Architecture, Hacking and Information Security

Google fixed a critical vulnerability in Chrome browser

Security Affairs

OCTOBER 30, 2024

Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Google Chrome )

Engineering

Engineering Architecture Hacking Information Security

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

In this latest campaign, our investigation also uncovered prebuilt Hiatus binaries that target new architectures such as Arm, Intel 80386, and x86-64 and previously targeted architectures such as MIPS, MIPS64, and i386. reads the report published by Black Lotus Labs. The feds urge to report any signs of compromise to the FBI or IC3.

Architecture

Architecture Internet Internet Malware

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Banshee Stealer) The report includes Indicators of Compromise (IoCs) for this new variant.

Malware

Malware Advertising Antivirus Cybercrime

Building a Ransomware Resilient Architecture

eSecurity Planet

DECEMBER 2, 2022

While security teams layer essential preventative measures, resilience measures also need to be implemented in an architecture to reduce the impact of ransomware attacks on your backups. Threat actors cannot hack what they cannot see. Figure 1: Typical VLAN architecture. Figure 2: Resilient VLAN architecture.

Architecture

Architecture Ransomware Backups Firewall

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Security Affairs

FEBRUARY 15, 2025

“we have explored a suspicious (and quite common) architecture where authentication is enforced at a proxy later but then the request is passed through a second layer with different behavior.” ” reads the report published by Assetnote.

Firewall

Firewall Authentication Architecture Risk

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

The most interesting characteristic of the Triada Trojan is its modular architecture, which gives it theoretically a wide range of abilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware)

Malware

Malware Cryptocurrency Mobile Firmware

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Security Affairs

FEBRUARY 19, 2025

we have explored a suspicious (and quite common) architecture where authentication is enforced at a proxy later but then the request is passed through a second layer with different behavior. Fundamentally, these sorts of architectures lead to things like header smuggling and path confusion, which can result in many impactful bugs!

Firewall

Firewall Authentication Architecture Internet

Chinese AI platform DeepSeek faced a “large-scale” cyberattack

Security Affairs

JANUARY 28, 2025

DeepSeek’s AI model is highly appreciated due to its exceptional performance, low costs, versatility across various industries, and innovative architecture that enhances learning and decision-making. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,AI platform)

Artificial Intelligence

Artificial Intelligence DDOS Architecture Marketing

ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data

Security Affairs

AUGUST 17, 2022

Researchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. The ÆPIC Leak ( CVE-2022-21233 ) is the first architecturally CPU bug that could lead to the disclosure of sensitive data and impacts most 10th, 11th and 12th generation Intel CPUs.

Architecture

Architecture Firmware Software Information Security

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine)

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

The experts used a diagnostic software to analyze the vehicle architecture, scan the Electronic Control Unit (ECU), identify its version, and test diagnostic functions. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Mercedes)

Software

Software Architecture Media Engineering

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

Knowledge of cloud systems architecture and how it interacts with various devices is invaluable. Blockchain: Developed primarily for cryptocurrency applications and maligned for manipulating those markets, blockchain can be a valuable security tool, as its universe of connected nodes is almost impossible to corrupt or destroy.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq

Security Affairs

MAY 13, 2025

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,APT) Once inside, they could access all user communications, steal data, impersonate users, and compromise credentials, posing major operational risks. ” reads the report published by Microsoft. .

DNS

DNS Telecommunications Architecture Media

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

. “The adversaries appear to be well-resourced, patient, creative, and unusually knowledgeable about the internal architecture of the device firmware. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, China-linked threat actors)

Firmware

Firmware Government Firewall Malware

What Is a DMZ Network? Definition, Architecture & Benefits

eSecurity Planet

APRIL 7, 2023

These and many other network security solutions are ramped up specifically on the DMZ, making it so network administrators can often detect unusual behavior before unauthorized users try to move past the DMZ to access the LAN. Unfortunately, home networks tend to be easy to hack due to limited security investments on the part of the owner.

Architecture

Architecture Firewall Network Security Technology

Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks

Security Affairs

MARCH 19, 2025

” Rule files are configuration files that guide AI Agent behavior in code generation and modification, defining coding standards, project architecture, and best practices.

Architecture

Architecture Risk Hacking Software

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

The Last Watchdog

JULY 7, 2023

Budapest, Hungary, July 07, 2023 — Silent Signal, a leading technology provider of state-of-the-art ethical hacking services and solutions, discovered and reported a vulnerability to IBM, that has been confirmed and identified under CVE-2023-30990. Read more about how to secure your IBM i Servers to meet compliance requirements.

Architecture

Architecture Hacking Media Government

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35

Security Affairs

MARCH 2, 2025

DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host Prospero Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware The GitVenom campaign: cryptocurrency theft using GitHub Silent Killers: (..)

