information security news

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackersXerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP…

2 months ago
Dutch Police shut down bulletproof hosting provider Zservers and seized 127 serversDutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. On February 11, 2025, the US,…

2 months ago
New Golang-based backdoor relies on Telegram for C2 communicationNew Golang-based backdoor relies on Telegram for C2 communication

New Golang-based backdoor relies on Telegram for C2 communication

Netskope Threat Labs researchers discovered a Golang-based backdoor using Telegram for C2 communication, possibly of Russian origin. Netskope Threat Labs…

2 months ago
Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sitesPro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

Pro-Russia collective NoName057(16) launched DDoS attacks on Italian sites, targeting airports, the Transport Authority, major ports, and banks. The pro-Russia…

2 months ago
whoAMI attack could allow remote code execution within AWS account<gwmw style="display:none;"></gwmw>whoAMI attack could allow remote code execution within AWS account<gwmw style="display:none;"></gwmw>

whoAMI attack could allow remote code execution within AWS account<gwmw style="display:none;"></gwmw>

Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an…

2 months ago
Storm-2372 used the device code phishing technique since August 2024Storm-2372 used the device code phishing technique since August 2024

Storm-2372 used the device code phishing technique since August 2024

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and…

2 months ago
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile…

2 months ago
Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION<gwmw style="display:none;"></gwmw>Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION<gwmw style="display:none;"></gwmw>

Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION<gwmw style="display:none;"></gwmw>

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

2 months ago
U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalogU.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known…

2 months ago
Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bugAttackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. Researchers warn that threat…

2 months ago