Security Affairs bulletin Round 474 by Pierluigi Paganini – GLOBAL EDITION
Ticketmaster verifies data breach affecting 560 million clients
|
Critical vulnerability in Apache Log4j2 still poses a risk to worldwide finance
|
Thieves pilfered over $300M in Bitcoin from DMM Bitcoin exchange
|
ShinyHunters trades data of 30 million Santander clients
|
Chalubo malware wiped out more than 600,000 SOHO routers within 72 hours
|
LilacSquid APT victimized entities in the United States, Europe, and Asia since at least 2021
|
BBC revealed a data incident affecting Pension Scheme members
|
|
Researchers discovered a macOS edition of the advanced LightSpy spyware
|
Operation Endgame, the most extensive law enforcement initiative ever against botnets
|
Legal operation disintegrated the 911 S5 botnet
|
|
Check Point issued patch for actively exploited VPN zero-day vulnerability
|
ABN Amro unveils data breach subsequent to an intrusion on a third-party provider
|
Christie exposed a data compromise after a RansomHub assault
|
Experts published PoC exploit code for Remote Code Execution in Fortinet SIEM
|
WordPress Plugin misused to insert e-skimmers in e-commerce platforms
|
Vulnerability in TP-Link Archer C5400X gaming router causing a critical issue
|
Sav-Rx data breach affected more than 2.8 million individuals
|
Implications of Remote Work and Cloud Migrations on Security Boundaries
|
Emergence of a new ATM Malware family in the threat landscape
|
|
CERT-UA alerts about malware campaigns orchestrated by threat actor UAC-0006
|
Security Affairs bulletin Round 473 by Pierluigi Paganini – GLOBAL EDITION
|
RustDoor implant deployed via malware-infected JAVS Viewer in supply chain assault
|
Fraudulent AV websites utilized to spread info-stealer malware
|
MITRE December 2023 breach: Threat actors established rogue VMs to avoid detection
|
An XSS vulnerability in GitLab enabling attackers to seize control of accounts
|
Google rectifies eighth actively exploited Chrome zero-day this year, the third within a month
|
CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities listing
|
Employing TLS in DDNS Services leads to Information Disclosure in Multiple Vendors
|
Concerns about privacy and security raised by the Recall feature in Microsoft Copilot+ PCs
|
APT41: KeyPlug threat targeting Italian industries
|
Critical SQL Injection flaws affecting Ivanti Endpoint Manager (EPM)
|
Chinese actor ‘Unfading Sea Haze’ managed to remain undetected for five years
|
Presence of a consumer-grade spyware app discovered in check-in systems of three US hotels
|
Critical flaw in Veeam Backup Enterprise Manager allowing authentication bypass
|
Elections in India under attack as cybercriminals conduct influence campaigns
|
Critical bug in GitHub Enterprise Server allows Authentication Bypass. Take action immediately!
|
Data breach disclosed by OmniVision following Cactus ransomware attack in 2023
|
|
Blackbasta group asserts successful hack of Atlas, a major US oil distributor
|
|
|
GitCaught campaign leverages Github and Filezilla for disseminating multiple malware
|
Discovery of flaw by two students enables unauthorized use of laundry machines
|
Grandoreiro Banking Trojan resurfaces to target global banks
|
Data breach at healthcare firm WebTPA affects 2.5 million individuals
|
Latest Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION
|
Kimsuky, linked to North Korea, deploys a new Linux backdoor in recent attacks
|
IT workers associated with North Korea infiltrate hundreds of US firms
|
Turla APT uses two new backdoors to breach a European ministry of foreign affairs
|
City of Wichita reveals data breach after recent ransomware incident
|
Inclusion of D-Link DIR router flaws in the Known Exploited Vulnerabilities catalog by CISA
|
|
Kimsuky APT, linked to North Korea, employs Messenger to target victims
|
Ransomware attack affects MediSecure, an electronic prescription provider
|
Seventh actively exploited Chrome zero-day resolved by Google this year, third one within a week
|
Third-party provider data breach impacts customers and employees of Santander
|
Notorious BreachForums hacking forum shutdown by FBI
|
Developer associated with Tornado Cash sentenced to 64 months in prison
|
Multiple critical flaws in Acrobat and Reader fixed by Adobe
|
Ransomware attack on Singing River Health System impacts 895,000 individuals
|
|
VMware resolves zero-day vulnerabilities demonstrated at Pwn2Own Vancouver 2024
|
MITRE introduces EMB3D Threat Model for embedded devices
|
Sixth actively exploited Chrome zero-day fixed by Google this year
|
Phorpiex botnet deploys millions of phishing emails to distribute LockBit Black ransomware
|
Possible exploitation of zero-day vulnerability in older iPhones, Apple issues warning
|
Data breach incident reported by City of Helsinki
|
Local British news sites defaced by Russian hackers
|
Firstmac Limited in Australia discloses data breach post cyber attack
|
Pro-Russia hackers target government websites in Kosovo
|
|
|
The Ohio Lottery data breach had an impact on over 538,000 individuals
|
The notorious threat actor IntelBroker boasts about successfully hacking into Europol
|
Ascension, the US healthcare giant, fell victim to a cyberattack
|
Google addressed the fifth zero-day exploit in Chrome that was actively being used this year
|
Government institutions in Poland were targeted by the Russia-linked APT28 group
|
Citrix has advised customers to manually update the PuTTY version used on their XenCenter system
|
Millions of customers were affected by a disclosed data breach at Dell
|
Exploiting bugs in Ivanti Connect Secure, the Mirai botnet continues to spread
|
Zscaler is currently investigating claims of a data breach
|
|
The LockBit gang took responsibility for the ransomware attack on the City of Wichita
|
A new technique known as TunnelVision has been discovered to bypass VPN encapsulation
|
The LiteSpeed Cache WordPress plugin has been actively exploited in the wild
|
Most instances of Tinyproxy are potentially vulnerable to CVE-2023-49606
|
|
Authorities identified the admin of the LockBit ransomware and sanctioned them
|
The recent cyber attack has been attributed by MITRE to the China-linked UNC5221 group
|
Alexander Vinnik, the operator of the BTC-e exchange, admitted to charges of money laundering
|
The City of Wichita was targeted in a ransomware attack
|
A massive leak of biometric data occurred in El Salvador
|
Authorities in Finland have issued a warning about an Android malware campaign aimed at bank users
|
NATO and the EU have both condemned the cyber espionage activities of the Russia-linked APT28 group
|
Check out Security Affairs Newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
|
The Blackbasta gang has taken ownership of the attack on Synlab Italia
|
Data stolen from Simone Veil Hospital in Cannes was then published by the LockBit group
|
The Moobot botnet, associated with APT28 and criminals, is still operational
|
Billions of Android installs are at risk due to the Dirty Stream attack
|
The ZLoader Malware now includes an anti-analysis feature inspired by Zeus
|
A member of the Ukrainian REvil gang has been sentenced to 13 years in prison
|
HPE Aruba Networking has addressed four critical remote code execution flaws in ArubaOS
|
Threat actors successfully breached the Dropbox Sign production environment
