Sentinel Labs firm discovered a sophisticated malware dubbed Gyges that is the mixing of commercial malicious code with code of alleged cyber weapon. Experts at Sentinel Labs security firm have disc ...
Apple has worked hard to make iOS devices reasonably secure but hidden services could be exploited to steal every user's data in a stealthy way. Have you tried to enumerate the functionalities and se ...
The BigBoss app repository, the default package store for Cydia application, has been hacked by a group of hackers which named itself "Kim Jong-Cracks". The BigBoss repository, one of the bigges ...
The ICS-CERT has issued a security advisory related to the existence of OpenSSL vulnerabilities affecting different Siemens industrial products. Several Siemens industrial products are affected by f ...
November 16, 2023
November 16, 2023
Port of Seattle confirmed on Friday that the Rhysida ransomware group was behind the cyberattack that hit the agency in August. In August, a cyber attack hit the Port of Seattle, which also opera ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mythical Beasts and Where to Find Them: Mapping the Global Sp ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ...
Ivanti warned that recently patched flaw CVE-2024-8190 in Cloud Service Appliance (CSA) is being actively exploited in the wild. Ivanti warned that a newly patched vulnerability, tracked as CVE-20 ...
GitLab addressed multiple vulnerabilities impacting GitLab CE/EE, including a critical pipeline execution issue. GitLab released security patches for 17 vulnerabilities in GitLab CE (Community Ed ...
A new Linux malware called Hadooken targets Oracle WebLogic servers, it has been linked to several ransomware families. Aqua Security Nautilus researchers discovered a new Linux malware, called H ...
Lehigh Valley Health Network ’s (LVHN) hospital network has agreed to a $65 million settlement in a class action lawsuit related to a data breach. Lehigh Valley Health Network (LVHN) is a large ...
Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 million Android devices in 197 countries. Doctor Web researchers uncovered a malware, tracked as Vo1d, ...
Fortinet disclosed a data breach after a threat actor claimed the theft of 440GB of files from the company's Microsoft Sharepoint server. Today, Fortinet told Cyber Daily that a threat actor gaine ...
The Singapore Police Force (SPF) has arrested six individuals for their role in the operations of a cybercrime ring in the country. The Singapore Police Force (SPF) arrested five Chinese nationals ...
Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multip ...
Highline Public Schools, a school district in Washington state, remains closed following a cyberattack that occurred two days ago. Two days ago Highline Public Schools (HPS), a school district in ...
Researchers observed the RansomHub ransomware group using the TDSSKiller tool to disable endpoint detection and response (EDR) systems. The RansomHub ransomware gang is using the TDSSKiller tool t ...
Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is ...
Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for September 2024 addres ...
The Quad7 botnet evolves and targets new SOHO devices, including Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. The Sekoia TDR team identified additional implants assoc ...
Poland 's security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. Poland security services announced they have thwarted a cyber opera ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and I ...
Payment gateway provider Slim CD disclosed a data breach, credit card and personal data of almost 1.7 million individuals were compromised. The electronic payment gateway Slim CD disclosed a data ...
Researchers warn of a fresh cluster of activity associated with the Predator spyware using a new infrastructure, following the U.S. sanctions against the Intellexa Consortium. Recorded Future rese ...
A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an allegedly China-linked threat actor, tracked TID ...
Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Researchers at Fortinet FortiGuard Labs reported that thr ...
Progress Software released an emergency to address a maximum severity vulnerability in its LoadMaster products. Progress Software released an emergency fix for a critical vulnerability, tracked as ...
Russian And Kazakhstani men indicted for operating the Dark Web cybercriminals marketplace WWH Club and other crime forums and markets. Alex Khodyrev (35) from Kazakhstan) and Pavel Kublitskii (37 ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. BlackSuit Ransomware Dissecting the Cicada &nb ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...
A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for Word ...
Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers' personal information. Car rental company Avis notified customers impa ...
Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access cont ...
Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE ...
The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from ...
Veeam addressed 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One. Veeam security updates to address multiple vulnerabilities impacting its ...
The Chinese-speaking threat actor Earth Lusca used the new backdoor KTLVdoor in an attack against a trading company in China. Trend Micro Researchers spotted the Chinese-speaking threat actor Eart ...
A cyber attack hit the German air traffic control agency (DFS) disrupting its operations, experts attribute it to Russia-linked group APT28. A cyber attack targeted the German Air Traffic Control ...
Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to ...
D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router series. Networking hardware vendor D-Link wars of multiple remote code execution (RCE) vul ...
A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a h ...
Taiwanese manufacturer Zyxel addressed a critical OS command injection flaw affecting multiple models of its business routers. Zyxel has released security updates to address a critical vulnerabili ...
VMware released a patch to address a high-severity code execution flaw in its Fusion hypervisor, users are urged to apply it. VMware addressed a high-severity code execution vulnerability, tracke ...
Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. Cisco Talos researchers discovered eight vulnerabilities in Microsoft apps for mac ...
Three men have pleaded guilty to operating OTP.Agency, an online service that allowed crooks to bypass Multi-Factor authentication (MFA). Three men, Callum Picari (22), Vijayasidhurshan Vijayanath ...
Transport for London (TfL) is investigating an ongoing cyberattack, however, customer information was compromised. Transport for London (TfL) is investigating an ongoing cyberattack. However, the ...
