MUST READ

Government of Bermuda blames Russian threat actors for the cyber attack

 | 

Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware

 | 

CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog

 | 

Information of Air Canada employees exposed in recent cyberattack

 | 

Sandman APT targets telcos with LuaDream backdoor

 | 

Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws

 | 

Ukrainian hackers are behind the Free Download Manager supply chain attack

 | 

Space and defense tech maker Exail Technologies exposes database access

 | 

Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions

 | 

Experts found critical flaws in Nagios XI network monitoring software

 | 

The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs

 | 

International Criminal Court hit with a cyber attack

 | 

GitLab addressed critical vulnerability CVE-2023-5009

 | 

Trend Micro addresses actively exploited zero-day in Apex One and other security Products

 | 

ShroudedSnooper threat actors target telecom companies in the Middle East

 | 

Recent cyber attack is causing Clorox products shortage

 | 

Earth Lusca expands its arsenal with SprySOCKS Linux malware

 | 

Microsoft AI research division accidentally exposed 38TB of sensitive data

 | 

German intelligence warns cyberattacks could target liquefied natural gas (LNG) terminals

 | 

Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry

 | 

FBI hacker USDoD leaks highly sensitive TransUnion data

 | 

North Korea's Lazarus APT stole almost $240 million in crypto assets since June

 | 

Clop gang stolen data from major North Carolina hospitals

 | 

CardX released a data leak notification impacting their customers in Thailand

 | 

Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition

 | 

TikTok fined €345M by Irish DPC for violating children’s privacy

 | 

Dariy Pankov, the NLBrute malware author, pleads guilty

 | 

Dangerous permissions detected in top Android health apps

 | 

Caesars Entertainment paid a ransom to avoid stolen data leaks

 | 

Free Download Manager backdoored to serve Linux malware for more than 3 years

 | 

Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York

 | 

The iPhone of a Russian journalist was infected with the Pegasus spyware

 | 

Kubernetes flaws could lead to remote code execution on Windows endpoints

 | 

Threat actor leaks sensitive data belonging to Airbus

 | 

A new ransomware family called 3AM appears in the threat landscape

 | 

Redfly group infiltrated an Asian national grid as long as six months

 | 

Mozilla fixed a critical zero-day in Firefox and Thunderbird

 | 

Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws

 | 

Save the Children confirms it was hit by cyber attack

 | 

Adobe fixed actively exploited zero-day in Acrobat and Reader

 | 

A new Repojacking attack exposed over 4,000 GitHub repositories to hack

 | 

MGM Resorts hit by a cyber attack

 | 

Anonymous Sudan launched a DDoS attack against Telegram

 | 

Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor

 | 

GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023

 | 

CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog

 | 

UK and US sanctioned 11 members of the Russia-based TrickBot gang

 | 

New HijackLoader malware is rapidly growing in popularity in the cybercrime community

 | 

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

 | 

Evil Telegram campaign: Trojanized Telegram apps found on Google Play

 | 

Rhysida Ransomware gang claims to have hacked three more US hospitals

 | 

Akamai prevented the largest DDoS attack on a US financial company

 | 

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

 | 

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog

 | 

Ragnar Locker gang leaks data stolen from the Israel's Mayanei Hayeshua hospital

 | 

North Korea-linked threat actors target cybersecurity experts with a zero-day

 | 

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

 | 

Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

 | 

Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs

 | 

A malvertising campaign is delivering a new version of the macOS Atomic Stealer

 | 

Two flaws in Apache SuperSet allow to remotely hack servers

 | 

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

 | 

Google addressed an actively exploited zero-day in Android

 | 

A zero-day in Atlas VPN Linux Client leaks users' IP address

 | 

MITRE and CISA release Caldera for OT attack emulation

 | 

ASUS routers are affected by three critical remote code execution flaws

 | 

Hackers stole $41M worth of crypto assets from crypto gambling firm Stake

 | 

Freecycle data breach impacted 7 Million users

 | 

Meta disrupted two influence campaigns from China and Russia

 | 

A massive DDoS attack took down the site of the German financial agency BaFin

 | 

"Smishing Triad" Targeted USPS and US Citizens for Data Theft

 | 

University of Sydney suffered a security breach caused by a third-party service provider

 | 

Cybercrime will cost Germany $224 billion in 2023

 | 

PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks

 | 

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

 | 

LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)

 | 

UNRAVELING EternalBlue: inside the WannaCry’s enabler

 | 

Researchers released a free decryptor for the Key Group ransomware

 | 

Fashion retailer Forever 21 data breach impacted +500,000 individuals

 | 

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

 | 

Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication

 | 

Paramount Global disclosed a data breach

 | 

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

 | 

Abusing Windows Container Isolation Framework to avoid detection by security products

 | 

Critical RCE flaw impacts VMware Aria Operations Networks

 | 

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

 | 

Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months

 | 

FIN8-linked actor targets Citrix NetScaler systems

 | 

Japan's JPCERT warns of new 'MalDoc in PDF' attack technique

 | 

Attackers can discover IP address by sending a link over the Skype mobile app

 | 

Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software

 | 

Cloud and hosting provider Leaseweb took down critical systems after a cyber attack

 | 

Crypto investor data exposed by a SIM swapping attack against a Kroll employee

 | 

China-linked Flax Typhoon APT targets Taiwan

 | 

Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035

 | 

credit card data

Pierluigi Paganini July 12, 2021
Magecart hackers hide stolen credit card data into images and bogus CSS files