|
CISA has added a flaw in GitLab to its catalog of Known Exploited Vulnerabilities
|
The Panda Restaurant Group has reported a data breach
|
|
Enterprise-grade SOHO routers are being targeted by the Cuttlefish malware
|
A vulnerability in the R programming language could lead to arbitrary code execution
|
Mysterious DNS Operation called Muddling Meerkat involving China’s Great Firewall has been observed
|
A well-known Finnish hacker has received a prison sentence of more than six years
|
NCSC: Recent UK legislation prohibits default passwords on smart gadgets
|
Four US wireless carriers fined $200 million by the FCC for illegally sharing user location details
|
Google blocked 2.28 million apps on Google Play in 2023 for violating policies
|
Data breach at Financial Business and Consumer Solutions (FBCS) affects 2 million individuals
|
Cyber-Partisans activists claim infiltration of Belarus KGB
|
The Los Angeles County Department of Health Services reveals a data breach
|
Various vulnerabilities in Brocade SANnav SAN Management SW enable device compromise
|
ICICI Bank leaked credit card details of 17000 clients
|
Okta raises alarm about unprecedented surge in credential stuffing attacks on web platforms
|
|
Targeted campaign against Ukraine exploits a 7-year-old MS Office vulnerability
|
Hackers may have breached thousands of accounts on the California state welfare platform
|
Brokewell Android malware enhances multiple capabilities for seizing control of devices
|
Security experts warn of an active malware operation targeting the WP-Automatic plugin
|
The intersection of cryptocurrencies and cybercrime: A significant concern
|
Potential impact on 13.4 million patients from Kaiser Permanente data breach
|
Over 1,400 publicly accessible CrushFTP servers vulnerable to CVE-2024-4040 bug
|
Ransomware attack on a logistics company severely disrupts Sweden’s liquor supply chain
|
CISA includes vulnerabilities in Cisco ASA and FTD, and CrushFTP VFS in its list of known exploits
|
Inclusion of the Microsoft Windows Print Spooler flaw in CISA’s list of known vulnerabilities
|
DOJ arrests developers of crypto mixer Samourai for facilitating $2 billion in illegal transactions
|
Google resolves critical Chrome vulnerability CVE-2024-4058
|
|
Malware campaign manipulates the eScan Antivirus update mechanism through a Man-in-the-Middle attack
|
US offers $10 million for intel on four Iranian individuals
|
Cyber attack disrupts control of street lights in Leicester City
|
APT groups associated with North Korea target South Korean defense companies
|
US imposes Visa restrictions on 13 individuals connected to commercial spyware activities
|
Operations at Synlab Italia come to a standstill due to a cyber attack
|
APT28 linked to Russia exploits Windows flaw CVE-2022-38028 using GooseEgg post-compromise tool
|
|
Vulnerability in the Forminator plugin impacts a large number of WordPress sites
|
Akira ransomware operators collect $42M in ransom payments from 250+ victims
|
DuneQuixote campaign aims at the Middle East with a sophisticated backdoor
|
Latest from Pierluigi Paganini – INTERNATIONAL EDITION Newsletter Round 468
|
Vital CrushFTP zero-day utilized in live attacks
|
Cyberattack forces rescheduling of procedures at a French hospital
|
Nation-state actors breach MITRE systems using Ivanti zero-days revealed by MITRE
|
China preparing to target critical US infrastructure, warns FBI chief
|
UNDP probing data breach incident
|
Phishing attacks target major U.S. automaker by FIN7
|
Authorities dismantle LabHost phishing platform
|
Kapeka backdoor newly linked to Russian Sandworm APT
|
Cisco alerts about an escalation flaw in IMC, with PoC publicly available
|
Cerber ransomware’s Linux variant aims at Atlassian servers
|
Ivanti rectifies two critical flaws in Avalanche MDM
|
Researchers release exploit code for Palo Alto PAN-OS bug under active exploitation
|
Cisco cautions about widespread brute-force attacks on VPN and SSH services
|
PuTTY SSH Client flaw exposes private keys
|
Renewed espionage campaign deploys LightSpy iOS spyware in South Asia
|
Increasing misinformation and hacktivist campaigns target the Philippines
|
Russia’s attempt to disrupt European railways, as per Czech minister
|
Dark Angels ransomware group claims 1TB data theft from Nexperia chipmaker
|
Telephony supplier data breach exposes MFA SMS logs, warns Cisco Duo
|
Ukrainian Blackjack group employs ICS malware Fuxnet against Russian targets
|
CISA lists Palo Alto Networks PAN-OS Command Injection flaw among Known Exploited Vulnerabilities
|
Threat actors leverage Palo Alto Pan-OS issue to install a Python Backdoor
|
Firebird RAT author and operator arrested by U.S. and Australian authorities
|
Millions of customers possibly affected by a data breach at Canadian retail chain Giant Tiger
|
Newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
|
Criminals exploit GitHub search results to spread malware
|
Windows vulnerability – BatBadBut flaw enables command injection by attackers
|
Roku reports new security breach affecting 576,000 accounts
|
LastPass employee subject to deepfake audio call targeting
|
TA547 employs Rhadamanthys malware to target German organizations
|
|
Sisense data breach alert issued by U.S. CISA
|
Palo Alto Networks resolves multiple DoS vulnerabilities in its firewalls
|
Apple warns about mercenary spyware attacks targeting iPhone users in 92 countries
|
Microsoft addresses two zero-day bugs exploited in malware campaigns
|
Data breach at Group Health Cooperative affects 530,000 people
|
AT&T discloses data breach affecting 51 million past and present customers
|
Critical remote code flaw resolved by Fortinet
Anomaly in FortiClientLinux
|
Microsoft’s April 2024 security patches addressed numerous vulnerabilities
|
Cybersecurity Challenges in the Evolving Threat Environment
|
Over 91,000 LG smart TVs with webOS at risk of unauthorized access
|
ScrubCrypt distributing VenomRAT and other harmful add-ons
|
Google introduces V8 Sandbox for enhanced security in Chrome
|
China leveraging generative AI for influencing operations
|
Breached data from Greylock McKinnon Associates exposes DOJ records of 341650 individuals
|
Crowdfense launches a 30 million USD program to acquire exploits
|
IT help desks in the U.S. Department of Health targeted by potential cyber threats
|
Exclusive: Security Affairs Newsletter Round 466 by Pierluigi Paganini – GLOBAL EDITION
|
Vulnerability in over 92,000 Internet-accessible D-Link NAS devices raises concerns
|
Thousands of Ivanti VPN gateways still susceptible to RCE CVE-2024-21894
|
Cisco alerts about XSS flaw in aging small business routers
|
Magento vulnerability exploited to embed persistent hidden backdoor in XML
|
Services disrupted at Omni Hotels & Resorts due to cyberattack
|
Exploiting the HTTP/2 CONTINUATION Flood technique for DoS attacks
|
Data breach at U.S. cancer center City of Hope impacts 827149 individuals
|
Ivanti addresses four new vulnerabilities in Connect Secure and Policy Secure systems
|
Ransomware incident disclosed by Jackson County, Missouri
|
Google resolves another Chrome zero-day exploit observed at Pwn2Own event in March
|
New variant of JsOutProx targeting financial institutions in APAC and MENA regions via Gitlab Abuse
|
Actively exploited vulnerabilities in Pixel devices resolved by Google
|