Malware

Malware Architecture IoT Ransomware

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

. • NASA lacked an Agency-wide risk management framework for information security and an information security architecture. The Security Operations Center lacks visibility and authority to manage information security incident detection and remediation for the entirety of NASA’s IT infrastructure.

Information Security

Information Security Cyber Attacks Mobile Architecture

Multiple Git flaws led to credentials compromise

Security Affairs

JANUARY 27, 2025

“As we saw, text-based protocols are often vulnerable to injection, and a small architecture flaw can lead to a big security issue.” “I hope that this research helped the Git community to improve its security, and I am looking forward to seeing further research on Git-related projects.”

Architecture

Architecture Hacking Information Security

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. ” The hacking group initially compromised one of the telecommunication companies by leveraging external DNS (eDNS) servers which are part of the General Packet Radio Service (GPRS) network.

Telecommunications

Telecommunications Mobile Hacking Architecture

Cisco IOS XR flaw allows attackers to crash BGP process on routers

Security Affairs

MARCH 15, 2025

It is based on a microkernel architecture, designed for high availability, scalability, and modularity. The company’s Product Security Incident Response Team (PSIRT) is not aware of attacks in the wild exploiting this vulnerability.

Software

Software Architecture Hacking Risk

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

The malicious code can target various architectures, it supports both flooder and backdoor capabilities. The primary target of NKAbuse is Linux desktops, however, it can target MISP and ARM architecture. NKN (New Kind of Network) is a decentralized peer-to-peer network protocol that relies on blockchain technology.

Malware

Malware Architecture Technology DDOS

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

DECEMBER 9, 2021

TPLINK #cybersecurity #rce #cve #hacking #routerhacking #kpmghungary I found an RCE vulnerability in a TP-Link TL-WR840N EU V5 router (CVE-2021-41653). Like the Mirai botnet, Dark Mirai determines the victim’s architecture to fetch and download the matching payload. SecurityAffairs – hacking, botnet). Pierluigi Paganini.

Firmware

Firmware Architecture Malware Hacking

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs

OCTOBER 6, 2024

Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Malware

Malware Architecture Cryptocurrency Cyber Attacks

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices. Pierluigi Paganini.

Architecture

Architecture DDOS Advertising DNS

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

If this level of access is acquired, an attacker could potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system.” SecurityAffairs – hacking, chips). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Architecture Advertising Manufacturing

DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’

Security Boulevard

NOVEMBER 20, 2023

Permalink The post DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Hacking

Hacking Architecture Education Information Security

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale it on multiple hacking forums. SecurityAffairs – hacking, Saudi Aramco). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Engineering

Engineering Data breaches Telecommunications Wireless

Cisco SD-WAN flaw could lead to arbitrary code execution, patch it now!

Security Affairs

OCTOBER 23, 2021

Cisco SD-WAN is a cloud-delivered overlay WAN architecture that enables digital and cloud transformation at enterprises, it allows to connect disparate office locations via the cloud. SecurityAffairs – hacking, Cisco SD-WAN). appeared first on Security Affairs. ” states CISA’s advisory. Pierluigi Paganini.

Architecture

Architecture Authentication Hacking Software

LastPass data breach: threat actors stole a portion of source code

Security Affairs

AUGUST 25, 2022

We utilize an industry standard Zero Knowledge architecture that ensures LastPass can never know or gain access to our customers’ Master Password. SecurityAffairs – hacking, data breach). The post LastPass data breach: threat actors stole a portion of source code appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Password Management Passwords Architecture

PHP addressed critical RCE flaw potentially impacting millions of servers

Security Affairs

JUNE 9, 2024

. “However, since PHP CGI is an outdated and problematic architecture, it’s still recommended to evaluate the possibility of migrating to a more secure architecture such as Mod-PHP, FastCGI, or PHP-FPM.”

Architecture

Architecture Hacking Risk Cybersecurity

Cybersecurity Certifications: The Key to Advancing Your Career in 2025

SecureWorld News

FEBRUARY 27, 2025

As global cybersecurity threats continue to rise, information security professionals must enroll in continuous education and training programs to acquire current knowledge and skills that help organizations thwart these costly risks. Which cybersecurity certification should I get first?

Cybersecurity

Cybersecurity Information Security Penetration Testing Backups

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

SEPTEMBER 18, 2024

“The investigation has yielded insights into the botnet’s network architecture, exploitation campaigns, malware components, and operational use, illuminating the evolving tactics and techniques employed by the threat actors. “This botnet has targeted entities in the U.S. ” concludes the report.

IoT

IoT Wireless DDOS Architecture

BlackMatter ransomware group claims to be Darkside and REvil succesor

Security Affairs

JULY 28, 2021

“The group boasted about having the ability to encrypt different operating system versions and architectures. SecurityAffairs – hacking, ransomware). The post BlackMatter ransomware group claims to be Darkside and REvil succesor appeared first on Security Affairs. ” reported The Record. Pierluigi Paganini.

