IT Information Security Archives - Page 466 of 649 - Security Affairs

IT Information Security

Pierluigi Paganini February 02, 2022

Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op

The Cybereason Nocturnus Team reported a spike in the activity of the Iran-linked APT group APT35 (aka Phosphorus or Charming Kitten). The Cybereason Nocturnus Team observed a spike in the activity of the Iran-linked APT group APT35 (aka ‘Charming Kitten‘, ‘Phosphorus‘, Newscaster, and Ajax Security Team) The Phosphorus group made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized […]

Pierluigi Paganini February 02, 2022

Experts found 23 flaws in UEFI firmware potentially impact millions of devices

Researchers discovered tens of vulnerabilities in UEFI firmware code used by the major device manufacturers. Researchers at firmware security company Binarly have discovered 23 vulnerabilities in UEFI firmware code used by the major device makers. The vulnerabilities could impact millions of enterprise devices, including laptops, servers, routers, and industrial control systems (ICS). All these vulnerabilities […]

Pierluigi Paganini February 01, 2022

Massive social engineering waves have impacted banks in several countries

A massive social engineering campaign targeting banks has been delivered in the last two years in several countries. A massive social engineering campaign has been delivered in the last two years in several countries, including Portugal, Spain, Brazil, Mexico, Chile, the UK, and France. According to Segurança Informática publication, the malicious waves have impacted banking […]

Pierluigi Paganini February 01, 2022

British Council exposed 144,000 files containing student details

Personal information belonging to British Council students was exposed online via an unsecured repository. The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries: promoting a wider knowledge of the United Kingdom and the English language; encouraging cultural, scientific, technological and educational co-operation with the […]

Pierluigi Paganini February 01, 2022

A cyber attack severely impacted the operations of German petrol distributor Oiltanking GmbH

German petrol distributor Oiltanking GmbH was a victim of a cyberattack that has a severe impact on its operations. A cyber attack hit Oiltanking GmbH, a German petrol distributor who supplies Shell gas stations in the country, severely impacting its operations. According to the media, the attack also impacted the oil supplier Mabanaft GmbH. The […]

Pierluigi Paganini February 01, 2022

Iran-linked MuddyWater APT group campaign targets Turkish entities

The Iran-linked MuddyWater APT group is targeting private Turkish organizations and governmental institutions. Researchers from Cisco Talos have uncovered a cyber espionage campaign carried out by the Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros) and targeting private Turkish organizations and governmental institutions. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. The experts called the […]

Pierluigi Paganini February 01, 2022

RCE in WordPress plugin Essential Addons for Elementor impacts hundreds of thousands of websites

A critical RCE in the popular WordPress plugin Essential Addons for Elementor impacts hundreds of thousands of websites. Essential Addons for Elementor is a popular WordPress plugin used in over a million sites that provides easy-to-use and creative elements to improve the appearance of the pages. The plugin is affected by a critical remote code […]

Pierluigi Paganini January 31, 2022

Samba fixed CVE-2021-44142 remote code execution flaw

Samba fixes a critical flaw, tracked as CVE-2021-44142, that can allow remote attackers to execute code with root privileges. Samba has addressed a critical vulnerability, tracked as CVE-2021-44142, that can be exploited by remote attackers to gain code execution with root privileges on servers running vulnerable software. Samba is a free software re-implementation of the SMB networking […]

Pierluigi Paganini January 31, 2022

CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

The US CISA added eight more flaws to its Known Exploited Vulnerabilities Catalog that are known to be used in attacks in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to the Known Exploited Vulnerabilities Catalog. The ‘Known Exploited Vulnerabilities Catalog‘ is a list of known vulnerabilities that […]

Pierluigi Paganini January 31, 2022

Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […]

1
2
464
465
466
467
468
647
648
649