Mysterious disappearance of highly sensitive files from EUROPOL headquarters
|
WordPress WP-Members Plugin vulnerability opens door to script injection through XSS
|
Binarly introduces free online scanner to detect the CVE-2024-3094 Backdoor
|
Google agrees to delete billions of browsing records to settle class action lawsuit
|
Reported data breach affecting over 1.3 million customers linked to PandaBuy
|
Data breach disclosure by OWASP
|
|
Pentagon establishes Office of the Assistant Secretary of Defense for Cyber Policy
|
Info stealer malware posing threat to macOS users
|
Exclusive: Security Affairs Newsletter Round 465 by Pierluigi Paganini – GLOBAL EDITION
|
Global targeting of users by DinodasRAT Linux variant
|
AT&T confirms data exposure affecting 73 million customers
|
Backdoor discovered in XZ tools used in various Linux distributions
|
German BSI warns about 17,000 unpatched Microsoft Exchange servers at risk
|
Cisco alerts on password-spraying attacks targeting Secure Firewall devices
|
Hot Topic, a U.S. fast-fashion firm, impacted by credential stuffing attacks
|
High-severity flaws in IOS and IOS XE software have been addressed by Cisco
|
In 2023, Google reports that China dominates zero-day vulnerabilities exploitation by governments
|
At Pwn2Own 2024, Google resolves 2 Chrome zero-days that were demonstrated
|
|
Real-Time Data Defense is one of The DDR Advantage solutions
|
APT31 has been linked by Finnish police to the 2021 parliament attack
|
TheMoon bot managed to infect 40,000 devices during January and February
|
Efforts against China-linked cyber operations are jointly taken by the UK and New Zealand
|
Members of China-linked APT31 face sanctions announced by US Treasury Department
|
|
APT TA450 with links embedded in PDF attachments has been identified as Iran-Linked
|
The EU and US experienced targeting by StrelaStealer affecting over 100 organizations
|
A side-channel attack named GoFetch could extract secret keys from Apple systems
|
International Edition of Security Affairs newsletter Round 464 by Pierluigi Paganini
|
Cybercriminals have accelerated online scams activity during Ramadan and Eid Fitr
|
APT29 associated with Russia targeted German political parties using WINELOADER backdoor
|
At Pwn2Own Vancouver 2024, exploits on Firefox zero-days have been addressed by Mozilla
|
|
Nemesis Market, the darknet marketplace has been seized by German police
|
|
Participants at Pwn2Own Vancouver 2024 collectively earned $1,132,500 for revealing 29 unique 0-days
|
A critical flaw in Fortinet’s FortiClient EMS is actively being exploited in the wild
|
On Day 1 of Pwn2Own Vancouver 2024, team Synacktiv successfully hacked a Tesla
|
A new Loop DoS attack aims at potentially vulnerable hosts, estimated around 300,000
|
Immediate fix is necessary for the critical flaw found in Atlassian Bamboo Data Center and Server
|
Threat actors are making use of JetBrains TeamCity vulnerabilities to distribute malware
|
BunnyLoader 3.0 emerges as a new threat in the current threat landscape
|
Password resets for certain users by Pokemon Company due to security concerns
|
Crooks selling compromised accounts totaling 100 million got arrested by Ukraine cyber police
|
|
|
Earth Krahang APT managed to breach numerous government organizations across the globe
|
|
Fujitsu faced a malware attack which potentially resulted in a data breach
|
|
The Aviation and Aerospace sectors are witnessing a surge in cyber threats
|
International Monetary Fund fell victim to compromised email accounts
|
|
The RisePro info-stealer is targeting Github users in a new malware campaign
|
|
Approximately 43 million individuals were impacted by the data breach at France Travail
|
A ransomware attack has hit the Scranton School District in Pennsylvania
|
The Lazarus APT group has returned to Tornado Cash to launder stolen funds
|
A Moldovan citizen has been sentenced in connection with the E-Root cybercrime marketplace case
|
An electronic warfare attack targeted the UK Defence Secretary’s jet in Poland
|
Cisco has patched high-severity elevation of privilege and DoS vulnerabilities
|
The recent DarkGate campaign exploited a zero-day vulnerability in Microsoft Windows
|
Roughly 100,000 individuals were affected by the Nissan Oceania data breach
|
Multiple flaws have been discovered in ChatGPT plugins by researchers
|
Critical bugs in FortiOS, FortiProxy, and FortiClientEMS have been fixed by Fortinet
|
After a hack on a third-party vendor, Acer Philippines disclosed a data breach
|
Stanford University revealed that 27,000 individuals were impacted by a ransomware attack in 2023
|
The security updates for March 2024 in Microsoft’s Patch Tuesday addressed 59 flaws
|
|
A South Korean national has been arrested for espionage in Russia for the first time
|
Learn how to detect and protect yourself from insurance scams utilizing QR codes
|
French government agencies have been targeted by massive cyberattacks
|
The BianLian group exploited bugs in JetBrains TeamCity for ransomware attacks
|
Experts have released a Proof of Concept exploit for a critical bug in Progress Software OpenEdge
|
The Magnet Goblin group deployed a new Linux variant of the NerbianRAT malware
|
|
|
|
Threat actors have breached two crucial systems of the US CISA
|
The JetBrains TeamCity bug has been added to CISA’s list of Known Exploited Vulnerabilities
|
|
|
Russia-associated Midnight Blizzard has breached Microsoft systems once again
|
Critical flaws in Cisco Secure Client have been resolved
|
|
The 2023 FBI Internet Crime Report shows cybercrime losses totalling $12.5 billion
|
|
|
|
|
Be Cautious: GhostSec and Stourmous Groups Collaborate for Ransomware Attacks
|
|
Emergency Security Patches from Apple Address Two Fresh iOS Zero-Day Vulnerabilities
|
Urgent Updates from VMware Fix Critical ESXi Sandbox Escape Vulnerabilities
|
Individuals and Entities Linked to Predator Spyware Attacks Sanctioned by US Government
|
|
Experts Uncover Two Severe Flaws in On-Premises JetBrains TeamCity Software
|
GUR of Ukraine Successfully Hacks the Russian Ministry of Defense
|
Data of Some American Express Customers Exposed in Third-Party Data Breach
|
EU Consumer Groups File Privacy Complaints Against META
|
New Backdoor GTPDOOR Targets Telecom Carrier Networks
|
Chunghwa Telecom, a Taiwan-Based Company, Hacked by Threat Actors
|
Deceptive Domain Tactics Used by New Variant of BIFROSE RAT Targeting Linux
|
Eken Camera Doorbells Vulnerable to Unauthorized Surveillance
|
Latest Security Affairs Newsletter Round 461 by Pierluigi Paganini – International Edition
|
U.S. Judge Orders NSO Group to Submit Pegasus Spyware Code to WhatsApp
|
Charges Filed by US Authorities Against Iranian National for Prolonged Hacking Activities
|
Warning by US Cyber and Law Enforcement Agencies Regarding Phobos Ransomware Attacks
|
German Police Seize Crimemarket, the Largest German-Speaking Cybercrime Market
|
Five Eyes Alliance Alerts on Exploits Targeting Known Ivanti Gateway Vulnerabilities
|
European Retail Company Pepco Loses €15 Million in Phishing Attack
|
Addition of Microsoft Streaming Service Bug to CISA’s List of Known Exploited Vulnerabilities
|
Discovery of Zero-Click Facebook Account Takeover by Researchers
|
Emergence of SPIKEDWINE APT Group Targeting European Officials
|
Resumption of Operations by LockBit Gang?
