CDM (CYBER DEFENSE MAGAZINE) PRESENTS: CYBER WARNINGS DECEMBER 2013 EDITION The December edition of the free Cyber Defense Magazine is out. Don't miss it. SPONSORED BY RSA CONFERENCE 2014 ...
The Russian hacker known as "HASH" and "Rev0lver" took control of a BBC server and attempted to sell access to it to other cybercriminals. A hacker compromised a server at the BBC (British Broadcas ...
A rapid look to last trends in malware development observed by security experts at TrendMicro, old threat including new improvements. Security experts have observed during last months an increase in ...
Der Spiegel revealed that the TAO unit of NSA planted backdoors to access computers, hard drives, routers, and other devices from principal vendors. Germany’s Der Spiegel has published another dis ...
November 16, 2023
November 16, 2023
BT Group (formerly British Telecom)'s Conferencing division shut down some of its servers following a Black Basta ransomware attack. British multinational telecommunications holding company BT Gro ...
Germany's largest crime marketplace, Crimenetwork, has been shut down, and an administrator has been arrested. German authorities announced the takedown of Crimenetwork, the largest German-speakin ...
Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code. Veeam released security updates for a critical vulnerabilit ...
Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks in a joint advisory. Australia, Canada, New Zealand, and the U.S. issued a joint advisory ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity a ...
Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is bei ...
The Japanese cryptocurrency platform DMM Bitcoin is closing its operations just six months after a $300 million cyber heist. DMM Bitcoin is a cryptocurrency exchange based in Japan, operated by DM ...
ENGlobal Corporation disclosed a ransomware attack, discovered on November 25, disrupting operations, in a filing to the SEC. A ransomware attack disrupted the operations of a major energy industr ...
Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland's government has been investigating the alleged misus ...
The Tor Project seeks help deploying 200 WebTunnel bridges by year-end to counter government censorship. Recent reports from Russia show increased censorship targeting the Tor network, including b ...
International law enforcement operation Operation HAECHI-V led to more than 5,500 suspects arrested and seized over $400 million. A global operation code-named Operation HAECHI V, involving 40 cou ...
Generative Artificial Intelligence (GAI) is rapidly revolutionizing various industries, including cybersecurity, allowing the creation of realistic and personalized content. The capabilities that ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware E ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Financially-motivated threat actors hacked Uganda 's central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered ...
Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian authorities arrested a ransomware affiliate, Mikhail Pav ...
Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Trustwave researchers are monitoring malicious a ...
Zello urges customers with accounts created before November 2 to reset passwords following a potential security breach. Zello is warning customers who have an account created before November 2 to ...
UK's Wirral University Teaching Hospital suffered a cyberattack that caused delays in appointments and procedures. Wirral University Teaching Hospital NHS Foundation Trust (WUTH) is an NHS Foundat ...
T-Mobile reported recent infiltration attempts but pointed out that threat actors had no access to its systems and no sensitive data was compromised. T-Mobile detected recent infiltration attempts ...
Researchers warn that a critical security flaw in ProjectSend open-source file-sharing application may be under active exploitation. VulnCheck researchers warn that ProjectSend vulnerability CVE- ...
ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UE ...
Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five ...
Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries and dismantled 134,089 malicious networks. A joint law enforcement operation by INTERPOL and AFRIPOL across 19 African ...
The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0 ...
Blue Yonder, a supply chain software provider, suffered a ransomware attack, impacting operations for clients like Starbucks and grocery stores. A ransomware attack on Blue Yonder disrupted operat ...
Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
Thai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members ...
Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a rece ...
Threat actors exploit an outdated Avast Anti-Rootkit driver to evade detection, disable security tools, and compromise the target systems. Trellix researchers uncovered a malware campaign that abu ...
Russia-linked threat actors TAG-110 employed custom malware HATVIBE and CHERRYSPY to target organizations in Asia and Europe. Insikt Group researchers uncovered an ongoing cyber-espionage campaign ...