Magecart hackers continuously improve their exfiltration techniques to evade detection, they are hiding stolen credit card data into images. Magecart hackers have devised a new technique to obfuscating the malware within comment blocks and hide stolen credit card data into images evading detection. Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with […]

Pierluigi Paganini May 14, 2021
Magecart gang hides PHP-based web shells in favicons

Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript skimmers into online stores. Magecart hackers are distributing malicious PHP web shells hidden in website favicon to inject JavaScript e-skimmers into online stores and steal payment information. Researchers from Malwarebytes observed threat actors, likely Magecart […]

Pierluigi Paganini March 25, 2020
Tupperware website has been compromised with a payment card skimmer

The Tupperware website, the popular manufactured of plastic food container products was infected with a payment card skimmer. Hackers have compromised the website of the popular vendor of plastic food container products Tupperware implanting a payment card skimmer used to steal customers’ payment card details. The official website has approximately 1 million monthly visits on average. […]

Pierluigi Paganini August 02, 2019
Over 1 Million payment cards from South Korea sold on the Dark Web

Data belonging to more than one million payment cards from South Korea surfaced in the dark web over the past two months. Experts noticed a spike in the number of stolen payment card details belonging to users from South Korea over the past two months. Card details from over one million payments cards from South […]

Pierluigi Paganini January 21, 2018
OnePlus admitted hackers stole credit card information belonging to up to 40,000 customers

OnePlus confirmed that a security breach affected its online payment system, hackers stole credit card information belonging to up to 40,000 customers. OnePlus confirmed that a security breach affected its online payment system, a few days ago many customers of the Chinese smartphone manufacturer claimed to have been the victim of fraudulent credit card transactions after making purchases […]

Pierluigi Paganini January 16, 2018
Customers reporting OnePlus payment website was hacked and reported credit card fraud

Several customers of the Chinese smartphone manufacturer. OnePlus claim to have been the victim of fraudulent credit card transactions after making purchases on the company webstore. A large number of OnePlus users claim to have been the victim of fraudulent credit card transactions after making purchases on the official website of the Chinese smartphone manufacturer. Dozens […]

Pierluigi Paganini July 08, 2017
Hard Rock and Loews hotel chains notified guests of security breaches

Hard Rock and Loews hotel chains notified guests of security breaches, the incidents are linked to hack of the SynXis platform provided by the Sabre firm. It has happened again, the Hard Rock Hotels and Casinos franchise is alerting guests about a possible data breach. Customers have to monitor their bank account for suspicious activity […]

Pierluigi Paganini June 29, 2016
For the second time Hard Rock Las Vegas suffered a data breach

On Monday the Hard Rock Hotel & Casino in Las Vegas disclosed for the second time a data breach that compromised customers’ payment card data. It has happened again, earlier this week the Hard Rock Hotel & Casino in Las Vegas disclosed a data breach, it is the second time the casino suffered a cyber attack. […]

Pierluigi Paganini March 30, 2016
TreasureHunt PoS Malware targets small retailers and banks

Security experts at FireEye have spotted the activity of a criminal organization that using the custom PoS malware TreasureHunt to target small retailers. Security experts at FireEye have spotted the activity of a criminal organization that using custom PoS malware family to target retailers. Hackers are using the PoS malware dubbed TreasureHunt or TreasureHunter to steal payment card data and sells […]

Pierluigi Paganini August 21, 2015
Web.com hacked, at least 93,000 credit card data exposed

The US-based web hosting company Web.com has been Hacked, it admitted that credit card information of 93,000 customers have been compromised. Web.com is the last victim of a data breach, the US-based web hosting company has up to 3.3 Million customers. According the first news circulating in the Internet the hackers may have compromised personal information and […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Government of Bermuda blames Russian threat actors for the cyber attack

Hacking / September 23, 2023

Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware

Mobile / September 22, 2023

CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog

Hacking / September 22, 2023

Information of Air Canada employees exposed in recent cyberattack

Data Breach / September 22, 2023

Sandman APT targets telcos with LuaDream backdoor

APT / September 22, 2023