|
Lazarus APT Leverages Zero-Day in Windows Driver for Kernel Privileges
|
Pharmaceutical Giant Cencora Discloses Data Breach
|
Revealing the Email Security Landscape of 2024
|
FBI, CISA, HHS Caution on ALPHV/Blackcat Ransomware Targeting Healthcare Sector
|
APT28 Linked to Russia Compromises Ubiquiti EdgeRouters for Cyber Operations
|
Exploitation of Recent ConnectWise ScreenConnect Bugs by Black Basta and Bl00dy Ransomware Gangs
|
Millions of WordPress Sites at Risk due to XSS Vulnerability in LiteSpeed Cache Plugin
|
Update: Security Affairs Newsletter Round 460 by Pierluigi Paganini – International Edition
|
Up to $15M Reward Offered by US Gov for Information on LockBit Gang Members and Affiliates
|
Novel System Weakening Methods Utilized by New Redis Miner Migo
|
Critical Vulnerability Detected in Deprecated VMware EAP. Immediate Uninstallation Recommended
|
Impacts of Microsoft Exchange vulnerability CVE-2024-21410 on nearly 97,000 servers
|
Critical vulnerabilities in ScreenConnect remote access tool resolved by ConnectWise
|
Detailed insights into Operation Cronos disrupting Lockbit activities
|
Cactus ransomware group alleges theft of 1.5TB data from Schneider Electric
|
Enforcement actions disrupt LockBit activities in Operation Cronos
|
Awaiting trial in the US – Ukrainian Raccoon Infostealer operator
|
APT TAG-70 linked to Russia targets European government mail servers using Roundcube XSS
|
Increasing instances of cryptocurrency counterfeiting – How BRICS Got “Rug Pulled”
|
Critical Remote Code Execution flaws in SolarWinds Access Rights Manager (ARM) addressed
|
High-severity local privilege escalation bug in Windows products resolved by ESET
|
Latest International Edition of Security Affairs newsletter Round 459 by Pierluigi Paganini
|
|
Ransomware attacks exploiting Cisco ASA/FTD bug CVE-2020-3259 highlighted by CISA
|
|
Reward offered by US government, worth up to $10M, for information on ALPHV/Blackcat gang leaders
|
Breaching of a state government organization by hackers as reported by U.S. CISA
|
Polish NGOs under surveillance by Russia-linked Turla APT using the new TinyTurla-NG backdoor
|
Dismantling of the Moobot botnet controlled by Russia-linked APT28 carried out by US Government
|
Halting of operations at Varta production plants due to cyberattack
|
Breaching of emails belonging to a member of the Presidential Office by North Korea-linked actors
|
Inclusion of Microsoft Windows bugs in Known Exploited Vulnerabilities catalog by CISA
|
Usage of AI services and LLMs by nation-state actors for cyberattacks
|
Installation of malicious packages by exploiting the Ubuntu ‘command-not-found’ utility
|
Resolution of critical flaw CVE-2024-24691 in Windows software by Zoom
|
|
Microsoft Patch Tuesday for February 2024 addressing 2 actively exploited 0-day vulnerabilities
|
Ransomware attack causing downtime for 100 Romanian hospitals
|
|
Release of Ransomfeed – Third Quarter Report 2023
|
Increasing global malicious activities targeting elections
|
Free decryption tool released by researchers for the Rhysida Ransomware
|
Guidance on choosing between Residential Proxies and Datacenter Proxies
|
Inclusion of Roundcube Webmail Persistent XSS bug in Known Exploited Vulnerabilities catalog by CISA
|
Proposed ban by Canada Gov on Flipper Zero to combat car thefts
|
Potential risks of sensitive data theft by hackers using Public Wi-Fi
|
Arrest of two individuals involved in the dismantling of the Warzone RAT operation by US Feds
|
New instances of 1-day LPE identified with Raspberry Robin malware
| vulnerabilities
|
Check out Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION
|
CISA includes Fortinet FortiOS bug in its List of Exploited Weaknesses catalog
|
macOS Backdoor RustDoor potentially tied to Alphv/BlackCat ransomware activities
|
Using a vulnerable Minifilter Driver to construct a process terminator
|
Black Basta ransomware group breached Hyundai Motor Europe
|
Fortinet alerts about a newly exploited RCE flaw in FortiOS SSL VPN
|
|
26 Cyber Security Facts Every User Should Know in 2024
|
US government announces a $10 million reward for intelligence on Hive ransomware group leaders
|
Uncovering the reality behind the DDoS assault involving electric toothbrushes
|
APT Volt Typhoon potentially linked to China operated undetected for years within US infrastructure
|
Cisco resolves serious Expressway Series CSRF weaknesses
|
CISA includes Google Chromium V8 Type Confusion weakness in its List of Exploited Weaknesses catalog
|
Fortinet resolved two critical FortiSIEM weaknesses
|
Specialists forewarn about a crucial bug in JetBrains TeamCity On-Premises
|
Critical shim weakness affects each Linux boot loader endorsed in the last decade
|
China-linked APT distributed malware in a Dutch Ministry of Defence network
|
Commercial spyware vendors stand behind majority of zero-day vulnerabilities detected by Google TAG
|
Google addressed an Android critical remote code execution weakness
|
A person faces up to 25 years in jail for involvement in operating unlicensed crypto exchange BTC-e
|
U.S. Government enforces visa restrictions on individuals misusing Commercial Spyware
|
HPE is probing allegations of a new security breach
|
Specialists raise concerns about a wave of attacks aimed at Ivanti SSRF vulnerability
|
Techniques to breach the Airbus NAVBLUE Flysmart+ Manager system
|
Criminals pilfered $25.5 million from a multinational corporation using a ‘deepfake’ video call
|
Software company AnyDesk disclosed a security breach
|
The ‘Mother of all Breaches’: Maneuvering the Aftermath and Strengthening Your Data with DSPM
|
US government sanctions six Iranian intelligence officials
|
A cyberattack affected operations at Lurie Children’s Hospital
|
AnyDesk Incident: Client Credentials Leaked and Offered for Sale on the Dark Web
|
Check out Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION
|
Clorox estimates that the damages from the cyberattack in August will surpass $49 Million
|
Mastodon resolved a vulnerability that could allow the commandeering of any account
|
Iranian hackers infiltrated Albania’s Institute of Statistics (INSTAT)
|
Operation Synergia resulted in the apprehension of 31 individuals
|
Former CIA staff Joshua Adam Schulte sentenced to 40 years in prison
|
Cloudflare breached on Thanksgiving Day, however, the assault was promptly controlled
|
At least 2,000 computers in Ukraine infected by PurpleFox malware
|
Man sent to prison for six years for stealing millions in cryptocurrency using SIM swapping
|
Federal agencies instructed by CISA to disconnect Ivanti VPN instances by February 2
|
Attacks exploiting Ivanti VPN flaws involve multiple malware
|
Operator of the now-defunct piracy site movie2k’s 50,000 Bitcoin seized by police
|
$112 million worth of XRP stolen by crooks from Ripple’s co-founder
|
Apple improper authentication bug added by CISA to its Known Exploited Vulnerabilities catalog
|
Warning from Ivanti about a newly exploited zero-day vulnerability
|
Ivanti VPN bugs exploited by threat actors to deploy KrustyLoader Malware
|
Data leak reported at fintech giant Direct Trading Technologies
|
Root access vulnerability in GNU Library C (glibc) affecting several Linux distros
|
EU privacy laws violated by ChatGPT, says Italian data protection authority
|
Data of 750 million Indian mobile subscribers on sale on the dark web
|
High-severity flaws fixed by Juniper Networks through out-of-band updates
|
Credentials of hundreds of network operators found circulating in the Dark Web
|
Schneider Electric hack claimed by Cactus ransomware gang
|
Sensitive data, including source code, accidentally exposed by Mercedes-Benz
|
Experts unveil Microsoft Outlook flaw exposing NTLM v2 hashed passwords
|
NSA purchases internet browsing records from data brokers without warrant
|
Member of ‘Cyber Army of Russia’ arrested by Ukraine’s SBU
|
Jenkins flaw CVE-2024-23897 sees release of multiple PoC exploits
|
Medusa ransomware attack targets Kansas City Area Transportation Authority
|
International Edition of Security Affairs newsletter Round 456 by Pierluigi Paganini
|
2 petabytes of data wiped by Pro-Ukraine hackers from Russian research center
|
Participants at Pwn2Own Automotive competition earned over $1.3M
|
Developer of TrickBot malware sentenced to 64 months in prison
|
Midnight Blizzard APT, warned by Microsoft, targets organizations globally
|
Alert issued by experts regarding a critical flaw in Jenkins
|
Tesla hacked again at Pwn2Own Automotive 2024 Day 2
|
The 2023 RedSense report: Yearly Intel Trend Review
|
|
Hewlett Packard Enterprise (HPE) hacked by Russia-linked APT group Midnight Blizzard
|
Atlassian Confluence Data Center bug added to CISA’s Known Exploited Vulnerabilities catalog
|
Zero-click account takeover attacks potentially affecting 5379 vulnerable GitLab servers
|
Fortra GoAnywhere MFT flaw CVE-2024-0204 sees release of PoC exploit by experts
|
High-severity flaw impacting Windows versions fixed by Splunk
|
Be cautious, a critical flaw discovered in Fortra GoAnywhere MFT
|
Australian government announces sanctions…
for Medibank intruder
|
LoanDepot breach affects around 16.6 people
|
Black Basta gang admits hacking the UK water utility Southern Water
|
CISA incorporates VMware vCenter Server flaw into its List of Exploited Vulnerabilities catalog
|
|
Apple resolved zero-day vulnerability CVE-2024-23222 actively being exploited
|
“My Slice”, a dynamic Italian phishing operation
|
Threat actors leverage Apache ActiveMQ vulnerability to distribute the Godzilla Web Shell
|
Cybercriminals publish massive amounts of stolen PII data from Thailand on Dark Web
|
Backdoored illegally copied applications target Apple macOS users
|
LockBit ransomware group declares responsibility for the strike on the sandwich chain Subway
|
Security Affairs newsletter Round 455 by Pierluigi Paganini – GLOBAL EDITION
|
Administrator of the BreachForums hacker forum given 20 years supervised release
|
VF Corp December data leak impacts 35 million clients
|
China-linked APT UNC3886 exploits VMware zero-day dating back to 2021
|
Ransomware attacks shatter records in 2023: with victims increasing by 128%
|
U.S. CISA alerts about actively exploited Ivanti EPMM flaw CVE-2023-35082
|
The Quantum Computing Cryptopocalypse – Recognize It Upon Sight
|
Kansas State University experiences a major cybersecurity event
|
CISA includes Chrome and Citrix NetScaler in its List of Exploited Vulnerabilities catalog
|
Google TAG cautions about Russian COLDRIVER APT employing a customized backdoor
|
|
iShutdown lightweight method aids in identifying spyware infections on iPhones
|
Pro-Russia faction targets Swiss govt platforms post Zelensky visit in Davos
|
Github updates credentials after identifying a security vulnerability
|
FBI, CISA issue alert regarding AndroxGh0st botnet for identifying and exploiting victims
|
Citrix advises administrators to promptly update NetScaler due to actively exploited zero-days
|
Google resolves first actively exploited Chrome zero-day of 2024
|
Atlassian resolves critical RCE vulnerability in older Confluence versions
|
VMware fixes critical flaw in Aria Automation. Apply patch immediately!
