDoS was launched against a […]

The post Akamai mitigated a record-breaking DDoS attack that peaked 900Gbps appeared first on Security Affairs.

March 10, 2023
0 comment
Read More >>

SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers

Alleged China-linked threat actors infected unpatched SonicWall Secure Mobile Access (SMA) appliances with a custom backdoor. Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. The malware allows attackers to steal user credentials, achieve persistence through firmware upgrades, and provides shell access. The analysis of a […]

The post SonicWall SMA appliance infected by a custom malware allegedly developed by Chinese hackers appeared first on Security Affairs.

March 9, 2023
0 comment
Read More >>

Recently discovered IceFire Ransomware now also targets Linux systems

The recently discovered Windows ransomware IceFire now also targets Linux enterprise networks in multiple sectors. SentinelLabs researchers discovered new Linux versions of the recently discovered IceFire ransomware that was employed in attacks against several media and entertainment organizations worldwide. The ransomware initially targeted only Windows-based systems, with a focus on technology companies. IceFire was first detected in […]

The post Recently discovered IceFire Ransomware now also targets Linux systems appeared first on Security Affairs.

March 9, 2023
0 comment
Read More >>

8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks

A threat actor tracked as 8220 Gang has been spotted using a new crypter called ScrubCrypt in cryptojacking campaigns. Fortinet researchers observed the mining group 8220 Gang using a new crypter called ScrubCrypt in cryptojacking attacks. “Between January and February 2023, FortiGuard Labs observed a payload targeting an exploitable Oracle Weblogic Server in a specific […]

The post 8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks appeared first on Security Affairs.

March 9, 2023
0 comment
Read More >>

CloudBees flaws in Jenkins server can lead to code execution

CloudBees vulnerabilities in the Jenkins open-source automation server can be exploited to achieve code execution on targeted systems. Researchers from cloud security firm Aqua discovered a chain of two vulnerabilities in the Jenkins open-source automation server that could lead to code execution on targeted systems. Jenkins is the most popular open source automation server, it is […]

The post CloudBees flaws in Jenkins server can lead to code execution appeared first on Security Affairs.

March 9, 2023
0 comment
Read More >>

A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!

Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked as CVE-2023-25610 (CVSS v3 9.3), that resides in the administrative interface in FortiOS and FortiProxy. A remote, unauthenticated attacker can exploit the vulnerability to execute arbitrary […]

The post A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now! appeared first on Security Affairs.

March 9, 2023
0 comment
Read More >>

Veeam warns to install patches to fix a bug in its Backup & Replication product

Veeam addressed a high-severity vulnerability in the Backup Service that impacts Backup & Replication software. Veeam addressed a high-severity vulnerability in the Backup Service, tracked as CVE-2023-27532 (CVSS v3 score: 7.5), that impacts all versions of Backup & Replication software versions. “Vulnerability CVE-2023-27532 in Veeam Backup & Replication component allows to obtain encrypted credentials stored in the […]

The post Veeam warns to install patches to fix a bug in its Backup & Replication product appeared first on Security Affairs.

March 8, 2023
0 comment
Read More >>

North Korea-linked Lazarus APT used a 0-day in a recent attack

North Korea-linked Lazarus APT group exploits a zero-day vulnerability in attacks aimed at a South Korean financial entity. ASEC (AhnLab Security Emergency Response Center) observed North Korea-linked Lazarus APT group exploiting a zero-day vulnerability in an undisclosed software to breach a financial business entity in South Korea. The nation-state actors breached twice the company in one year. The first […]

The post North Korea-linked Lazarus APT used a 0-day in a recent attack appeared first on Security Affairs.

March 8, 2023
0 comment
Read More >>

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: The CVE-2022-35914 flaw is a PHP code injection vulnerability that resides in the /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI […]

The post CISA adds three new bugs to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

March 8, 2023
0 comment
Read More >>