The FBI warns of cybercriminals using search engine advertisement services to impersonate brands and defraud users The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. The sites host ransomware and are used to steal login credentials and other […]
Cybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented by an advanced malware downloader called GuLoader (aka CloudEyE). GuLoader uses a polymorphic shellcode loader to avoid traditional security solutions, the experts mapped all embedded DJB2 hash values for every API used by the […]
Experts warn of a critical Linux Kernel vulnerability (CVSS score of 10) impacting SMB servers that can lead to remote code execution. A critical Linux kernel vulnerability (CVSS score of 10) exposes SMB servers with ksmbd enabled to hack. KSMBD is a Linux kernel server that implements SMB3 protocol in kernel space for sharing files […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom […]
France’s privacy watchdog fines €60 million Microsoft for using advertising cookies without explicit customer consent. France’s privacy watchdog fines €60 million Microsoft’s Ireland subsidiary for using advertising cookies without the explicit consent of its customers. The practice violated the European data protection law. The CNIL received a complaint relating to the conditions for the deposit […]
ByteDance admitted that its employees accessed TikTok data to track journalists to identify the source of leaks to the media. TikTok parent company ByteDance revealed that several employees accessed the TikTok data of two journalists to investigate leaks of company information to the media. According to an email from ByteDance’s general counsel Erich Andersen which […]
Online sports betting company BetMGM suffered a data breach and threat actors offered for sale a database containing the data of 1.5 million customers. On December 21, the online sports betting company BetMGM disclosed a data breach while threat actors offered for sale a database containing the information of 1,569,310 million BetMGM customers. “We breached BetMGM’s […]
An Iranian group hacked dozens of CCTV cameras in Israel in 2021 and maintained access for a long period of time. An Iranian group of hackers, known as Moses Staff, had seized control of dozens of Israeli CCTV cameras, the hack was known to the authorities that did nothing to stop it, reported The Times […]
The data breach suffered by LastPass in August 2022 may have been more severe than previously thought. In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. […]
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms. Vice Society ransomware has been active since June 2021, it is considered […]