|
Experts raise alarm on widespread exploitation of Ivanti Connect Secure VPN flaws
|
Experts caution about vulnerability affecting Bosch BCC100 Thermostat
|
Over 178,000 SonicWall next-gen firewalls (NGFW) left open to exploitation online
|
Phemedrone info stealer campaign leverages Windows smartScreen bypass
|
Balada Injector persists in infecting thousands of WordPress sites
|
Attackers focus on Apache Hadoop and Flink to distribute cryptominers
|
Apple resolves bug in Magic Keyboard allowing monitoring of Bluetooth traffic
|
Security Affairs newsletter Round 454 by Pierluigi Paganini – GLOBAL EDITION
|
Juniper Networks solved an important RCE vulnerability in its firewalls and switches
|
Huge Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election
|
Scholars created a Proof of Concept for Apache OFBiz flaw CVE-2023-51467
|
Team Liquid’s wiki leak exposes 118K users
|
|
Two zero-day vulnerabilities in Ivanti Connect Secure actively exploited
|
X Account of leading cybersecurity firm Mandiant was hacked due to inadequate protection
|
Cisco fixed serious Unity Connection vulnerability CVE-2024-20272
|
ShinyHunters member sentenced to three years in prison
|
HMG Healthcare revealed a data breach
|
|
Tool for decrypting Tortilla variant of Babuk ransomware released
|
Microsoft Patch Tuesday for January 2024 fixed 2 serious vulnerabilities
|
CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog
|
Syrian group Anonymous Arabic distributes stealthy malware Silver RAT
|
Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications
|
DoJ accused 19 individuals in a cross-border cybercrime investigation xDedic Marketplace
|
Long-existing Bandook RAT targets Windows machines
|
An assault by hackers hit the Beirut International Airport
|
Iranian crypto exchange Bit24.cash leaks user passports and IDs
|
Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION
|
Turkish Sea Turtle APT targets Dutch IT and Telecom firms
|
Experts identified a new macOS Backdoor named SpectralBlur linked to North Korea
|
Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages
|
The source code of Zeppelin Ransomware sold on a hacking forum
|
Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months
|
Ivanti resolved a critical EPM flaw that may lead to remote code execution
|
MyEstatePoint Property Search Android app leaks user passwords
|
Hacker compromised Orange Spain RIPE account causing internet outage to company customers
|
HealthEC data breach impacted over 4.5 Million individuals
|
Experts found 3 malicious packages concealing crypto miners in PyPi repository
|
Crooks breached Mandiant X account to promote cryptocurrency scam
|
Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud
|
CISA INCLUDES CHROME AND PERL LIBRARY FLAWS IN ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
|
Don’t trust links with known domains: BMW affected by redirect vulnerability
|
Hackers stole over $81 million worth of crypto assets from Orbit Chain
|
|
Security experts caution about the use of JinxLoader loader to distribute Formbook and XLoader
|
Terrapin attack enables the reduction of SSH protocol security
|
A mysterious hacker breached multiple organizations in Iran
|
Best cybersecurity stories from Security Affairs in 2023
|
Malware abuses an undocumented Google OAuth endpoint to regenerate Google cookies
|
Swedish retail and grocery provider Coop attacked by Cactus RANSOMWARE gang
|
Google reaches an agreement to settle a $5 billion privacy lawsuit
|
Latest Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION
|
INC RANSOM ransomware gang asserts infiltration of Xerox Corp
|
Risk posed to users by Spotify music converter TuneFab
|
The Assembly of the Republic of Albania and telecom company One Albania targeted by cyber attacks
|
APT28 linked to Russia deploys new malware in recent phishing attack
|
Third-party app use puts Clash of Clans gamers in jeopardy
|
Latest release of Meduza Stealer available on the Dark Web
|
Operation Triangulation attacks exploit an undisclosed hardware characteristic
|
|
Lockbit ransomware assault disrupts medical emergencies at a German hospital network
|
Security experts caution on critical Zero-Day in Apache OfBiz
|
Play Store distributing Xamalicious Android malware
|
Chinese group UNC4841 exploits new ESG zero-day resolved by Barracuda
|
Potential global disruption with artificial intelligence in the 2024 Elections
|
Analysis of attacks on poorly managed Linux SSH servers by experts
|
Australian healthcare provider St Vincent’s Health Australia targeted in a cyberattack
|
Abdali Hospital in Jordan breached by Rhysida ransomware group
|
Carbanak malware reintroduced in ransomware attacks
|
Resecurity unveils the forecast for the 2024 Cyber Threat Landscape
|
Ukraine targeted by APT group UAC-0099 exploiting a WinRAR vulnerability
|
Defense Industrial Base sector under threat from Iran-linked APT33 using FalseFont backdoor
|
Recent Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION
|
Europol and ENISA identify 443 e-stores compromised with digital skimming
|
Investigation launched by video game giant Ubisoft into alleged data breach
|
Accountancy firm Xeinadin reportedly breached by LockBit ransomware gang
|
Disclosure of a data breach by mobile virtual network operator Mint Mobile
|
Sensitive data stolen from Nissan Australia by the Akira ransomware gang
|
Indefinite hospital order issued for a member of the Lapsus$ gang
|
Details of 690k customers exposed by a real estate agency
|
High-severity bug in the Secure Traffic Scanning Feature of several products resolved by ESET
|
Agent Tesla malware propagated via phishing attacks exploiting an old Microsoft Office vulnerability
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CISA includes Qlik Sense vulnerabilities in its list of known exploits
|
Enhanced cooperation through a Working Arrangement signed by CISA and ENISA
|
Discovery of a new lock screen bypass for Android 14 and 13
|
Remote Code Execution (RCE) vulnerability fixed in WordPress 6.4.2
|
International Edition of Security Affairs newsletter Round 449 by Pierluigi Paganini
|
Irish water utility hacked by hacktivists leading to water supply interruption
|
Hundreds of 5G devices with Qualcomm and MediaTek chips impacted by 5Ghoul flaws
|
Data breach disclosed by Norton Healthcare following a ransomware attack
|
Major EDRs bypassed using Pool Party process injection techniques
|
Unlicensed money transmitting scheme involved founder of Bitzlato exchange
|
User passwords exposed by an Android barcode scanner app
|
Russia Callisto Group’s activities exposed by UK and US with members sanctioned
|
Cyber attack hits Nissan Oceania
|
Telecom companies in Thailand targeted by New Krasue Linux RAT
|
Four new RCE flaws in Atlassian products addressed
|
CISA adds Qualcomm vulnerabilities to its list of known exploits
|
Post-exploitation tampering technique showcases Fake Lockdown mode
|
Threat actors exposed sensitive data through GST Invoice Billing Inventory
|
US government systems breached by threat actors exploiting Adobe ColdFusion flaw
|
Publication of ENISA Threat Landscape for DoS Attacks Report
|
Exploitation of Outlook flaw by Russia-linked APT28 group to hijack MS Exchange accounts
|
