Security

Pierluigi Paganini July 17, 2024
Void Banshee exploits CVE-2024-38112 zero-day to spread malware

Void Banshee APT group exploited the Windows zero-day CVE-2024-38112 to execute code via the disabled Internet Explorer. An APT group tracked as Void Banshee was spotted exploiting the Windows zero-day CVE-2024-38112 (CVSS score of 7.5) to execute code through the disabled Internet Explorer. The vulnerability is a Windows MSHTML Platform Spoofing Vulnerability. Successful exploitation of […]

Pierluigi Paganini July 16, 2024
CISA adds OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OSGeo GeoServer GeoTools eval injection vulnerability, tracked as CVE-2024-36401 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. GeoServer is an open-source server that allows […]

Pierluigi Paganini July 16, 2024
Kaspersky leaves U.S. market following the ban on the sale of its software in the country

Kaspersky is leaving the U.S. market following the recent ban on the sales of its software imposed by the Commerce Department. Russian cybersecurity firm Kaspersky announced its exit from the U.S. market following the ban on the sale of its software in the country by the Commerce Department. In June, the Biden administration announced it […]

Pierluigi Paganini July 16, 2024
FBI unlocked the phone of the suspect in the assassination attempt on Donald Trump

The FBI gained access to the password-protected phone of the suspect in the assassination attempt on Donald Trump. The independent website 404 Media first reported that the FBI had successfully accessed the password-protected phone of Thomas Matthew Crooks, the deceased suspect in the assassination attempt on Donald Trump. “FBI technical specialists successfully gained access to […]

Pierluigi Paganini July 15, 2024
Ransomware groups target Veeam Backup & Replication bug

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) impacts the Veeam Backup & Replication component. An attacker can exploit the issue to obtain encrypted credentials stored in the configuration database, potentially leading to gaining access to the backup infrastructure hosts. […]

Pierluigi Paganini July 15, 2024
AT&T paid a $370,000 ransom to prevent stolen data from being leaked

Wired attributes the recently disclosed AT&T data breach to a hacker living in Turkey and reported the company paid a $370,000 ransom. An American hacker who lives in Turkey claimed responsibility for the recently disclosed AT&T data breach. The man also said the company paid a ransom to ensure that stolen data would be deleted, […]

Pierluigi Paganini July 14, 2024
Security Affairs newsletter Round 480 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations Rite Aid disclosed […]

Pierluigi Paganini July 12, 2024
Critical flaw in Exim MTA could allow to deliver malware to users’ inboxes

A critical vulnerability in Exim mail server allows attackers to deliver malicious executable attachments to mailboxes. Attackers can exploit a critical security flaw, tracked as CVE-2024-39929 (CVSS score of 9.1), in the Exim mail transfer agent to deliver malicious attachments to target users’ inboxes. Exim is a widely used Mail Transfer Agent (MTA) designed to […]

Pierluigi Paganini July 12, 2024
Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin […]

Pierluigi Paganini July 11, 2024
AI-Powered Russia’s bot farm operates on X, US and its allies warn

The US and its allies disrupted an AI-powered Russia-linked bot farm on the social media platform X relying on the Meliorator AI software. The U.S. FBI and Cyber National Mission Force, along with Dutch and Canadian intelligence and security agencies, warned social media companies about Russian state-sponsored actors using covert AI software, Meliorator, in disinformation […]