Pierluigi Paganini

Nexx bugs allow to open garage doors, and take control of alarms and plugs

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. In late 2022, the researcher Sam Sabetan discovered a series of critical vulnerabilities in several smart devices manufactured by Nexx, including Smart Garage Door Openers, Alarms, and Plugs. A […]

The post Nexx bugs allow to open garage doors, and take control of alarms and plugs appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

Tax preparation and e-file service eFile.com compromised to serve malware

The eFile.com online service, which is authorized by the US Internal Revenue Service (IRS), was spotted serving malicious malware to visitors. eFile.com, the personal online tax preparation and e-file service authorized by the US Internal Revenue Service (IRS), was spotted serving malware to visitors. The service helps taxpayers to file tax returns, experts reported that […]

The post Tax preparation and e-file service eFile.com compromised to serve malware appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

HP would take up to 90 days to fix a critical bug in some business-grade printers

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 score 9.1), that affects tens of HP Enterprise LaserJet and HP LaserJet Managed Printers models. The exploitation of the […]

The post HP would take up to 90 days to fix a critical bug in some business-grade printers appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

Law enforcement seized the Genesis Market cybercrime marketplace

Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster. The FBI seized the Genesis Market, a black marketplace for stolen credentials that was launched in 2017. Genesis Market was an invite-only marketplace, but it was not complex to find invite codes online. […]

The post Law enforcement seized the Genesis Market cybercrime marketplace appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Resecurity has recently identified the STYX Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. The STYX marketplace was launched at the beginning of 2023. This platform is specifically designed to facilitate financial crime, providing cybercriminals with a range of services, including stolen financial data, credit card information, […]

The post STYX Marketplace emerged in Dark Web focused on Financial Fraud appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

Rorschach ransomware has the fastest file-encrypting routine to date

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) researchers detected a previously unknown ransomware strain, dubbed Rorschach ransomware, that was employed in attack against a US-based company. The experts pointed out that the Rorschach ransomware appears to be unique. […]

The post Rorschach ransomware has the fastest file-encrypting routine to date appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

US CISA has added a Zimbra flaw, which was exploited in attacks targeting NATO countries, to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, which is used to host publicly-facing […]

The post CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>

3CX Supply chain attack allowed targeting cryptocurrency companies

Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. The products from multiple cybersecurity vendors started detecting the popular […]

The post 3CX Supply chain attack allowed targeting cryptocurrency companies appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>

UK outsourcing services provider Capita suffered a cyber incident

UK outsourcing services provider Capita confirmed that the outage suffered on Friday was caused by a cyberattack. Capita, the UK outsourcing giant, confirmed that its staff was locked out of their accounts on Friday after a cyber incident. Capita is one of the government’s biggest suppliers, with £6.5bn of public sector contracts, reported The Guardian. […]

The post UK outsourcing services provider Capita suffered a cyber incident appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>