Pierluigi Paganini

@Pierluigi_Paganini@mstdn.social
40 Followers
5 Following
98 Posts
Pierluigi Paganini is a member of the ENISA (European Union Agency for Network and Information Security) Ad-Hoc Working Group on Cyber Threat Landscapes and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Pierluigi is a cyber security expert with over 25 years of experience in the field.
Pierluigi PaganiniDec 5, 2022
Exclusive: The largest #mobile #malware marketplace identified by Resecurity in the #DarkWeb
https://securityaffairs.co/wordpress/139310/cyber-crime/dark-web-mobile-malware-marketplace.html
#securityaffairs #hacking #cybersecurity #Linux
Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries Resecurity, the California-based cybersecurity company protecting major Fortune 500 companies, has identified a new underground marketplace in […]

Security Affairs
Pierluigi PaganiniDec 5, 2022
Exclusive: The largest #mobile #malware marketplace identified by Resecurity in the #DarkWeb
https://securityaffairs.co/wordpress/139310/cyber-crime/dark-web-mobile-malware-marketplace.html
#securityaffairs #hacking #cybersecurity #Linux
Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries Resecurity, the California-based cybersecurity company protecting major Fortune 500 companies, has identified a new underground marketplace in […]

Security Affairs
Pierluigi PaganiniDec 5, 2022
Critical Ping bug potentially allows remote hack of #FreeBSD systems
https://securityaffairs.co/wordpress/139300/hacking/cve-2022-23093-freebsd-systems-flaw.html
#securityaffairs #hacking #cybersecurity #Linux
Critical Ping bug potentially allows remote hack of FreeBSD systems

A critical stack-based buffer overflow bug, tracked as CVE-2022-23093, in the ping service can allow to take over FreeBSD systems. The maintainers of the FreeBSD operating system released updates to address a critical flaw, tracked as CVE-2022-23093, in the ping module that could be potentially exploited to gain remote code execution. The ping utility allows testing the […]

Security Affairs
Pierluigi PaganiniDec 5, 2022
#Lazarus #APT uses fake #cryptocurrency apps to spread #AppleJeus #Malware
https://securityaffairs.co/wordpress/139290/apt/lazarus-apt-bloxholder-campaign.html
#securityaffairs #hacking
Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware

The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. The threat actors were observed spreading fake cryptocurrency apps under the fake brand BloxHolder to deliver the AppleJeus […]

Security Affairs
Pierluigi PaganiniDec 4, 2022
Law enforcement agencies can extract data from thousands of cars' #infotainment systems
https://securityaffairs.co/wordpress/139267/hacking/law-enforcement-cars-infotainment-systems.html
#securityaffairs #hacking #carhacking #forensics
Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Law enforcement agencies can extract data from the infotainment systems of thousands of different car models. Data managed by infotainment systems in modern vehicles are a valuable source of information for the investigation of law enforcement agencies. Modern vehicles come with sophisticated infotainment systems that are connected online and that could represent an entry point […]

Security Affairs
Pierluigi PaganiniDec 4, 2022
US #DHS Cyber Safety Board will review #Lapsus$ gang’s operations
https://securityaffairs.co/wordpress/139255/cyber-crime/us-dhs-cyber-safety-board-review-lapsus-attacks.html
#securityaffairs #hacking
US DHS Cyber Safety Board will review Lapsus$ gang’s operations

US DHS Cyber Safety Review Board will review attacks linked to the Lapsus$ extortion gang that hit multiple high-profile companies. The Department of Homeland Security (DHS) Cyber Safety Review Board announced that it will review cyberattacks linked to the extortion gang Lapsus$, the gang breached multiple high-profile companies in recent years. “Today, the U.S. Department […]

Security Affairs
Pierluigi PaganiniDec 4, 2022
New #CryWiper #wiper targets Russian entities masquerading as a #ransomware
https://securityaffairs.co/wordpress/139237/malware/crywiper-wiper.html
#securityaffairs #hacking #malware
New CryWiper wiper targets Russian entities masquerading as a ransomware

Experts spotted a new data wiper, dubbed CryWiper, that was employed in destructive attacks against Russian mayor’s offices and courts. Researchers from Kaspersky discovered a previously unknown data wiper, dubbed CryWiper, that was employed in destructive attacks against Russian mayor’s offices and courts. The malware masquerades as ransomware, but the analysis of the code demonstrates that it […]

Security Affairs
Pierluigi PaganiniDec 4, 2022
Security Affairs #newsletter Round 396
https://securityaffairs.co/wordpress/139246/breaking-news/security-affairs-newsletter-round-396.html
#securityaffairs #hacking
Security Affairs newsletter Round 396

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be […]

Security Affairs
Pierluigi PaganiniDec 3, 2022
A new #Linux flaw can be chained with other two bugs to gain full root privileges
https://securityaffairs.co/wordpress/139209/hacking/three-linux-bugs-full-root-privileges.html
#securityaffairs #hacking
A new Linux flaw can be chained with other two bugs to gain full root privileges

Qualys researchers demonstrated how to chain a new Linux flaw with two other two issues to gain full root privileges on an impacted system. Researchers at the Qualys’ Threat Research Unit demonstrated how to chain a new Linux vulnerability, tracked as CVE-2022-3328, with two other flaws to gain full root privileges on an affected system. The […]

Security Affairs
Pierluigi PaganiniDec 3, 2022
#Google fixed the ninth actively exploited #Chrome #zeroday this year
https://securityaffairs.co/wordpress/139226/security/9-google-chrome-zero-day.html
#securityaffairs #hacking
Google fixed the ninth actively exploited Chrome zeroday this year

Google released security updates to address a new Chrome zero-day flaw, tracked as CVE-2022-4262, actively exploited in the wild. Google rolled out an emergency security update for the Chrome web browser to address a new zero-day vulnerability, tracked as CVE-2022-4262, that is actively exploited. The CVE-2022-4262 vulnerability is a type confusion bug in the V8 […]

Security Affairs