A senior UK minister will warn that Russia is preparing cyberattacks against the UK and its allies to undermine support for Ukraine. Russia may launch cyberattacks against the UK and its allies in ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
The U.S. seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. The US Department of Justice announced the seizure of PopeyeTo ...
A cyberattack on gambling giant IGT disrupted its systems, forcing the company to take certain services offline. International Game Technology (IGT) detected a cyberattack on November 17, the comp ...
China-linked APT Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane in attacks targeting East and Southeast Asia. China-linked APT Gelsemium has deployed a previously unknown ...
Microsoft disrupted the ONNX phishing service, seizing 240 sites and naming an Egyptian man as the operator behind the operation. Microsoft announced the disruption of the ONNX phishing service, a ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Ag ...
Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromi ...
Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government i ...
The U.S. Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. The U.S. Justice Department charged five alleged members of the cybercr ...
A threat actor had access to electronic patient record system of an unnamed French hospital, and the health data of 750,000 patients was compromised. An unnamed French hospital suffered a data bre ...
Decade-old flaws in the needrestart package in Ubuntu Server could allow local attackers to gain root privileges without user interaction. The Qualys Threat Research Unit (TRU) discovered five Loc ...
Ford investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised. Ford investigation investigated a data breach after a thre ...
A hacker allegedly accessed a file containing testimony from a woman claiming she had sex with Matt Gaetz when she was 17, sparking controversy. The New York Times reported that a hacker, who goes ...
Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilit ...
Threat actors exploit misconfigured JupyterLab and Jupyter Notebooks servers to rip sports streams and illegally redistribute them. Researchers from security firm Aqua observed threat actors explo ...
Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Pt ...
A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information. On September 8, 2024, Great Plains Regional Medical Ce ...
Threat actors are actively exploiting two VMware vCenter Server vulnerabilities tracked as CVE-2024-38812 and CVE-2024-38813, Broadcom warns. Broadcom warns that the two VMware vCenter Server vuln ...
The Library of Congress discloses the compromise of some of its IT systems, an alleged foreign threat actor hacked their emails. The Library of Congress informed lawmakers about a security breach ...
T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espio ...
GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. GDPR: The landscape of data privacy and protec ...
A Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. It’s one of the most critical WordPress vulnerabilities ever. Wordfence researchers warn of a vulner ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. Researchers at the Shadowserver Foundation observed a botnet exploiting a ze ...
Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit acce ...
The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a .NET-based information stealer that targets browser exten ...
Bitfinex hacker, Ilya Lichtenstein, who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. "Ilya Lichtenstein was sentenced today to five years in ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secu ...
The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure. Days after D-Link announced it wouldn't patch a ...
China-linked threat actors breached U.S. broadband providers and gained access to private communications of a limited number of U.S. government officials. The FBI and CISA continues to investigate ...
Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system's drives. ShrinkLocker ransomware was first discovered in May 2024 by ...
China's Volt Typhoon botnet has re-emerged, using the same core infrastructure and techniques, according to SecurityScorecard researchers. The China-linked Volt Typhoon's botnet has resurfaced usi ...
Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Zoom addressed six vulnerabilities in its video ...
Microsoft Patch Tuesday security updates for November 2024 addressed 89 vulnerabilities, including two actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for November 2024 ...
A cyber attack affected Ahold Delhaize USA brands, disrupting Giant Food, Hannaford, their pharmacies, and e-commerce services. A cyber attack hit the food giant Ahold Delhaize impacting US pharma ...
A cyberattack in Israel allegedly disrupted communication services, causing widespread malfunction of credit card readers across the country on Sunday. The Jerusalem Post reported that thousands o ...
Apple iOS supports a new feature that reboots locked devices after extended inactivity, aiming to enhance data security for users. Apple 'quietly' implemented a new security feature that automatic ...
New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir rans ...
Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data ...
Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a ne ...
South Korea claims Pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea's government blames pro-Russia threat actors ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CF ...
Multiple vulnerabilities in the infotainment unit Mazda Connect could allow attackers to execute arbitrary code with root access. Trend Micro's Zero Day Initiative warned of multiple vulnerabiliti ...
