A security breach suffered by the Hotel booking software provider FastBooking has affected hundreds of hotels worldwide. The Hotel booking software provider FastBooking is the last victim of a data breach, the incident exposed personal details and payment card data of guests from affected hotels. FastBooking offers hotel booking platform to more than 4,000 hotels in 100 […]
Security researchers at Palo Alto Networks have uncovered a new cyber espionage group tracked as RANCOR that has been targeting entities in South East Asia. According to the experts, the RANCOR APT group has been targeting political entities in Singapore, Cambodia, and Thailand, and likely in other countries, using two previously unknown strain of malware. The two […]
The Ministry of Internal Affairs of the Russian Federation and Group-IB have detained cybercriminals who broke into the accounts of 700,000 customers of popular Internet stores The Administration “K” of the MIA of Russia, with the assistance of Group-IB, an international company specializing in the prevention of cyberattacks and the development of information security products, […]
Trend Micro experts reported the Necurs botnet has been using Internet Query (IQY) files in recent spam campaigns to bypass security protections. The Necurs botnet is currently the largest spam botnet, it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware, the Scarab ransomware, […]
Several websites using the misconfigured Java web server component Jolokia, including those operated by financial organizations. are exposed to cyber attacks. Websites using a misconfigured Java web server component are exposed to cyber attacks. Several high-profile websites including those operated by financial organizations were affected by issues. The security researcher Mat Mannion discovered some flaws […]
Security researchers at AlienVault uncovered a series of cyber attacks on cryptocurrency exchanges leveraging weaponized Hangul Word Processor HWP documents (Hangul Word Processor documents). The string of attacks involving the HWP documents has been attributed to the North Korea-linked Lazarus APT group, and includes the hack of the South Korean virtual currency exchange Bithumb. The hackers […]
Palo Alto Networks experts uncovered a new operation conducted by the cyber espionage group known as Tick APT that has been targeting a secure USB drive built by a South Korean defense company. The Tick APT group has been active for at least a decade, tracked also as Bronze Butler, it was first spotted in 2016 by […]
Last week Oracle started releasing software and microcode updates for products affected by the recently disclosed variants of the Spectre and Meltdown flaws. In May, tech giants Intel, AMD, ARM, IBM, Microsoft and other tech firms teamed to disclose two new variants of both Meltdown and Spectre issues. The so-called Variant 4 (CVE-2018-3639) relies on a Speculative Store Bypass (SSB), […]
Malware researchers from CSE Cybsec ZLab discovered a missed link between the Necurs Botnet and a variant of the Ursnif trojan that recently hit Italy. Starting from 6th June, a new version of the infamous banking trojan Ursnif hit Italian companies. This malware is well known to the cyber-security community, the Ursnif banking Trojan was […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·     ClipboardWalletHijacker miner hijacks your Ether and Bitcoin […]