Critical zero-click RCE fixed by Google in Android
|
Routers and IoT devices targeted by New P2PInfect bot
|
DanaBot Trojan used in malvertising attacks to spread CACTUS Ransomware
|
ICBC Ransomware Attack by LockBit impacting the global financial system
|
Firewalls, Access Points, and NAS devices flaws fixed by Zyxel
|
New Agent Raccoon malware targeting the Middle East, Africa, and the US
|
International Edition of Security Affairs newsletter Round 448 by Pierluigi Paganini
|
Attack technique developed by researchers to extract ChatGPT training data
|
13M+ user records exposed by Fortune-telling website WeMystic
|
Warning issued for Turtle macOS ransomware by an expert
|
|
ownCloud and Google Chrome bugs added by CISA to its list of known exploits
|
Two new iOS zero-day vulnerabilities fixed by Apple through emergency security updates
|
Access to Zoom Tenants gained through Critical Zoom Room bug
|
King Edward VII’s Hospital in London hacked by Rhysida ransomware group
|
Sixth Chrome Zero-Day vulnerability in 2023 fixed by Google
|
October 2023 Breach reveals additional attackers’ actions by Okta
|
App images on Docker Hub hide thousands of secrets
|
Critical ownCloud vulnerability CVE-2023-49103 exploited by threat actors
|
Prominent Ukraine-based Ransomware group dismantled in international police operation
|
Hack of North Texas Municipal Water District claimed by Daixin Team group
|
Ransomware attack disclosed by healthcare provider Ardent Health Services
|
Russia’s Federal Air Transport Agency, Rosaviatsia hacked by Ukraine’s intelligence service
|
|
MSP provider CTS hacked, potentially affecting hundreds of UK law firms
|
INTERNATIONAL EDITION of Security Affairs newsletter Round 447 by Pierluigi Paganini
|
China Energy hack claimed by Rhysida ransomware gang
|
Supply chain attack using a MagicLine4NX zero-day flaw by North Korea-linked APT Lazarus
|
Rust-based SysJoker backdoor utilized by Hamas-linked APT against Israel
|
Children’s data leaked by an app used in hundreds of schools
|
Launch of Microsoft Defender Bounty Program by Microsoft
|
Exposed Kubernetes configuration secrets that can facilitate supply chain attacks
|
Russian-language weaponized documents used by North Korea-linked Konni APT
|
macOS AMOS information stealer spread by ClearFake campaign
|
8.5 million patient data impacted by Welltok data breach in the U.S.
|
CyberLink software exploited in supply chain attack by North Korea-linked APT Diamond Sleet
|
Disclosure of data breach by Automotive parts giant AutoZone after MOVEit hack
|
Mirai-based botnet InfectedSlurs introduces new exploits through two zero-days
|
Hacktivist group SiegedSec hacks Idaho National Laboratory (INL)
|
Looney Tunables Linux bug added by CISA to its catalog of Known Exploited Vulnerabilities
|
Additional measures provided by Citrix to address Citrix Bleed
|
Suspicious cryptocurrency scheme association prompts Tor Project to remove several relays
|
Increase in NetSupport RAT attacks against education and government sectors cautioned by experts
|
Advantages of utilizing an API Management Platform: The Top 5 Reasons
|
Data breaches of two contractors impact Canadian government
|
Auction of data stolen from the British Library by Rhysida ransomware gang
|
Embassies targeted by Russia-linked APT29 group using WinRAR 0day exploit
|
APT group DarkCasino joins those exploiting the WinRAR zero-day vulnerability
|
US teenager admits to participating in credential stuffing attack on a betting site
|
INTERNATIONAL EDITION of Security Affairs newsletter Round 446 by Pierluigi Paganini
|
New variant of the Phobos ransomware used by 8Base ransomware operators
|
Russian APT Gamaredon deploys USB worm LitterDrifter against Ukraine
|
Sam Altman terminated by OpenAI’s board of directors
|
Hack claimed by Medusa ransomware gang on Toyota Financial Services|
CISA includes bug in Sophos Web Appliance to its list of Known Exploited Vulnerabilities
|
Zimbra zero-day utilized for the theft of government emails by four factions
|
Vietnam Post reveals 1.2TB of data breach, involving email addresses
|
New data breach incident reported by Samsung
|
FBI and CISA issue warning on potential attacks by Rhysida ransomware group
|
Significant vulnerability rectified in SAP Business One product
|
Illegal botnet proxy service IPStorm dismantled by law enforcement agencies
|
Casino giant Strendus’ oversight leads to compromise of gamblers’ data
|
|
Denmark’s critical infrastructure faces largest cyber attack in its history
|
Cyber attack leads to blockage of major Australian ports operated by DP World
|
Ransomware groups targeting Nuclear and Oil & Gas sectors in 2024
|
CISA adds five vulnerabilities in Juniper devices to its exploit catalog
|
Boeing’s data leaked by LockBit ransomware group
|
|
Texas-based Cogdell Memorial Hospital hit by the Lorenz ransomware group
|
Data breach affecting 1.3M individuals disclosed by the State of Maine
|
Security Affairs newsletter Round 445 presented by Pierluigi Paganini – INTERNATIONAL EDITION
|
BulletProftLink phishing-as-a-service (PhaaS) platform seized by police
|
Serbian pleads guilty for managing ‘Monopoly’ dark web drug market
|
Revelation of a data breach affecting 2.2 million individuals by McLaren Health Care
|
Anonymous Sudan executes a DDoS attack leading to takedown of the Cloudflare website
|
Ransomware attack targeted Industrial and Commercial Bank of China (ICBC)
|
Clop ransomware group exploits zero-day vulnerability in SysAid platform
|
Ransom payment by Dolly.com results in data release despite negotiation
|
Services of ChatGPT significantly disrupted due to DDoS attack
|
Power disruption in Ukraine due to new OT attack by Russian Sandworm
|
Multiple vulnerabilities in Veeam ONE addressed by Veeam, including critical issues
|
|
Israeli entities targeted by Iranian Agonizing Serpens APT through destructive cyber operations
|
Ransomware incidents leverage exploitation of critical Confluence flaw
|
QNAP addresses two critical vulnerabilities within QTS OS and applications
|
Attackers abuse Google Calendar RAT to operate Calendar service as C2 infrastructure
|
Privately sourced Socks5Systemz proxy service distributed through PrivateLoader and Amadey
|
|
Security Affairs newsletter Round 444 presented by Pierluigi Paganini – INTERNATIONAL EDITION
|
KandyKorn macOS Malware targets blockchain engineers by Lazarus group
|
Recent attacks uncovered Looney Tunables vulnerabilities targeted by Kinsing threat actors
|
ZDI reveals four zero-day vulnerabilities in Microsoft Exchange
|
The breach in the Okta customer support system affected 134 customers
|
Numerous WhatsApp modifications found housing the CanesSpy Spyware
|
Russian FSB apprehends Russian hackers backing Ukraine cyber activities
|
MuddyWater detected targeting two Israeli organizations
|
Clop group breaches email addresses of approximately 632,000 US federal employees
|
Okta discloses new data breach following third-party vendor compromise
|
Alleged exploitation of Apache ActiveMQ flaw CVE-2023-46604 for HelloKitty ransomware deployment
|
Boeing confirms cyberattack on its services division
|
Insecurity within 3rd-party services implicated in Aadhaar data leaks in India
|
Who is responsible for ending the Mozi Botnet?