The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students' ...
A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) oper ...
A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) pro ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra release ...
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE� ...
Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527 ...
Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. Google TAG (Threat Analysis Group) researchers observed th ...
Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent. Cisco released security updates for NX-OS software that address multipl ...
An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai's Security Intelligence and Response Team (SIRT) has detected a botne ...
French prosecutors charged CEO Telegram Pavel Durov with facilitating various criminal activities on the messaging platform. French prosecutors have formally charged Telegram CEO Pavel Durov with ...
Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked cy ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ( ...
A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breac ...
BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recentl ...
The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State an ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)� ...
China-linked APT group Volt Typhoon exploited a zero-day flaw in Versa Director to upload a custom webshell in target networks. China-linked APT Volt Typhoon exploited a zero-day vulnerability, tr ...
CrowdStrike researchers have identified the notorious hacker USDoD who is behind several high-profile data leaks. The notorious hacker USDoD (aka EquationCorp), who is known for high-profile data ...
The Dutch Data Protection Authority (DPA) has fined Uber a record €290M for violating the EU data protection regulation while sending sensitive driver data to the U.S. The Dutch Data Protection ...
Google released emergency security updates to fix the tenth actively exploited Chrome zero-day vulnerability this year. Google released a security update to address a new Chrome zero-day vulnerabi ...
SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnera ...
A cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport, websites and phone systems were impacted. Media reported that the Port of Seattle, which also ...
Researchers spotted a new stealthy Linux malware named sedexp that uses Linux udev rules to achieve persistence and evade detection. Aon’s Cyber Solutions spotted a new malware family, called se ...
French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity. Pavel Durov, the founder and CEO of Teleg ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Versa Director bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA ...
Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. During the recent Def Con hacking conference, security r ...
A Russian national was arrested in Argentina for laundering proceeds from illicit actors, including North Korea-linked Lazarus Group. This week, the Argentine Federal Police (PFA) arrested a Russi ...
Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack wh ...
Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that ...
The Russian national Deniss Zolotarjovs has been charged in a U.S. court for his role in the Karakurt cybercrime gang. Deniss Zolotarjovs (33), a Russian cybercriminal, has been charged in a U.S. ...
Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (M ...
China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cybersecurity firm Sygnia reported that the China-lin ...
US oil giant Halliburton announced that it was hit by a cyberattack that is affecting operations at its Houston, Texas offices. Halliburton, a major U.S. oil company, announced that a cyberattack ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Dahua IP Camera, Linux Kernel and Microsoft Exchange Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersec ...
SolarWinds fixed a hardcoded credential flaw in its Web Help Desk (WHD) software that could allow attackers to gain unauthorized access to vulnerable instances. SolarWinds has addressed a new secu ...
Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. U.S. chipmaker Microchip Technology suffered a cyberattack that disrupted operations ...
Google released emergency security updates to fix the ninth actively exploited Chrome zero-day vulnerability this year. Google released an emergency security update to address a Chrome zero- ...
GitHub addressed three vulnerabilities in its GitHub Enterprise Server product, including a critical authentication flaw. GitHub addressed three security vulnerabilities impacting the GitHub Enter ...
Researchers have disclosed a critical security vulnerability in Microsoft's Copilot Studio that could lead to the exposure of sensitive information. Researchers disclosed a critical security vulne ...
North Korea-linked APT Kimsuky is likely behind a new remote access trojan called MoonPeak used in a recent campaign spotted by Cisco Talos. Cisco Talos researchers uncovered the infrastructure us ...
The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine ...
A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly. Researchers from security firm Quarkslab discovered a backdo ...
Blockchain analysis firm Chainalysis revealed that ransomware payments rose by approximately 2%, from $449.1 million to $459.8 million. Blockchain analysis firm Chainalysis revealed that while ove ...
Experts spotted a previously undetected backdoor, dubbed Msupedge, that was employed in an attack against a university in Taiwan. Broadcom Symantec researchers discovered a previously undetected ...
Researchers discovered thousands of Oracle NetSuite e-stores that are vulnerable to data leak, sensitive customer information is at risk. Cybersecurity researchers from AppOmni warn of a potential ...
Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an arc ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructu ...
Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potential ...
Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit att ...
Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS sco ...
New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a n ...
Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using 'MasterPrints, 'which are fingerprints that can match multiple other prints. A team of researc ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Deciphering the Brain Cipher Ransomware Ideal ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extor ...
OpenAI announced it had dismantled an Iranian influence operation that was producing content related to the U.S. Presidential election. OpenAI has dismantled an Iran-linked influence operation, tr ...
Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information. Background check service National Public D ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
A Russian national was sentenced to over three years in prison for selling stolen information and credentials on a dark web marketplace. The 27-year-old Russian national Georgy Kavzharadze (also k ...
Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANS ...
Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have i ...
Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP rem ...
A cybercrime group linked to the RansomHub ransomware was spotted using a new tool designed to kill EDR software. Sophos reports that a cybercrime group, likely linked to the RansomHub ransomware ...
Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it disrupted a hacking campaign carried out by Iran ...
Experts linked an ongoing social engineering campaign, aimed at deploying the malware SystemBC, to the Black Basta ransomware group. Rapid7 researchers uncovered a new social engineering campaign ...
