Courtroom Digital Forensics

Russia-linked APT29 targeted German political parties with WINELOADER backdoor

[ad_1] Russia-linked APT29 targeted German political parties with WINELOADER backdoor Pierluigi Paganini March 23, 2024 Russia-linked threat actors employ the WINELOADER backdoor in recent attacks targeting German political parties. In late February, Mandiant researchers spotted the Russia-linked group APT29 using a new variant of the WINELOADER backdoor to target German political parties with a CDU-themed …

Russia-linked APT29 targeted German political parties with WINELOADER backdoor Read More »

Mozilla fixed Firefox 0days exploited at Pwn2Own Vancouver 2024

[ad_1] Mozilla fixed Firefox zero-days exploited at Pwn2Own Vancouver 2024 Pierluigi Paganini March 23, 2024 Mozilla addressed two Firefox zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2024 hacking competition. Mozilla has done an amazing job addressing two zero-day vulnerabilities in the Firefox web browser exploited during the recent Pwn2Own Vancouver 2024 hacking competition. The researcher …

Mozilla fixed Firefox 0days exploited at Pwn2Own Vancouver 2024 Read More »

German police seized the darknet marketplace Nemesis Market

[ad_1] German police seized the darknet marketplace Nemesis Market Pierluigi Paganini March 23, 2024 The German police seized the infrastructure of the darknet marketplace Nemesis Market disrupting its operation. An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure …

German police seized the darknet marketplace Nemesis Market Read More »

Unsaflok flaws allow to open millions of doors using Dormakaba Saflok electronic locks

[ad_1] Unsaflok flaws allow to open millions of doors using Dormakaba Saflok electronic locks Pierluigi Paganini March 22, 2024 A flaw in Dormakaba Saflok electronic locks, dubbed Unsaflok, can allow threat actors to open millions of doors worldwide. Researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana discovered a series of vulnerabilities, collectively named Unsaflok, in Dormakaba …

Unsaflok flaws allow to open millions of doors using Dormakaba Saflok electronic locks Read More »

participants earned $1,132,500 for 29 unique 0-days

[ad_1] Pwn2Own Vancouver 2024: participants earned $1,132,500 for 29 unique 0-days Pierluigi Paganini March 22, 2024 Pwn2Own Vancouver 2024 hacking competition has ended, and participants earned $1,132,500 for demonstrating 29 unique zero-days. Trend Micro’s Zero Day Initiative (ZDI) announced that participants earned $1,132,500 on the Pwn2Own Vancouver 2024 hacking competition for demonstrating 29 unique zero-days. …

participants earned $1,132,500 for 29 unique 0-days Read More »

Pokemon Company resets some users’ passwords

[ad_1] Pokemon Company resets some users’ passwords Pierluigi Paganini March 20, 2024 The Pokemon Company resets some users’ passwords in response to hacking attempts against some of its users. The Pokemon Company announced it had reset the passwords for some accounts after it had detected hacking attempts, Techcrunch first reported. The company was likely the …

Pokemon Company resets some users’ passwords Read More »

Critical Fortinet’s FortiClient EMS flaw actively exploited in the wild

[ad_1] Critical Fortinet’s FortiClient EMS flaw actively exploited in the wild Pierluigi Paganini March 21, 2024 Researchers released a PoC exploit for a critical flaw in Fortinet’s FortiClient Enterprise Management Server (EMS) software, which is actively exploited. Security researchers at Horizon3 have released a proof-of-concept (PoC) exploit for a critical vulnerability, tracked as CVE-2023-48788 (CVSS …

Critical Fortinet’s FortiClient EMS flaw actively exploited in the wild Read More »

Ivanti urges customers to fix critical RCE flaw in Standalone Sentry

[ad_1] Ivanti urges customers to fix critical RCE flaw in Standalone Sentry solution Pierluigi Paganini March 21, 2024 Ivanti urges customers to address a critical remote code execution vulnerability impacting the Standalone Sentry solution. Ivanti addressed a critical remote code execution vulnerability, tracked as CVE-2023-41724 (CVSS score of 9.6), impacting Standalone Sentry solution. An unauthenticated …

Ivanti urges customers to fix critical RCE flaw in Standalone Sentry Read More »

New Loop DoS attack may target 300,000 vulnerable hosts

[ad_1] New Loop DoS attack may target 300,000 vulnerable hosts Pierluigi Paganini March 21, 2024 Boffins devised a new application-layer loop DoS attack based on the UDP protocol that impacts major vendors, including Broadcom, Microsoft and MikroTik. Researchers from the CISPA Helmholtz Center for Information Security (Germany) devised a new denial-of-service (DoS) attack, called loop …

New Loop DoS attack may target 300,000 vulnerable hosts Read More »

Scroll to Top