A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware ...
Texas oilfield supplier Newpark Resources suffered a ransomware attack that disrupted its information systems and business applications. Texas oilfield supplier Newpark Resources revealed that a r ...
Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to l ...
Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely s ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ...
SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage malware. SentinelLabs researchers identified a North Korea-link ...
Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology ...
Cisco fixed a critical flaw in URWB access points, allowing attackers to run root commands, compromising industrial wireless automation security. Cisco has addressed a critical vulnerability, trac ...
A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. INTERPOL announced this week i ...
Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, an ...
South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users' sensitive data, including political views and sexual orientation, with advertisers. South Korea's data privacy w ...
Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerabi ...
The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed Toxi ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds PTZOptics PT30X-SDI/NDI camera bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. Canadian law enforcement agencies arrested a suspect, Alexan ...
Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild. Threat actors are actively exploiting a vulnerability, tracked as CVE-2024-43093 ...
The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber ...
Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing milli ...
U.S. intel says Russia made a fake video claiming Haitians voted illegally in Georgia, aiming to spread election disinformation. U.S. intel reports Russia created a fake viral video falsely claimi ...
German police shut down DDoS-for-hire platform Dstat.cc and arrested two men accused of operating the site used for launching DDoS attacks. German police shut down the DDoS-for-hire platform Dstat ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
US Election 2024 - The FBI warned that two fake videos on X spread false claims of ballot fraud and misinformation about Kamala Harris’s husband. In a post on X on Saturday, the Federal Bureau o ...
Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to ...
A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being f ...
Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long "cat-and-mouse" battle with China-linked threat a ...
Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracke ...
New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSp ...
LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Play ...
Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank, formally the Banco Internacional del Perú Service Holding S.A ...
QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, ...
The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of ...
Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scale spear-phishing campaign by Russia-linked APT ...
QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. QNAP addressed a critical zero-day vulnerability, tracke ...
A global law enforcement operation disrupted RedLine and Meta infostealers, seizing their infrastructure and making arrests. The Dutch police announced it has dismantled infrastructure used by Red ...
Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vuln ...
Suspected Russia-linked espionage group UNC5812 targets Ukraine's military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812 ...
French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free S.A.S. is a French telecommunications ...
Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individu ...
A long supply chain adds third-party risks, as each partner's security affects your own, making identity and access management more challenging. Identity-related attack vectors are a significant c ...
ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks. ReliaQuest researchers warn that Black Basta ransomware affiliates swit ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for ha ...
China-linked threat actors targeted the phone communications of Donald Trump and vice presidential nominee JD Vance. China-linked hackers reportedly targeted phones used by former President D ...
Irish Data Protection Commission fined LinkedIn €310M for violating user privacy by using behavioral data analysis for targeted advertising. Irish Data Protection Commission fined LinkedIn €31 ...
The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by C ...
US hospice pharmacy OnePoint Patient Care suffered a data breach that exposed the personal info of approximately 800,000 individuals. OnePoint Patient Care is a U.S.-based pharmacy specializing in ...
DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybe ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ...
On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24. On day two of Pwn2Own Ireland 2024, hackers demonstrated attacks against 51 zero-day vu ...
Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign. Cisco addressed multiple vulnerabilities in Adaptive Sec ...
The "FortiJump" flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant. A new report published by Mandiant states that the recently ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agen ...
Resecurity reports a rise in political content related to the 2024 US elections on social media, with increased activity from foreign sources. Resecurity has detected a substantial increase in the ...
Threat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances, Trend Micro warns. Trend Micro researchers observed attackers targeting Docker remo ...
Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. Data Security Posture Manageme ...
The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four compan ...
Google’s Threat Analysis Group (TAG) researchers warn of a Samsung zero-day vulnerability that is exploited in the wild. Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulner ...
Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol's 'Operation Endgame' that disrupted its operations in May. The Bumblebee malware loader has resurfaced ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (C ...
VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as ...
Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by the notorious threat actor IntelBroker ...
The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users ...
Hackers exploited a now-patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software. Researchers from Positive Technologies warn that unknown threat ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Technology firm F5 patches a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity flaw in BIG-IQ. F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise pro ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...
North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt ...
Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to c ...
U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S. ...
Microsoft disclosed a flaw in the macOS Apple's Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulne ...
The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, ...
Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (a ...
A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-20 ...
VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked ...
Brazil's Polícia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil's Polícia Federal (PF) announced the arrest in Belo Horizonte/MG of ...
Finnish Customs shut down the Tor darknet marketplace Sipulitie and seized the servers hosting the platform. Finnish Customs, with the help of Europol, Swedish and Polish law enforcement authoriti ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cy ...
GitHub addressed a critical vulnerability in Enterprise Server that could allow unauthorized access to affected instances. Code hosting platform GitHub addressed a critical vulnerability, tracked ...
North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the ...
WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site. The maintainers of the WordPress Jetpack plugin have ...
Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ...
An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation- ...
Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement o ...
US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investmen ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR ...
As Middle East tensions rise, cyberattacks hit Iran’s government branches and nuclear facilities, following Israel's response to Iran's October 1 missile barrage. Amid escalating Middle East ten ...
Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical v ...
GitLab issued updates for CE and EE to address multiple flaws, including a critical bug allowing CI/CD pipeline runs on unauthorized branches. GitLab released security updates for Community Editio ...
OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influ ...
The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its "The Wayback Machine." The Internet Archive is an American nonprofit digital librar ...
Jscrambler researchers found a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer named Mongolian Skimmer. Jscrambler researchers uncovered a skimming ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Ag ...
Mozilla released an urgent Firefox update to fix a critical use-after-free vulnerability actively exploited in ongoing attacks. Mozilla released an emergency security update for its Firefox browse ...
Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an at ...
Resecurity reports a rise in attacks on AI Conversational platforms, targeting chatbots that use NLP and ML to enable automated, human-like interactions with consumers. Resecurity has observed a s ...
A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A recent investigation by Kaspersky researchers into ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ...
Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer, used to steal sensitive data globally. Ukrainian national Mark Sokolovsky has pleaded guilty in a US court to ...
MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. In September, American interstate and international peer-to-peer payments ...
American Water, the largest publicly traded water and wastewater utility company in the US, shut down some of its systems following a cyberattack. American Water, the largest U.S. water and wastew ...
Universal Music Group notified hundreds of individuals about a data breach compromising their personal information. Universal Music Group is notifying 680 individuals about a data breach that comp ...
Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv's hackers. A Ukrainian government source told Reuters that Kyiv's hackers are behind the ...
238,000 Comcast customers were impacted by the FBCS data breach following the February ransomware attack, Comcast reports. Telecommunications giant Comcast is notifying approximately 238,000 custo ...
A critical vulnerability in the Apache Avro Java Software Development Kit (SDK) could be exploited to execute arbitrary code on vulnerable instances. A critical vulnerability, tracked as CVE-2024- ...
A man from Indiana pleaded guilty to stealing over $37M in cryptocurrency from 571 victims during a 2022 cyberattack. Evan Frederick Light, 21, of Lebanon, Indiana, pleaded guilty to conspiracy to ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Zimbra Collaboration vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ...
China-linked APT group Salt Typhoon breached U.S. broadband providers, potentially accessing systems for lawful wiretapping and other data. China-linked APT group Salt Typhoon (also known as Famo ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
Google announced that its Pixel 9 has implemented new security features, and it supports measures to mitigate baseband attacks. Pixel phones are known for their strong security features, particula ...
A high-severity flaw in the WordPress LiteSpeed Cache plugin could allow attackers to execute arbitrary JavaScript code under certain conditions. A high-severity security flaw, tracked as CVE-2024 ...
Apple released iOS 18.0.1 update that addressed two vulnerabilities that exposed passwords and audio snippets to attackers. Apple released iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabi ...