|
CISA includes two F5 BIG-IP vulnerabilities in its roster of exploited weaknesses
|
Threat actors actively leveraging F5 BIG-IP vulnerabilities CVE-2023-46747 and CVE-2023-46748
|
Pro-Hamas activists utilize BiBi-Linux wiper to target Israel
|
Cyberattack causes major outage at the British Library
|
Significant data loss possible due to critical flaw in Atlassian Confluence
|
WiHD breach exposes information of all torrent users
|
Experts divulge Proof of Concept exploit code for Cisco IOS XE vulnerability CVE-2023-20198
|
Canada prohibits WeChat and Kaspersky applications on government-issued mobile devices
|
|
Wiki-Slack attack redirects professionals to malicious websites
|
HackerOne rewards bug hunters with over $300 million in awards
|
StripedFly, a sophisticated malware, infects unnoticed over one million devices
|
IT Army of Ukraine disrupts internet services in territories under Russian control
|
International Edition of Security Affairs newsletter Round 443 by Pierluigi Paganini
|
|
Lockbit ransomware group claims to have accessed data from Boeing
|
Guide on gathering market intelligence using Residential Proxies
|
F5 emphasizes addressing a critical flaw in BIG-IP
|
User data exposed by Hello Alfred app
|
iLeakage attack uses Safari to illicitly obtain data from Apple devices
|
Cloudflare thwarts 89 hyper-volumetric HTTP distributed DDoS attacks surpassing 100 million rps
|
Seiko confirms data breach post BlackCat attack
|
Winter Vivern APT exploits zero-day vulnerability in Roundcube webmail software in recent incidents
|
On day 1 of Pwn2Own Toronto 2023, organizers grant prizes worth $438,750
|
VMware addresses critical vCenter vulnerability including for End-of-Life products
|
Citrix advises admins to promptly patch NetScaler vulnerability CVE-2023-4966
|
Sensitive data leak at New England Biolabs
|
A former NSA employee has pleaded guilty to attempting to sell classified documents to Russia
|
|
What was the impact of the Okta Support breach on 1Password?
|
|
|
CISA has added another vulnerability in Cisco IOS XE to its list of exploited vulnerabilities
|
|
The City of Philadelphia has experienced a data breach
|
|
|
Vietnamese threat actors have been linked to the DarkGate malware campaign
|
The head of MI5 has issued a warning about the unprecedented scale of Chinese cyber espionage
|
The recent attack on the International Criminal Court was deliberate and sophisticated
|
|
A threat actor is offering access to Facebook and Instagram’s Police Portal for sale
|
Threat actors breached the Okta Support system and compromised customer data
|
|
The alleged developer of the Ragnar Locker ransomware has been apprehended
|
CISA has included a Cisco IOS XE vulnerability in its list of known exploited vulnerabilities
|
Tens of thousands of Cisco IOS XE devices have been compromised by exploiting CVE-2023-20198
|
Law enforcement agencies have taken down the infrastructure of the Ragnar Locker group
|
The 11th edition of the ENISA Threat Landscape Report has been released!
|
APT groups linked to North Korea are actively exploiting a vulnerability in JetBrains TeamCity
|
Multiple APT groups have taken advantage of a WinRAR vulnerability, CVE-2023-38831
|
California-based IT company DNA Micro exposed private mobile phone data
|
|
A vulnerability in Synology DiskStation Manager allows for admin account takeovers
|
D-Link has confirmed a data breach but downplayed its impact
|
CVE-2023-20198 zero-day exploit has been widely used to implant malware on Cisco IOS XE systems
|
The Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers
|
|
An app called ‘RedAlert – Rocket Alerts’ containing malware is targeting Israeli users
|
Cisco has issued a warning about active exploitation of a zero-day vulnerability in IOS XE
|
Signal has denied allegations of a zero-day flaw in its platform
|
|
The DarkGate malware campaign is exploiting Skype and Teams for malicious activities
|
The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital
|
|
CDW faced an 80 million ransom demand from the Lockbit ransomware gang
|
CISA issued a warning about vulnerabilities and misconfigurations exploited in ransomware attacks
|
|
A new advisory on AvosLocker ransomware released by FBI and CISA
|
The Balada Injector infected more than 17,000 WordPress websites in September
|
Introducing Ransomlooker, a tool designed to monitor and analyze activities of ransomware groups
|
Discover the phishing campaigns that have Italy in their sights
|
A new Magecart campaign conceals malicious code within 404 error pages
|
CISA includes the Adobe Acrobat Reader flaw in its list of Known Exploited Vulnerabilities
|
The Mirai-based DDoS botnet IZ1H9 has incorporated 13 payloads to target routers
|
Air Europa’s data breach exposed customers’ credit card information
|
|
|
Discover the ‘HTTP/2 Rapid Reset’ technique identified behind the record-breaking DDoS attacks
|
Exposed security cameras pose significant risks in Israel and Palestine
|
A vulnerability in the libcue library impacts systems running GNOME Linux
|
Hacktivists in Palestine and Israel target SCADA and other industrial control systems
|
A large-scale Citrix NetScaler Gateway campaign harvesting credentials exploits CVE-2023-3519
|
The source code of the 2020 variant of HelloKitty ransomware surfaced on a cybercrime forum
|
Gaza-linked hackers and Pro-Russia groups continue to target Israel
|
Flagstar Bank faces another data breach occurrence
|
Part of the BADBOX network, Android devices were shipped with firmware containing a backdoor
|
Check out Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition
|
The Lazarus APT linked to North Korea laundered over $900 million via cross-chain crime
|
QakBot threat actors remain active despite the takedown efforts in August
|
The ransomware attack on MGM Resorts resulted in a cost of $110 Million
|
Have you considered the importance of a hotline number in cybersecurity?
|
|
A critical Static Credentials bug affects Cisco Emergency Responder. Immediate action required!
|
|
|
NATO is probing a fresh cyber attack claimed by the SiegedSec group
|
Millions of clients’ files from a global CRM Provider were exposed online
|
Sony notified approximately 6,800 individuals about a data breach incident
|
Apple patched the 17th zero-day flaw exploited in recent attacks
|
The actively exploited Atlassian Confluence zero-day vulnerability CVE-2023-22515
|
Lyca Mobile services disrupted by a cyberattack
|
Qualcomm warns of three zero-days actively exploited
|
Ransomware threat landscape highlighted in DRM Report Q2 2023
|
Phishing campaign exploits flaw in Indeed for targeting US executives
|
Exposed: San Francisco’s transportation agency leaks drivers’ plate numbers and addresses
|
Cybercrime forums advertise BunnyLoader, a new Malware-as-a-Service
|
Exclusive insight: Illuminating the Exfiltration Infrastructure of a LockBit Affiliate (and more)
|
News resurfaces about two hacker groups, LockBit 3.0 Black and BlackCat/AlphV
|
Data breach hits European Telecommunications Standards Institute (ETSI)
|
Actively exploited WS_FTP flaw CVE-2023-40044 found in the wild
|
National Logistics Portal (NLP) data leak reveals seaports in India vulnerable to hackers
|
Spanish aerospace company targeted by Lazarus linked to North Korea
|
Sensitive DHS data possibly exposed in ransomware attack on Johnson Controls
|
BlackCat gang claims theft of data from 2.5 million patients of McLaren Health Care
|
International edition of the Security Affairs newsletter Round 439 by Pierluigi Paganini
|
Hotel chain Motel One hacked by ALPHV/BlackCat ransomware gang
|
Dual ransomware attack warning issued by the FBI
|
Critical severity flaws in WS_FTP Server addressed by Progress Software
|
Exclusive: Organized crime suspected in the takedown of a child abuse site
|
Over 3.5 million Exim servers impacted by an unpatched zero-day RCE
|
Chinese threat actors retrieve 60,000 emails in Microsoft breach from US State Department
|
Thousands of passports leaked due to a misconfigured WBSC server
|
JBoss RichFaces Framework flaw added to the Known Exploited Vulnerabilities catalog by CISA
|
Patch urged by Cisco for actively exploited IOS zero-day CVE-2023-20109
|
Johnson Controls targeted by Dark Angels Team ransomware group
|
Fifth Chrome zero-day of 2023 resolved by GOOGLE
|
Russian zero-day broker offers $20M for zero-day exploits on iPhones and Android devices
|
APT BlackTech identified in hiding within Cisco router firmware with links to China
|
Millions of applications affected by CVE-2023-5129 in libwebp library
|
DarkBeam leaks combinations of billions of email and password
|
Insight into ‘Ransomed.vc’ targeting Sony and NTT Docomo with alleged attacks
|
Data Lineage solves top 5 critical issues
|
Threat actors claim Sony hack as company initiates an investigation
|
User data left exposed by Canadian Flair Airlines for several months
|
Kuwait Ministry of Finance targeted by the Rhysida ransomware group
|
BORN Ontario data breach affects 3.4 million newborns and pregnancy care patients
|
Xenomorph malware resurfaces after a hiatus, expanding its target list
|
Smishing Triad extends influence to the United Arab Emirates
|
Thieves absconded with $200 million worth of assets from Mixin Network
|
Ukrainian military entities targeted in a phishing campaign using drone manual baits
|
Warning! Secure your TeamCity installation to prevent server breach
|
Could Gelsemium APT be responsible for a focused attack on a Southeast Asian Government?
