U.S. Cyber Command believes foreign APTs will likely attempt to exploit the recently addressed flaw in Palo Alto Networks’s PAN-OS firewall OS. Recently Palo Alto Network addressed a critical vulnerability, tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. The flaw could allow unauthenticated network-based attackers to bypass authentication, it has has been rated […]
Group-IB discovered thousands of personal records of users from multiple countries exposed in a targeted multi-stage bitcoin scam. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered thousands of personal records of users from the UK, Australia, South Africa, the US, Singapore, Spain, Malaysia and other countries exposed in a targeted multi-stage […]
A threat actor is selling databases containing data belonging to 14 different companies he claimed were hacked in 2020. A threat actor is selling databases that contain user records for 14 different organizations he claimed were hacked in 2020, only for four of them (HomeChef, Minted, Tokopedia, and Zoosk) were previously reported data breaches. The list of […]
The University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data after a ransomware attack. Late last week, the University of California San Francisco (UCSF) admitted having paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. […]
Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021, in the operating system (PANâOS) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. “When Security Assertion Markup Language (SAML) authentication is enabled and […]
A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install. GoldenSpy is a new backdoor that is being distributed embedded in tax payment software (the Aisino Intelligent tax software) that some businesses operating in China are required to install. The campaign is […]
Australian beverage company Lion announced that it has found no evidence that hackers have stolen information from its systems. The Australian brewery and dairy conglomerate Lion suffered two cyber attacks in a few days this month. Lion is a beverage and food company that operates in Australia and New Zealand, and a subsidiary of Japanese beverage […]
Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources. Threat actors continue to use Coronavirus lures adapting their technique to the current situation. The attack techniques adopted by the threat actors depends on the state of businesses in each region. In […]
Australian ACSC published a detailed report on the techniques, tactics, and procedures associated with the threat actor that targeted organizations in the country. Recently, Australia âs prime minister Scott Morrison revealed that a âstate-based actorâ is targeting government, public services, and businesses. Warning Australians of âspecific risksâ and an increased frequency of attacks, the Australian […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. 230k+ Indonesian COVID-19 patients records for sale in the Darkweb COVID-19 themed attacks are just a small percentage of the overall threats New Shlayer Mac malware spreads via poisoned search […]