Google removed Kaspersky 's Android security apps from the Play Store and suspended its developer accounts over the weekend. Over the weekend, all the Android products designed by the Russian cybe ...
perfctl malware targets misconfigured Linux servers to deploy cryptocurrency miners and proxyjacking software in an ongoing campaign. Aqua Nautilus researchers shed light on a Linux malware, dubbe ...
Microsoft and the U.S. DoJ seized over 100 domains used by the Russia-linked Callisto Group for launching attacks on U.S. government and nonprofits. The Justice Department revealed the unsealing o ...
The Dutch government blames a "state actor" for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state acto ...
Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Sansec researchers reported that multiple threat actors have explo ...
Telegram fulfilled over a dozen U.S. law enforcement data requests this year, potentially revealing the IP addresses or phone numbers of 100+ users. Independent website 404 Media first revealed th ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Endpoint Manager (EPM) vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ...
Multiple flaws in DrayTek residential and enterprise routers can be exploited to fully compromise vulnerable devices. Forescout researchers discovered 14 new vulnerabilities in DrayTek routers, tw ...
The Rhadamanthys information stealer has been upgraded with advanced features, including the use of artificial intelligence (AI) for optical character recognition (OCR). Researchers at the Recorde ...
Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor's Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting ...
An international police operation led to the arrest of four individuals linked to the LockBit ransomware group, including a developer. Europol, the UK, and the US law enforcement authorities annou ...
US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an ...
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabiliti ...
AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that ...
North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cybe ...
The ransomware attack on Patelco Credit Union this summer led to a data breach affecting over 1 million individuals, revealed the company. Patelco Credit Union is a member-owned, not-for-profit c ...
Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. In May, the Community Clinic of Maui experienced a major IT outage that impa ...
The Department of Justice charged a British national for hacking into the systems of five U.S. organizations. The Department of Justice charged the British national Robert Westbrook (39) for hacki ...
A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host. Critical vulnerability CVE-2024-0132 (CVSS score 9.0) in the ...
Israel allegedly hacked Beirut airport 's control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of ...
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffair ...
The Irish Data Protection Commission (DPC) fined Meta €91 million for storing the passwords of hundreds of millions of users in plaintext. The Irish Data Protection Commission (DPC) has fined Me ...
The Kuwait Health Ministry is recovering from a cyberattack that disrupted systems at multiple hospitals and disabled the Sahel healthcare app. Kuwait’s Health Ministry was the victim of a cyber ...
The Tor Project and Tails OS have joined forces and merged operations to counter a growing number of digital threats. The Tor Project and Tails have merged operations to enhance collaboration and ...
UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country. U.K. transport officials and police are investigating a cyber attack on publi ...
A researcher has disclosed details of an unpatched Linux vulnerability, initially labeled as critical, that allows remote code execution. The popular cybersecurity researcher Simone Margaritelli ( ...
The U.S. government sanctioned the virtual currency exchanges Cryptex and PM2BTC for facilitating cybercrime and money maundering. The U.S. government sanctioned two cryptocurrency exchanges, Cryp ...
Researchers discovered critical flaws in Kia's dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. In June 2024, a team of experts (Neiko Rivera, Sam Cu ...
Cisco’s Talos reported critical and high-severity flaws in OpenPLC that could lead to DoS condition and remote code execution. Cisco’s Talos threat intelligence unit has disclosed details of f ...
China-linked threat actors compromised some U.S. internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. China-linked threat actors have breached several ...
Privacy non-profit noyb filed a complaint with the Austrian DPA against Firefox for enabling tracking in Firefox without user consent. Privacy non-profit None Of Your Business (noyb) has filed a c ...
The personal information of over 3,000 congressional staffers was leaked on the dark web following a major cyberattack on the U.S. Capitol. The personal information of approximately 3,191 congress ...
Experts warn of Necro Trojan found in Google Play, threat actors are spreading it through fake versions of legitimate Android apps. Researchers from Kaspersky discovered a new version of the Necro ...