Iranian news outlet reported that a major cyber attack targeted the Central Bank of Iran (CBI) and several other banks causing disruptions. Iran International reported that a massive cyber attack ...
China-linked threat actor Earth Baku expanded its operations in Europe, the Middle East, and Africa starting in late 2022. China-linked APT group Earth Baku (a threat actor associated with APT41) ...
SolarWinds addressed a critical remote code execution vulnerability in its Web Help Desk solution for customer support. SolarWinds fixed a critical vulnerability, tracked as CVE-2024-289 ...
Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak ...
Microsoft's August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Micros ...
Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti addressed a critical ...
Elon Musk claims that the livestream interview with Donald Trump on the X social media platform was impacted by a cyberattack. Elon Musk claims that a massive DDoS attack caused problems with the ...
CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukrain ...
The U.S. DoJ arrested a Tennessee man for running a "laptop farm" that enabled North Korea-linked IT workers to obtain remote jobs with American companies. The U.S. Justice Department arrested Mat ...
FreeBSD Project maintainers addressed a high-severity flaw in OpenSSH that could allow remote code execution with elevated privileges. The maintainers of the FreeBSD Project have released urgent s ...
A campaign tracked as EastWind is targeting Russian government and IT organizations with PlugY and GrewApacha Backdoors. In late July 2024, Kaspersky researchers detected a series of targeted cybe ...
Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclose ...
Donald Trump's campaign reported that its emails were hacked by "foreign sources hostile to the United States." Donald Trump's presidential campaign announced it was hacked, a spokesman attributes ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Surge in Magniber ransomware attacks impact home users worldw ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Physical security firm ADT disclosed a data breach, threat actors stole information from 30,000 customers and leaked it. ADT is a provider of alarm and physical security systems, it employs more t ...
A INC Ransom ransomware attack this week disrupted IT and phone systems at McLaren Health Care hospitals. On Tuesday, an INC Ransom ransomware attack hit the McLaren Health Care hospitals and disr ...
Crooks took control of a cow milking robot and demanded a ransom from a farmer who refused to pay it, resulting in the death of a cow. An extortion attempt had a tragic outcome, cybercriminals too ...
NCC Group discovered vulnerabilities in Sonos smart speakers, including a flaw that could have allowed to eavesdrop on users. Researchers from NCC Group have discovered multiple vulnerabilities in ...
Cisco warns of critical remote code execution zero-day vulnerabilities impacting end-of-life Small Business SPA 300 and SPA 500 series IP phones. Cisco warns of multiple critical remote code execu ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Sec ...
Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service sto ...
An 18-year-old bug, dubbed "0.0.0.0 Day," allows malicious websites to bypass security in Chrome, Firefox, and Safari to breach local networks. Oligo Security's research team warns of an 18-year ...
FBI and CISA published a joint advisory on the BlackSuit Ransomware group, the document provides TTPs and IOCs as recently as July 2024. CISA, in collaboration with the FBI, has published a joint ...
The Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware and offers alleged stolen data for 25 BTC. Bayhealth Hospital is a technologically advanced not-for-profit healt ...
Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts. Sonar’s Vulnerability Research Team discovered a critical ...
A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown An ...
Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Gu ...
The Réunion des Musées Nationaux network, including Paris' Grand Palais and other museums, was hit by a ransomware attack. A ransomware attack hit the Réunion des Musées Nationaux network, inc ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting ...
Ransomware attacks are the most significant risk for modern organizations, why organizations should avoid paying ransoms. Ransomware attacks are the most significant risk for modern organizations, ...
South Korea's National Cyber Security Center (NCSC) reported that North Korea-linked hackers hijacked VPN software updates to deploy malware. South Korea's national security and intelligence agenc ...
Researchers urge organizations using Apache OFBiz to address a critical bug, following reports of active exploitation of another flaw. Experts urge organizations to address a new critical vulnerab ...
Printed circuit board assembly (PCBA) manufacturer Keytronic reported that a recent ransomware attack led to expenses and lost revenue exceeding $17 million. In June, Keytronic disclosed a data br ...
A security bypass bug in Rockwell Automation ControlLogix 1756 devices could allow unauthorized access to vulnerable devices. A high-severity security bypass vulnerability, tracked as CVE-2024-624 ...
China-linked group APT41 breached a Taiwanese government-affiliated research institute using ShadowPad and Cobalt Strike. Cisco Talos researchers reported that the China-linked group compromised a ...
A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. Volexity researchers reported that a China-linked AP ...
Jerico Pictures Inc., operating as National Public Data, exposed the personal information of nearly 3 billion individuals in an April data breach. A proposed class action claims that Jerico Pictur ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unplugging PlugX: Sinkholing the PlugX USB worm botnet & ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
The U.S. Department of Justice has sued TikTok and its parent company, ByteDance, for extensive violations of children's privacy laws. The Justice Department and the Federal Trade Commission (FTC) ...
A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. Palo Alto researchers reported that a Russia-linked threat actor known as Fightin ...
Investors have sued CrowdStrike because the cybersecurity firm made false claims about its Falcon platform. Investors have sued CrowdStrike because the company made false and misleading claims on ...
CISA warned that an Avtech camera vulnerability, which is still unpatched, is being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an ad ...