|
Individual pleads guilty to involvement in a millionaire BEC scheme
|
Fresh variation of BBTok Trojan sets its sights on users of +40 banks in Latin America
|
Deadglyph, an extremely sophisticated and unidentified backdoor, targets the Middle East
|
Alphv group admits to breaching Clarion, a global producer of audio and video equipment for cars
|
Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition
|
Data breach at National Student Clearinghouse affects around 900 U.S. schools
|
Government of Bermuda accuses Russian threat actors of the cyber assault
|
Recent urgent updates from Apple and Chrome address 3 newly exploited zero-day vulnerabilities
|
|
Air Canada employee information exposed in recent cyber intrusion
|
Telcos targeted by Sandman APT using LuaDream backdoor
|
Apple issues emergency updates to counter 3 recently exploited zero-day vulnerabilities
|
Ukrainian hackers linked to the Free Download Manager supply chain attack
|
Exail Technologies, a space and defense tech manufacturer, exposes database access
|
NoName hacker group launches a DDoS attack on Canadian airports causing severe disruptions
|
Experts discover critical vulnerabilities in Nagios XI network monitoring software
|
Finnish Customs dismantles the dark web drug marketplace PIILOPUOTI
|
International Criminal Court targeted in a cyber attack
|
GitLab addresses critical vulnerability CVE-2023-5009
|
Trend Micro resolves an actively exploited zero-day in Apex One and other security Products
|
ShroudedSnooper threat actors aim at telecom companies in the Middle East
|
A recent cyber attack leads to a shortage of Clorox products
|
Earth Lusca adds SprySOCKS Linux malware to its arsenal
|
Microsoft AI research division inadvertently exposes 38TB of confidential data
|
German intelligence warns of potential cyberattacks on liquefied natural gas (LNG) terminals
|
|
TransUnion data leak deeply concerns law enforcement and U.S. Department of Defense
|
Lazarus APT from North Korea illicitly acquires almost $240 million in crypto assets since June
|
Clop gang hacks major North Carolina hospitals and steals data
|
CardX notifies customers in Thailand about a data breach
|
Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition
|
Irish DPC imposes a €345M fine on TikTok for violating children’s privacy
|
Dariy Pankov, creator of the NLBrute malware, admits guilt
|
Top Android health apps found with risky permissions
|
Caesars Entertainment pays ransom to prevent data leaks
|
Linux malware served through Free Download Manager for over 3 years
|
Carthage Area Hospital and Clayton-Hepburn Medical Center hit by Lockbit ransomware gang in New York
|
Pegasus spyware infects Russian journalist’s iPhone
|
Windows endpoints vulnerable to remote code execution due to Kubernetes flaws
|
Airbus investigates sensitive data leak by threat actor
|
New ransomware variant 3AM surfaces in cyber threat landscape
|
Redfly group breaches Asian national grid for up to six months
|
Critical zero-day in Firefox and Thunderbird resolved by Mozilla
|
Microsoft addresses 2 zero-day vulnerabilities in September 2023 Patch Tuesday
|
Save the Children confirms cyber attack incident
|
Adobe fixes actively exploited zero-day in Acrobat and Reader
|
Over 4,000 GitHub repositories compromised by new Repojacking cyber attack
|
Cyber attack targets MGM Resorts
|
DDoS attack on Telegram carried out by Anonymous Sudan
|
Charming Kitten APT launches new backdoor attack in Brazil, Israel, and U.A.E.
|
Fourth Chrome zero-day of 2023 fixed by Google
|
CISA adds newly discovered Apple zero-days to known exploited vulnerabilities catalog
|
UK and US impose sanctions on 11 members of Russia-based TrickBot gang
|
Growing popularity of new HijackLoader malware in cybercrime community
|
Top universities vulnerable to cybersecurity breaches, risk websites exposed
|
Trojanized Telegram apps found on Google Play in Evil Telegram campaign
|
Rhysida Ransomware group claims breach on three additional US hospitals
|
Akamai thwarts largest DDoS attack on US financial company
|
Security Affairs newsletter Round 436 by Pierluigi Paganini – Global version
|
Critical Apache RocketMQ flaw added to US CISA’s list of known exploited vulnerabilities
|
Ragnar Locker gang leaks data from Israel’s Mayanei Hayeshua hospital
|
North Korea-linked threat actors use zero-day to target cybersec experts
|
Cisco ASA and FTD zero-day actively exploited in ransomware attacks
|
Apple zero-days utilized to deploy NSO Group’s Pegasus spyware
|
Apple reveals 2 actively exploited zero-day flaws in iPhones and Macs
|
New version of macOS Atomic Stealer distributed through malvertising campaign
|
Remote server hacking possible through two Apache SuperSet vulnerabilities
|
Chinese hackers acquire Microsoft signing key from Windows crash dump error
|
Google fixes actively exploited zero-day in Android with September 2023 security updates
|
Atlas VPN Linux Client zero-day leakage exposes users’ IP addresses
|
MITRE and CISA launch Caldera for OT attack simulation
|
Three critical remote code execution flaws affect ASUS routers
|
$41M worth of crypto assets stolen by hackers from crypto gambling firm Stake
|
7 Million users impacted by Freecycle data breach
|
Meta disrupts two influence campaigns from China and Russia
|
German financial agency BaFin site taken down by a massive DDoS attack
|
USPS and US Citizens targeted for Data Theft by “Smishing Triad”
|
Third-party service provider causes a security breach at University of Sydney
|
Germany to face $224 billion cost due to Cybercrime in 2023
|
CVE-2023-34039 bug in VMware Aria Networks exploited with PoC exploit code released
|
International edition of Security Affairs newsletter Round 435 by Pierluigi Paganini
|
Commission des services electriques de Montréal (CSEM) hit by LockBit ransomware gang
|
Inside the enabler of WannaCry – UNRAVELING EternalBlue
|
Free decryptor released by researchers for the Key Group ransomware
|
More than +500,000 individuals affected by data breach at Fashion retailer Forever 21
|
Ukrainian military targeted by Russia-linked hackers using Infamous Chisel Android malware
|
Cisco ASA targeted by Akira Ransomware gang due to absence of Multi-Factor Authentication
|
Data breach disclosed by Paramount Global
|
|
Avoiding detection by security products through abuse of Windows Container Isolation Framework
|
VMware Aria Operations Networks impacted by a critical RCE flaw
|
Barracuda ESG flaw exploited by UNC4841 threat actors to hack US government email servers
|
|
Citrix NetScaler systems targeted by FIN8-linked actor
|
New attack technique ‘MalDoc in PDF’ warned by Japan’s JPCERT
|
Discovery of IP address possible for attackers through the Skype mobile app
|
Cisco resolves 3 high-severity DoS flaws in NX-OS and FXOS software
|
Critical systems of Cloud and hosting provider Leaseweb affected after a cyber attack
|
Employee at Kroll exposed Crypto investor data through a SIM swapping attack
|
Taiwan targeted by China-linked Flax Typhoon APT
|
PoC exploit for Ivanti Sentry flaw CVE-2023-38035 released by researchers
|
Zero-day vulnerability in Schneider Electric Accutech Manager identified by Resecurity
|
About Author
