information security news Archives - Page 449 of 825 - Security Affairs

information security news

Pierluigi Paganini January 22, 2022

Pay attention to Log4j attacks, Dutch National Cybersecurity Centre (NCSC) warns

The Dutch National Cybersecurity Centre (NCSC) warns organizations of risks associated with cyberattacks exploiting the Log4J vulnerability. The Dutch National Cybersecurity Centre (NCSC) warns organizations to remain vigilant on possible attacks exploiting the Log4J vulnerability. According to the Dutch agency, threat actors the NCSC will continue to attempt to exploit the Log4Shell flaw in future […]

Pierluigi Paganini January 22, 2022

Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack

Two critical security vulnerabilities in Control Web Panel potentially expose Linux servers to remote code execution attacks Researchers from Octagon Networks disclosed details of two critical security flaws in Control Web Panel that potentially expose Linux servers to remote code execution attacks. Control Web Panel is a popular open-source Linux control panel for servers and VPS that allows easy […]

Pierluigi Paganini January 22, 2022

US Treasury Department sanctions 4 Ukrainian officials for working with Russian intelligence

The U.S. Treasury Department announced sanctions against four current and former Ukrainian government officials for collaborating with Russia. The U.S. Treasury Department this week announced sanctions against four current and former Ukrainian government officials for having supported influence activities carried out by the Russian government. The officials are accused of having gathered sensitive information about […]

Pierluigi Paganini January 21, 2022

A bug in McAfee Agent allows running code with Windows SYSTEM privileges

McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges. McAfee (now Trellix) has addressed a high-severity vulnerability, tracked as CVE-2022-0166, that resides in McAfee Agent software for Windows. An attacker can exploit this flaw to escalate privileges and execute arbitrary code with SYSTEM privileges. The McAfee Agent is […]

Pierluigi Paganini January 21, 2022

Experts warn of anomalous spyware campaigns targeting industrial firms

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. Threat actors sent spear-phishing messages from compromised corporate accounts to their contacts, the email carry malicious attachments. […]

Pierluigi Paganini January 21, 2022

Google Project Zero discloses details of two Zoom zero-day flaws

Google Project Zero experts disclosed details of two zero-day flaws impacting Zoom clients and Multimedia Router (MMR) servers. Google Project Zero researchers Natalie Silvanovich disclosed details of two zero-day vulnerabilities in Zoom clients and Multimedia Router (MMR) servers. An attacker could have exploited the now-fixed issues to crash the service, execute malicious code, and even leak the content […]

Pierluigi Paganini January 21, 2022

MoonBounce UEFI implant spotted in a targeted APT41 attack

Researchers have spotted China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. Kaspersky researchers spotted the China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single […]

Pierluigi Paganini January 21, 2022

Conti ransomware gang started leaking files stolen from Bank Indonesia

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. The Conti ransomware gang claimed the attack and leaked some allegedly stolen files as proof of the security breach. A […]

Pierluigi Paganini January 20, 2022

FBI links the Diavol ransomware to the TrickBot gang

The Federal Bureau of Investigation (FBI) officially linked the Diavol ransomware operation to the infamous TrickBot gang. The FBI officially linked the Diavol ransomware operation to the infamous TrickBot gang, the group that is behind the TrickBot banking trojan. “The FBI first learned of Diavol ransomware in October 2021. Diavol is associated with developers from […]

Pierluigi Paganini January 20, 2022

Cisco StarOS flaws could allow remote code execution and information disclosure

Cisco addressed a critical RCE flaw in the Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software. Cisco has addressed a critical remote code execution vulnerability, tracked as CVE-2022-20649, discovered in the Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software. The flaw, discovered by the company experts during internal security testing, can be exploited by […]

1
2
447
448
449
450
451
823
824
825