Today, 24 prisoners were released in an international swap between Russia and Western countries, including convicted Russian cybercriminals. In the recent international prisoner swap two not ...
Researchers warn of an attack vector in the DNS, called the Sitting Ducks, that exposes over a million domains to hackers' takeover. Researchers from Eclypsium and Infoblox have identified an att ...
Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation rep ...
BingoMod is a new Android malware that can wipe devices after stealing money from the victims' bank accounts. Researchers at Cleafy discovered a new Android malware, called 'BingoMod,' that can w ...
OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and ...
Apple has issued security updates to address multiple vulnerabilities across iOS, macOS, tvOS, visionOS, watchOS, and Safari. Apple released security updates to address multiple vulnerabilities in ...
Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishi ...
Zscaler researchers revealed that a company paid a record-breaking $75 million ransom to the Dark Angels ransomware group. Zscaler discovered a record-breaking ransom payment of US$75 million made ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a VMware ESXi bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ...
A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new vers ...
The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, an ...
Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research ...
Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the re ...
Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked ...
CrowdStrike warns about a new threat actor targeting German customers by exploiting a recent issue with Falcon Sensor updates. On July 24, 2024, CrowdStrike experts identified a spear-phishing ca ...
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government's Computer ...
French authorities and Europol are conducting a "disinfection operation" targeting hosts compromised by the PlugX malware. The French authorities, with the help of Europol, have launched on July ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Play Ransomware Group’s New Linux Variant Targets ESXi, Sho ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs ...
Google addressed a Chrome's Password Manager bug that caused user credentials to disappear temporarily for more than 18 hours. Google has addressed a bug in Chrome's Password Manager that caused u ...
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released secu ...
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray express ...
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for c ...
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score ...
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers obse ...
A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michig ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infra ...
China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Macma. The China-linked APT group Daggerfly (a ...
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ...
Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap fil ...
The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. The United States sanctioned Russian hacktivi ...
EvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send malicious APK payloads disguised as videos. ESET researchers discovered a zero-day exploit named EvilVideo th ...
The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. Huntress researchers observed the JavaScript downloader m ...
Law enforcement arrested a 17-year-old boy from Walsall, U.K., for suspected involvement in the Scattered Spider cybercrime syndicate. Law enforcement in the U.K. arrested a 17-year-old teenager f ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Hardening of HardBit 10,000 Victims a Da ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog. The ...
CrowdStrike warns that threat actors are exploiting the recent IT outage caused by their faulty update to distribute Remcos RAT malware. CrowdStrike spotted threat actors attempting to benefit fr ...
Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and M ...
Personal and health information of 12.9 million individuals was exposed in a ransomware attack on Australian digital prescription services provider MediSecure. MediSecure is a company that provide ...
Windows machines worldwide displayed BSoD screen following a faulty update pushed out by cybersecurity firm CrowdStrike. A faulty update released by CrowdStrike Falcon is causing Windows systems t ...
Cisco has addressed a critical vulnerability that could allow attackers to add new root users to Security Email Gateway (SEG) appliances. Cisco fixed a critical vulnerability, tracked as CVE-2024- ...
Researchers discovered security flaws in SAP AI Core cloud-based platform that could expose customers' data. Cybersecurity researchers at Wiz uncovered five security flaws, collectively tracked ...
The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivat ...
AI systems are transforming technology and driving innovation across industries. How to protect privacy and build secure AI products? How to Protect Privacy and Build Secure AI Products AI syst ...
A vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers allows threat actors to change any user's password. Cisco has addressed a critical vulnerability, tracke ...
The world's largest recreational boat and yacht retailer MarineMax, disclosed a data breach following a cyber attack. The world's largest recreational boat and yacht retailer MarineMax disclosed a ...
Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void Banshee was spotted exploiting the Windows zer ...
Microsoft said that in Q2 2024, the Octo Tempest cybercrime gang added RansomHub and Qilin ransomware to its arsenal. In the second quarter of 2024, financially motivated threat actor Octo Tempest ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ...
Kaspersky is leaving the U.S. market following the recent ban on the sales of its software imposed by the Commerce Department. Russian cybersecurity firm Kaspersky announced its exit from the U.S. ...
The FBI gained access to the password-protected phone of the suspect in the assassination attempt on Donald Trump. The independent website 404 Media first reported that the FBI had successfully ac ...
Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) impacts the ...
Wired attributes the recently disclosed AT&T data breach to a hacker living in Turkey and reported the company paid a $370,000 ransom. An American hacker who lives in Turkey claimed responsibi ...
Cybersecurity researchers detailed a new version of the HardBit ransomware that supports new obfuscation techniques to avoid detection. The new version (version 4.0) of the HardBit ransomware come ...
A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details abo ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Android Spyware Steals Data from Gamers and TikTok Users& ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Ukrainian national Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID malware operations. The U.S. DoJ sentenced the Ukrainian national Vyacheslav Igorevich Pen ...
The American drugstore chain Rite Aid Corporation disclosed a data breach following the cyber attack that hit the company in June. The American drugstore chain giant Rite Aid suffered a data breac ...
AT&T disclosed a new data breach that exposed phone call and text message records for approximately 110 million people. AT&T suffered a massive data breach, attackers stole the call logs f ...