Ransomware

Ransomware Encryption Architecture Healthcare

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. SecurityAffairs – hacking, HEH botnet). ” concludes the post. Pierluigi Paganini.

Architecture

Architecture IoT Malware Advertising

Lastpass discloses the second security breach this year

Security Affairs

NOVEMBER 30, 2022

Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.” ” reads the notice of security incident published by the company. The company pointed out that customers’ passwords were not compromised due to LastPass’s Zero Knowledge architecture. . Pierluigi Paganini.

Architecture

Architecture Passwords Data breaches Password Management

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

The new versions of FinSpy spyware were used by a new unknown hacking group, Amnesty International speculates the involvement of a nation-state actor that employed them since September 2019. It extracts the binary for the relevant architecture in /tmp/udev2 and executes it. SecurityAffairs – hacking, FinSpy). Pierluigi Paganini.

Spyware

Spyware Surveillance Advertising Mobile

New modular ModPipe POS Malware targets restaurants and hospitality sectors

Security Affairs

NOVEMBER 12, 2020

The modular architecture of ModPipe consists of the basic components and downloadable modules: initial dropper that contains binaries (both 32-bit and 64-bit) of the next stage persistent loader and installs the appropriate version to the compromised machine. SecurityAffairs – hacking, PoS malware). ” continues the analysis.

Malware

Malware Architecture Passwords Software

New variant of Necro Trojan infected more than 11 million devices

Security Affairs

SEPTEMBER 25, 2024

The analysis of Happy SDK likely revealed a different variant of Necro that doesn’t have a modular architecture. Between August 26th and September 15th, security solutions blocked over 10,000 Necro attacks globally, with most of the infections in Russia, Brazil, and Vietnam. ” concludes the report.

Architecture

Architecture Malware Mobile Advertising

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Not all of the elements within Lockdown Mode are completely new – some have been available and enabled by users (including me) for years – but, Lockdown mode does dramatically simplify the process of enabling better security on Apple devices. Also concerning is the fact that in Apple’s Lockdown announcement, Ivan Krsti?,

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

NSA and ODNI analyze potential risks to 5G networks

Security Affairs

MAY 12, 2021

Experts also warn of weaknesses in the 5G architecture that could be exploited by threat actors as attack vectors. 5G system architectures use a growing number of ICT designed to meet increasing data, capacity, and communications requirements. 5G Systems Architecture Sub-Threat Vectors. .”As ” reads the report.

Risk

Risk Architecture Technology Software

XCSSET malware now targets macOS 11 and M1-based Macs

Security Affairs

APRIL 19, 2021

For example, a sample with the MD5 hash sum 914e49921c19fffd7443deee6ee161a4 contains two architectures: x86_64 and ARM64.” The first one corresponds to previous-generation, Intel-based Mac computers, but the second one is compiled for ARM64 architecture, which means that it can run on computers with the new Apple M1 chip.”.

Malware

Malware Cryptocurrency Architecture Engineering

Google fixed a critical vulnerability in Chrome browser

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Trending Sources

Banshee macOS stealer supports new evasion mechanisms

Building a Ransomware Resilient Architecture

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

New Triada Trojan comes preinstalled on Android devices

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Chinese AI platform DeepSeek faced a “large-scale” cyberattack

ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Experts found multiple flaws in Mercedes-Benz infotainment system

Top 9 Trends In Cybersecurity Careers for 2025

APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

What Is a DMZ Network? Definition, Architecture & Benefits

Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 35

NASA identified 1,785 cyber incidents in 2020

Multiple Git flaws led to credentials compromise

China-linked LightBasin group accessed calling records from telcos worldwide

Cisco IOS XR flaw allows attackers to crash BGP process on routers

New NKAbuse malware abuses NKN decentralized P2P network protocol

Second-ever UEFI rootkit used in North Korea-themed attacks

Dark Mirai botnet spreads targeting RCE on TP-Link routers

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

AMD is going to patch UEFI SMM callout privilege escalation flaw

DEF CON 31 – Panel: ‘Hack the Future – Why Congress & White House Support AI Red Teaming’

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Cisco SD-WAN flaw could lead to arbitrary code execution, patch it now!

LastPass data breach: threat actors stole a portion of source code

PHP addressed critical RCE flaw potentially impacting millions of servers

Cybersecurity Certifications: The Key to Advancing Your Career in 2025

Experts warn of China-linked APT’s Raptor Train IoT Botnet

BlackMatter ransomware group claims to be Darkside and REvil succesor

New HEH botnet wipes devices potentially bricking them

Lastpass discloses the second security breach this year

Unknown FinSpy Mac and Linux versions found in Egypt

New modular ModPipe POS Malware targets restaurants and hospitality sectors

New variant of Necro Trojan infected more than 11 million devices

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

NSA and ODNI analyze potential risks to 5G networks

XCSSET malware now targets macOS 11 and M1-based Macs

Stay Connected