Security

Pierluigi Paganini July 01, 2024
Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769

Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation attempts for the critical vulnerability CVE-2024-0769 (CVSS score 9.8) impacting all D-Link DIR-859 WiFi routers. The vulnerability is a path traversal issue that can lead to information disclosure. Threat actors are exploiting the […]

Pierluigi Paganini June 30, 2024
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Infosys McCamish Systems data breach impacted over 6 million people A cyberattack shut down the University Hospital Centre […]

Pierluigi Paganini June 27, 2024
CISA adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the flaws added to the KEV catalog: According to Binding Operational […]

Pierluigi Paganini June 26, 2024
New MOVEit Transfer critical bug is actively exploited

Experts warn of active exploitation of a critical authentication bypass vulnerability in MOVEit Transfer file transfer software. Progress Software addressed two critical authentication bypass vulnerabilities, tracked as CVE-2024-5805 and CVE-2024-5806, affecting its MOVEit Transfer file transfer software. The vulnerability CVE-2024-5805 (CVSS score 9.1) is an improper authentication vulnerability in Progress MOVEit Gateway (SFTP module) that allows authentication […]

Pierluigi Paganini June 25, 2024
Wikileaks founder Julian Assange is free

WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five years in Belmarsh prison. Julian Assange is free after five years in Belmarsh prison, the WikiLeaks founder has been released in the U.K. and is flying to the island of Saipan in the Northern Mariana Islands, to make […]

Pierluigi Paganini June 25, 2024
CISA confirmed that its CSAT environment was breached in January.

CISA warned chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was compromised in January. CISA warns chemical facilities that its Chemical Security Assessment Tool (CSAT) environment was breached in January. In March, the Recorded Future News first reported that the US Cybersecurity and Infrastructure Security Agency (CISA) agency was hacked in February. In response […]

Pierluigi Paganini June 24, 2024
Experts observed approximately 120 malicious campaigns using the Rafel RAT

Multiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research identified multiple threat actors using Rafel, an open-source remote administration tool (RAT). The researchers spotted an espionage group using Rafel, highlighting the tool’s effectiveness across different threat profiles and goals. Previously, Check Point observed the cyber […]

Pierluigi Paganini June 23, 2024
Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US government sanctions twelve Kaspersky Lab executives Experts found a bug in the Linux version of RansomHub ransomware […]

Pierluigi Paganini June 23, 2024
Threat actors are actively exploiting SolarWinds Serv-U bug CVE-2024-28995

Threat actors are actively exploiting a recently discovered vulnerability in SolarWinds Serv-U software using publicly available proof-of-concept (PoC) code. Threat actors are actively exploiting a recently discovered vulnerability, tracked as CVE-2024-28995, in SolarWinds Serv-U software. The vulnerability CVE-2024-28995 is a high-severity directory transversal issue that allows attackers to read sensitive files on the host machine. […]

Pierluigi Paganini June 22, 2024
US government sanctions twelve Kaspersky Lab executives

The Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned twelve Kaspersky Lab executives for their role in the Russian company. The Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for their role in the Russian company. All the sanctioned individuals are in executive and senior leadership roles at AO Kaspersky […]