A critical vulnerability in Exim mail server allows attackers to deliver malicious executable attachments to mailboxes. Attackers can exploit a critical security flaw, tracked as CVE-2024-39929 (C ...
Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security ...
Resecurity has identified a new campaign by the Smishing Triad that is targeting India to steal personal and payment data at scale Resecurity (USA) identified a new campaign targeting India Post ( ...
The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas Co ...
A threat actor known as CrystalRay targeted 1,500 victims since February using tools like SSH-Snake and various open-source utilities. The Sysdig Threat Research Team (TRT) first spotted the thr ...
Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The Akamai Security Intelligence Response Team (SIRT) warns that multiple ...
The US and its allies disrupted an AI-powered Russia-linked bot farm on the social media platform X relying on the Meliorator AI software. The U.S. FBI and Cyber National Mission Force, along with ...
VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tr ...
IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity iss ...
A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select ver ...
Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnera ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ...
The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached ...
The recent data breach suffered by the American luxury department store chain Neiman Marcus has exposed more than 31 million customer email addresses. In May 2024, the American luxury retailer and ...
Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomw ...
Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password comp ...
Threat actors are exploiting Ghostscript vulnerability CVE-2024-29510 to bypass the sandbox and achieve remote code execution. Threat actors are actively exploiting a Ghostscript vulnerability, tr ...
Apple removed several virtual private network (VPN) apps from its App Store in Russia following a request from the Russian Government. Russia is tightening its citizens' control over Internet acce ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securi ...
The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple vulnerabiliti ...
Today marks the launch of the Security Affairs newsletter, specializing in Malware. This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had th ...
Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereaso ...
The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the ...
The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3 ...
Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still refer ...
Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based bo ...
Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automatio ...
Hackers compromised Ethereum 's mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum's mailing list provider and on ...
OVHcloud successfully mitigated a record-breaking DDoS attack in April, which reached 840 million packets per second (Mpps). The cloud services provider OVHcloud announced it has mitigated a recor ...
Healthcare firm HealthEquity disclosed a data breach caused by a partner's compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data brea ...
Brazil’s data protection authority temporarily banned Meta from using data originating in the country to train its artificial intelligence. Brazil's data protection authority, Autoridade Naciona ...
Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterpri ...
An international law enforcement operation code-named Operation Morpheus led to the takedown of 593 Cobalt Strike servers used by crooks. An international law enforcement operation, code-named Ope ...
The LockBit ransomware group breached another hospital in the United States, the victim is the Fairfield Memorial Hospital in Illinois. It has happened again, another US healthcare organization su ...
The American credit union Patelco Credit Union shut down several of its banking systems to contain a ransomware attack. Patelco Credit Union is a member-owned, not-for-profit credit union that se ...
The Polish government is investigating a potential connection between Russia and a cyberattack on the country’s state news agency. The Polish government is investigating a suspected link between ...
Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by ...
Prudential Financial confirmed that more than 2.5 million individuals were affected by the data breach it suffered in February 2024. The insurance company Prudential Financial confirmed that the d ...
An Australian man has been charged with carrying out 'Evil Twin' Wi-Fi attack during a domestic flight to steal user credentials and data. An Evil Twin Wi-Fi attack is a type of cyberattack where ...
Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-202 ...
A critical flaw in the OpenSSH server can be exploited to achieve unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintainers addressed a critical ...
Wayne Memorial Hospital in Pennsylvania was the victim of a cyber attack, Monti gang claimed to have hacked the healthcare infrastructure. Another critical infrastructure healthcare suffered a sec ...
Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation a ...
Microsoft warned more customers about email theft linked to the previously reported Midnight Blizzard hacking campaign. The Russia-linked cyberespionage group Midnight Blizzard continues to target ...
Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer 's corporate network. TeamViewer discovered that a threat actor has breached its corporate network and som ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing ...
A cyber attack started targeting the University Hospital Centre Zagreb (KBC Zagreb) on Wednesday night, reported the Croatian Radiotelevision. A cyber attack began targeting the University Hospita ...
The US DoJ announced charges against a member of Russia's military intelligence service GRU for conducting wiper attacks on Ukraine in 2022. The US Department of Justice (DoJ) announced charges ag ...
The LockBit ransomware group seems to have lied when they announced the hack of the US Federal Reserve. The real victim is the Evolve Bank. The LockBit ransomware group hasn't hacked the Federal R ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...
Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in atta ...
Experts warn of active exploitation of a critical authentication bypass vulnerability in MOVEit Transfer file transfer software. Progress Software addressed two critical authentication bypass vuln ...
A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer, called Caesar Cipher Ski ...
Researchers warn that a Mirai-based botnet is exploiting a recently disclosed critical vulnerability in EoL Zyxel NAS devices. Researchers at the Shadowserver Foundation warn that a Mirai-based bo ...
WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five years in Belmarsh prison. Julian Assange is free after five years in Belmarsh prison, the WikiLe ...
CISA warned chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was compromised in January. CISA warns chemical facilities that its Chemical Security Assessment Tool ...
Threat actors breached 1,590 cryptocurrency wallets of the cryptocurrency portfolio management and tracking platform CoinStats. The cryptocurrency portfolio management and tracking platform CoinSt ...
Multiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research identified multiple threat actors using Rafel, ...
