Security

Pierluigi Paganini October 01, 2024
UMC Health System diverted patients following a ransomware attack

US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an investigation into an IT outage across its network. UMC diverted patients for several days after taking IT systems offline following a ransomware attack. […]

Pierluigi Paganini October 01, 2024
U.S. CISA adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]

Pierluigi Paganini October 01, 2024
News agency AFP hit by cyberattack, client services impacted

AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that impacted its IT systems and content delivery for partners. The media agency confirmed that the global news coverage remains unaffected, however some client services were impacted. AFP […]

Pierluigi Paganini September 29, 2024
Progress Software fixed 2 new critical flaws in WhatsUp Gold

Progress Software addresses six new security vulnerabilities affecting its WhatsUp Gold, two of them are rated as critical severity. Progress Software has addressed six new security vulnerabilities in its IT infrastructure monitoring product WhatsUp Gold. “The WhatsUp Gold team has identified six vulnerabilities that exist in versions below 24.0.1. We are reaching out to all […]

Pierluigi Paganini September 28, 2024
Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format

The Irish Data Protection Commission (DPC) fined Meta €91 million for storing the passwords of hundreds of millions of users in plaintext. The Irish Data Protection Commission (DPC) has fined Meta Platforms Ireland Limited (MPIL) €91 million ($100 million) for storing the passwords of hundreds of millions of users in plaintext, violating data protection regulations. […]

Pierluigi Paganini September 28, 2024
A cyberattack on Kuwait Health Ministry impacted hospitals in the country

The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple hospitals and disabled the Sahel healthcare app. Kuwait’s Health Ministry was the victim of a cyberattack that took systems at several of the country’s hospitals offline. The cyber attack also impacted the Ministry of Health website, which is still offline, and […]

Pierluigi Paganini September 27, 2024
Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on public Wi-Fi networks at the country’s biggest railway stations. Following the ‘cyber-security incident,’ passengers trying to log onto the Wi-Fi at several stations on Wednesday evening were […]

Pierluigi Paganini September 27, 2024
U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities

The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryptex and PM2BTC, and indicted a Russian national for allegedly facilitating cybercriminal activities and money laundering. The authorities believe that these exchanges facilitate the laundering of proceeds from cybercrime. “The Justice […]

Pierluigi Paganini September 26, 2024
Hacking Kia cars made after 2013 using just their license plate

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts (Neiko Rivera, Sam Curry, Justin Rhinehart, Ian Carroll) discovered multiple vulnerabilities in Kia vehicles that allowed remote control of key functions using their license plates. […]

Pierluigi Paganini September 26, 2024
Critical RCE vulnerability found in OpenPLC

Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution. Cisco’s Talos threat intelligence unit has disclosed details of five newly patched vulnerabilities in OpenPLC, an open-source programmable logic controller. These vulnerabilities can be exploited to trigger a denial-of-service (DoS) condition or execute remote code. OpenPLC […]