The Lockbit ransomware group announced that it had breached the US Federal Reserve and exfiltrated 33 TB of sensitive data. The Lockbit ransomware group announced that it had breached the systems ...
Between Jan and Apr 2024, the global ransomware landscape witnessed significant activity, with 1420 ransomware claims reported worldwide. In the first four months of 2024, the global ransomware la ...
The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gan ...
A threat actor is offering for sale customer data allegedly stolen from the Australia-based live events and ticketing company TEG. TEG (Ticketek Entertainment Group) is an Australian company that ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Threat actors are actively exploiting a recently discovered vulnerability in SolarWinds Serv-U software using publicly available proof-of-concept (PoC) code. Threat actors are actively exploiting ...
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned twelve Kaspersky Lab executives for their role in the Russian company. The Treasury Department's Office of Foreign Ass ...
The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encry ...
A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware security firm Eclypsium discovered a vulnerability, ...
French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information sec ...
The US government announced the ban on selling Kaspersky software due to security risks from Russia and urged citizens to replace it. The Biden administration announced it will ban the sale of Kas ...
Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-se ...
A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has ...
New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration A new Rust malware called Fickle Stealer spreads through various attack methods and steals sensitive information. ...
A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered ...
Resecurity researchers warn of a new activity of Smishing Triad, which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad, which has expanded its o ...
Alleged researchers have exploited a zero-day in Kraken crypto exchange to steal $3 million worth of cryptocurrency. Kraken Chief Security Officer Nick Percoco revealed that alleged security resea ...
Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing s ...
AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they we ...
A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the at ...
VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exp ...
Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its ...
Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly sto ...
Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Initially, these attacks involved malicious software that encrypts a victim's ...
Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka "Dopenugget ...
Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances to breach target networks. In late 2023, Sygnia researchers responded to an incident suffere ...
The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the ...
A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of be ...
Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid scheme ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerabil ...
NHS England confirmed that multiple London hospitals impacted by the ransomware attack at Synnovis were forced to cancel planned operations. NHS England confirmed that the recent ransomware attack ...
In January 2025, European financial and insurance institutions, their business partners and providers, must comply with DORA. In January 2025, financial and insurance institutions in Europe and an ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ...
Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was t ...
Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tr ...
Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS a ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ...
The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (2 ...
JetBrains warned to fix a critical vulnerability in IntelliJ integrated development environment (IDE) apps that exposes GitHub access tokens. JetBrains warned customers to address a critical vulne ...
Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw. Microsoft Patch Tuesday security updates for June 2024 ...
A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000. A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen dat ...
Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, track ...
A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Ent ...
The Japanese video-sharing platform, Niconico, was forced to suspend its services following a cybersecurity incident. The Japanese video-sharing platform, Niconico, temporarily suspended its servi ...
The UK NHS issued an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals. The UK National Health Service (NHS) issued an urgent call for ...
Auction house Christie’s revealed that the data breach caused by the recent ransomware attack impacted 45,000 individuals. At the end of May, the auction house Christie’s disclosed a data bre ...
Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023, initial ...
Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen ...
A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE disc ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address mul ...
Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pa ...
Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA ...
A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell sc ...
The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. The FBI is inviting victims of LockBit ra ...
Researchers believe the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation. Cybersecurity experts who analyzed the recently emerged ransomware operation Ra ...
Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to ...
Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited v ...
A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing p ...
Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical ...
A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnosti ...
The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stol ...
Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. Resecurity has uncovered a new cybercriminal group pro ...
Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Researchers published a proof-of-concept (PoC) exploit code for an authentic ...
Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox ...
CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracl ...
Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distri ...
Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU's unit APT28 targeti ...
Personal information of hundreds of British and EU politicians is available on dark web marketplaces. According to research conducted by Proton and Constella Intelligence, the email addresses and ...
Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a R ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently cla ...
The vulnerability CVE-2021-44832 is Apache Log4j2 library is still a serious problem for multiple industries, expert warns it threatens global Finance. The independent cyber threat intelligence an ...
Crooks stole approximately 48.2 billion yen ($304 million) worth of Bitcoin from the Japanese cryptocurrency exchange DMM Bitcoin. The Japanese cryptocurrency exchange DMM Bitcoin announced that c ...
The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a hug ...
The Chalubo trojan destroyed over 600,000 SOHO routers from a single ISP, researchers from Lumen Technologies reported. Between October 25 and October 27, 2023, the Chalubo malware destroyed more ...
A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021. Cisco Talos researchers reported that a previously undocumented ...
The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members. The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files o ...
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the f ...
Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of ...
An international law enforcement operation, called Operation Endgame targeted multiple botnets and their operators. Between 27 and 29 May 2024, an international law enforcement operation coordinat ...
An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcem ...
Identity and access management firm Okta warns of credential stuffing attacks targeting the Customer Identity Cloud (CIC) feature. Okta warns of credential stuffing attacks targeting its Custome ...
Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero- ...
Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provid ...
Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred this month. Auction house Christie’s disclosed a data breach after the ransomware group RansomHub ...
Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at Horizon3's Attack Team released a proof-of-co ...
Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress ...
Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router. Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerabil ...
Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2 ...
Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. What is the impact? The almost overnight shift to remote work ...
Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to ...
Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software. Cisco addressed a vulnerability, tracked as CVE-2024-20360 ...
The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned o ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for ...
Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advance ...
The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update abou ...
GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked ...
Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a n ...
CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healt ...
The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provi ...
UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user's laptop every few seconds. The UK data watchdog, the Information ...
Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware T ...
Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabil ...
A previously unknown China-linked threat actor dubbed 'Unfading Sea Haze' has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown Ch ...
A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US. The security researcher Eric Daigle discovered a commercial spyware app ...
A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in ...
Resecurity warns of a surge in malicious cyber activity targeting the election in India, orchestrated by several independent hacktivist groups Resecurity has identified a spike of malicious cyber ...
GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentica ...
The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. OmniVision Technologies is a company that specializes in developing advanced digital ...
CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. Atlas is one of the largest national fuel distributors to 49 cont ...
A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE. Tenable researchers have discovered a severe vulner ...
Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor's NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabili ...
Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future's Insikt Group discovered a sophisticated cy ...
Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and ai ...
A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan ...
WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare managem ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec researchers observed the North Korea-linked ...
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an A ...
Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors na ...
The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas's city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware ...
CISA adds two D-Link DIR-600 and DIR-605 router vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the followi ...
CISA adds two Chrome zero-day vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added [1,2] the following vulnerabil ...
North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genians Security Center (GSC) identified a new at ...
Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor. MediSecure is a company that provides digital health solutions, pa ...
Google released security updates to address a new actively exploited Chrome zero-day vulnerability, the third in a week. Google has released a new emergency security update to address a new vulner ...
The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay. The Spanish financial institution Santander revealed a data breac ...
An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purcha ...
One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison. Alexey Pertsev (29), one of the main developers of the Tornado Cash cryptocurrency mixer h ...
Adobe addressed multiple code execution vulnerabilities in several products, including Adobe Acrobat and Reader. Adobe addressed multiple code execution vulnerabilities in its products, including ...
The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and ...
Microsoft Patch Tuesday security updates for May 2024 fixed 59 flaws across various products including an actively exploited zero-day. Microsoft Patch Tuesday security updates for May 2024 address ...
VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024 VMware addressed four vulnerabilities in its Workstatio ...
The non-profit technology organization MITRE released the EMB3D threat model for embedded devices used in critical infrastructure. MITRE announced the public release of its EMB3D threat model for ...
Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulner ...
Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. New Jersey's Cybersecurity and Communications Integration Cell (NJCCIC)� ...
Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhon ...
The City of Helsinki suffered a data breach that impacted tens of thousands of students, guardians, and personnel. The Police of Finland is investigating a data breach suffered by the City of Hels ...
A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be "first-class ...
Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders i ...
Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government's support to Ukraine with military equipment. Pro-Russia hackers targeted Kosovo government websites, in ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Adv ...
The cyber attack on the Ohio Lottery on Christmas Eve exposed the personal data of over 538,000 individuals. On Christmas Eve, a cyberattack targeting the Ohio Lottery resulted in the exposure of ...
Notorius threat actor IntelBroker claims that Europol has suffered a data breach that exposed FOUO and other classified data. The threat actor IntelBroker announced on the cybercrime forum Breach ...
A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country. Ascension is one of the largest private healthcare systems in the Unit ...
Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address a zer ...
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale ma ...
Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin's private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR ...
Dell disclosed a security breach that exposed millions of customers' names and physical mailing addresses. IT giant Dell suffered a data breach exposing customers’ names and physical addresses, ...
Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting rec ...
Cybersecurity firm Zscaler is investigating claims of a data breach after hackers offered access to its network. Cybersecurity firm Zscaler is investigating allegations of a data breach following ...
Two high-severity vulnerabilities in BIG-IP Next Central Manager can be exploited to gain admin control and create hidden accounts on any managed assets. F5 has addressed two high-severity vulnera ...
The LockBit ransomware group has added the City of Wichita to its Tor leak site and threatened to publish stolen data. Last week, the City of Wichita, Kansas, was the victim of a ransomware attack ...
TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack ...
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites. WPScan researchers reported that threat actors are exploiting a high- ...
A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. Researchers from Cisco Talos reported a use-after-free vulnerability in ...
The UK Ministry of Defense disclosed a data breach at a third-party payroll system that exposed data of armed forces personnel and veterans. The UK Ministry of Defense disclosed a data breach impa ...
The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of the LockBit operation and sanctioned him. The FBI, UK National Crime Agency, and Europol have unmasked the ...
MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence. MITRE has shared more details on the recent hack, including the new malware ...
Alexander Vinnik, a Russian operator of virtual currency exchange BTC-e pleaded guilty to participating in a money laundering scheme. Alexander Vinnik, a Russian national, pleaded guilty to conspi ...
The City of Wichita in Kansas was forced to shut down its computer systems after a ransomware attack. The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network t ...
Resecurity found a massive leak involving the exposure of personally identifiable information (PII) of over five million citizens of El Salvador on the Dark Web. Resecurity identified a massive le ...
Finland's Transport and Communications Agency (Traficom) warned about an ongoing Android malware campaign targeting bank accounts. Traficom, Finland's Transport and Communications Agency, issued a ...
Law enforcement seized the Lockbit group's Tor website again and announced they will reveal more identities of its operators Law enforcement seized the Lockbit group's Tor website again. The autho ...
NATO and the European Union formally condemned cyber espionage operations carried out by the Russia-linked APT28 against European countries. NATO and the European Union condemned cyber espionage o ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia. Since April 18, Synlab Italia, a major provider of medical dia ...
LockBit ransomware operators have published sensitive data allegedly stolen from the Simone Veil hospital in Cannes. In April, a cyber attack hit the Hospital Simone Veil in Cannes (CHC-SV), impac ...
The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations. Trend Micro researchers reported that the EdgeRouter botnet, called Moobot, used by the ...
Microsoft devised an attack technique, dubbed 'Dirty Stream,' impacting widely used Android applications, billions of installations are at risk. Microsoft is warning Android users about a new atta ...
Zloader continues to evolve, its authors added an anti-analysis feature that was originally present in the Zeus banking trojan. Zloader (aka Terdot, DELoader, or Silent Night) is a modular trojan ...
A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities. The Ukrainian national, Yaroslav Vasinskyi (24), aka Rab ...
HPE Aruba Networking addressed four critical remote code execution vulnerabilities impacting its ArubaOS network operating system. HPE Aruba Networking released April 2024 security updates that ad ...
Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached t ...
CISA adds GitLab Community and Enterprise Editions improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ...
Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates' personal information. Panda Restaurant Group disclosed a data breach that occurred in M ...
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia. Jareh Sebastian Dalke (32), of Colorado Springs, is a former emplo ...
A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Researchers at Lumen’s Black Lotus Labs discovere ...
A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files. A vulnerability, tracked as CVE-2024-27322 (CVSS v3: 8.8), ...
The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophis ...
Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion. A popular 26-year-old Finnish hacker Aleksanteri Kivimäki wa ...
The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure against AI-based attacks. CISA collaborated with Sector Risk Management Agencies ...
The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. The U.K. National Cyber Security Centre (NCSC) is urging manuf ...
The Federal Communications Commission (FCC) fined the largest U.S. wireless carriers $200 million for sharing customers' real-time location data without consent. The FCC has fined four major U. ...
Google announced they have prevented 2.28 million policy-violating apps from being published in the official Google Play. Google announced that in 2023, they have prevented 2.28 million policy-vio ...
Financial Business and Consumer Solutions (FBCS) suffered a data breach that exposed information 2 million individuals. Debt collection agency Financial Business and Consumer Solutions (FBCS) disc ...
A Belarusian group of activist group claims to have infiltrated the network of the country’s main KGB agency. The Belarusian hacktivist group Cyber-Partisans claims to have infiltrated the netwo ...
The Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients' personal and health information. The Los Angeles County Department of Health Service ...
Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances. Multiple vulnerabilities found in the Brocade SANnav storage area ne ...
ICICI Bank, a major private bank in India, mistakenly exposed the sensitive data of thousands of new credit cards to unintended recipients. ICICI Bank, one of the leading private banks in India, a ...
Identity and access management services provider Okta warned of a spike in credential stuffing attacks aimed at online services. In recent weeks, Okta observed a surge in credential stuffing attac ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike. Security experts at Deep Instinct Threat Lab have uncovered a targeted c ...
Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedic ...
ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware n ...
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites WordPress security scanner WPScan warns that threat actors are exploi ...
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new ...
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals in the United States. Kaiser Permanente is an American integrated managed care ...
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over 1,400 CrushFTP internet-facing servers are vulnerable to attac ...
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail c ...
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following v ...
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-3 ...
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer Samourai. The U.S. Department of Justice (DoJ) has arrested two co-founders of the cryptocur ...
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine. Google addressed four vulnerabilities in the Chrome web browser, includ ...
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Cisco Talos warned that the nation-state actor UAT4356 (aka ...
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign ...
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their role in cyberattacks against the U.S.. The U.S. Treasury Department's Office of Foreig ...
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted the council's operations The Leicester City Council suffered a cybe ...
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities. The National Police Agency in South Korea warns that North Korea-link ...
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the commercial spyware business. The US Department of State is imposing visa restrictions on 13 individ ...
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical diagnosis services, since April 18. Since April 18, Synlab Italia, a major provider of medical diagno ...
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “Forest Blizz ...
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations ...
Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server. Japan's CERT warned that the WordPress plugin Forminator, developed b ...
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. A joint advisory published by CISA, the FBI, Europol, ...
Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote. Researchers from Kaspersky discovered the DuneQuixote ca ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ...
Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn. CrushFTP is a file transfer server software that enables secure ...
A French hospital was forced to return to pen and paper and postpone medical treatments after a cyber attack. A cyber attack hit Hospital Simone Veil in Cannes (CHC-SV) on Tuesday, impacting med ...
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its ...
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher Wray. FBI Director Christopher Wray warned this week that China-linked t ...
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) i ...
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the thre ...
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordin ...
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapek ...
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Man ...
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical ...
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can lead to remote command execution. Ivanti addressed multiple flaws in its Avalanche ...
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks' PAN-OS. Researchers at watchTowr Labs have released a technical analysis of the ...
Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. Cisco Talos researchers wa ...
The PuTTY Secure Shell (SSH) and Telnet client are impacted