BOOK THIS SPACE FOR AD
ARTICLE ADSecurity Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION
|Rhysida ransomware gang claimed China Energy hack
|North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack
|Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
|App used by hundreds of schools leaking children's data
|Microsoft launched its new Microsoft Defender Bounty Program
|Exposed Kubernetes configuration secrets can fuel supply chain attacks
|North Korea-linked Konni APT uses Russian-language weaponized documents
|ClearFake campaign spreads macOS AMOS information stealer
|Welltok data breach impacted 8.5 million patients in the U.S.
|North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software
|Automotive parts giant AutoZone disclosed data breach after MOVEit hack
|New InfectedSlurs Mirai-based botnet exploits two zero-days
|SiegedSec hacktivist group hacked Idaho National Laboratory (INL)
|CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog
|Enterprise software provider TmaxSoft leaks 2TB of data
|Citrix provides additional measures to address Citrix Bleed
|Tor Project removed several relays associated with a suspicious cryptocurrency scheme
|Experts warn of a surge in NetSupport RAT attacks against education and government sectors
|The Top 5 Reasons to Use an API Management Platform
|Canadian government impacted by data breaches of two of its contractors
|Rhysida ransomware gang is auctioning data stolen from the British Library
|Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies
|DarkCasino joins the list of APT groups exploiting WinRAR zero-day
|US teenager pleads guilty to his role in credential stuffing attack on a betting site
|Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION
|8Base ransomware operators use a new variant of the Phobos ransomware
|Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
|The board of directors of OpenAI fired Sam Altman
|Medusa ransomware gang claims the hack of Toyota Financial Services
|CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog
|Zimbra zero-day exploited to steal government emails by four groups
|Vietnam Post exposes 1.2TB of data, including email addresses
|Samsung suffered a new data breach
|FBI and CISA warn of attacks by Rhysida ransomware gang
|Critical flaw fixed in SAP Business One product
|Law enforcement agencies dismantled the illegal botnet proxy service IPStorm
|Gamblers’ data compromised after casino giant Strendus fails to set password
| |Danish critical infrastructure hit by the largest cyber attack in Denmark's history
|Major Australian ports blocked after a cyber attack on DP World
|Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024
|CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog
|LockBit ransomware gang leaked data stolen from Boeing
|North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals
|The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
|The State of Maine disclosed a data breach that impacted 1.3M people
|Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION
|Police seized BulletProftLink phishing-as-a-service (PhaaS) platform
|Serbian pleads guilty to running ‘Monopoly’ dark web drug market
|McLaren Health Care revealed that a data breach impacted 2.2 million people
|After ChatGPT, Anonymous Sudan took down the Cloudflare website
|Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack
|SysAid zero-day exploited by Clop ransomware group
|Dolly.com pays ransom, attackers release data anyway
|DDoS attack leads to significant disruption in ChatGPT services
|Russian Sandworm disrupts power in Ukraine with a new OT attack
|Veeam fixed multiple flaws in Veeam ONE, including critical issues
| |Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks
|Critical Confluence flaw exploited in ransomware attacks
|QNAP fixed two critical vulnerabilities in QTS OS and apps
|Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure
|Socks5Systemz proxy service delivered via PrivateLoader and Amadey
|US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors
|Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION
|Lazarus targets blockchain engineers with new KandyKorn macOS Malware
|Kinsing threat actors probed the Looney Tunables flaws in recent attacks
|ZDI discloses four zero-day flaws in Microsoft Exchange
|Okta customer support system breach impacted 134 customers
|Multiple WhatsApp mods spotted containing the CanesSpy Spyware
|Russian FSB arrested Russian hackers who supported Ukrainian cyber operations
|MuddyWater has been spotted targeting two Israeli entities
|Clop group obtained access to the email addresses of about 632,000 US federal employees
|Okta discloses a new data breach after a third-party vendor was hacked
|Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware
|Boeing confirmed its services division suffered a cyberattack
|Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India
|Who is behind the Mozi Botnet kill switch?
|CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog
|Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748
|Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper
|British Library suffers major outage due to cyberattack
|Critical Atlassian Confluence flaw can lead to significant data loss
|WiHD leak exposes details of all torrent users
|Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198
|Canada bans WeChat and Kaspersky apps on government-issued mobile devices
| |Wiki-Slack attack allows redirecting business professionals to malicious websites
|HackerOne awarded over $300 million bug hunters
|StripedFly, a complex malware that infected one million devices without being noticed
|IT Army of Ukraine disrupted internet providers in territories occupied by Russia
|Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION
|Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023
|Lockbit ransomware gang claims to have stolen data from Boeing
|How to Collect Market Intelligence with Residential Proxies?
|F5 urges to address a critical flaw in BIG-IP
|Hello Alfred app exposes user data
|iLeakage attack exploits Safari to steal data from Apple devices
|Cloudflare mitigated 89 hyper-volumetric HTTP distributed DDoS attacks exceeding 100 million rps
|Seiko confirmed a data breach after BlackCat attack
|Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks
|Pwn2Own Toronto 2023 Day 1 - organizers awarded $438,750 in prizes
|VMware addressed critical vCenter flaw also for End-of-Life products
|Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
|New England Biolabs leak sensitive data
|Former NSA employee pleads guilty to attempted selling classified documents to Russia
|Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now!
|How did the Okta Support breach impact 1Password?
|PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web
|Spain police dismantled a cybercriminal group who stole the data of 4 million individuals
|CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog
|Cisco warns of a second IOS XE zero-day used to infect devices worldwide
|City of Philadelphia suffers a data breach
|SolarWinds fixed three critical RCE flaws in its Access Rights Manager product
|Don't use AI-based apps, Philippine defense ordered its personnel
|Vietnamese threat actors linked to DarkGate malware campaign
|MI5 chief warns of Chinese cyber espionage reached an unprecedented scale
|The attack on the International Criminal Court was targeted and sophisticated
|Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION
|A threat actor is selling access to Facebook and Instagram's Police Portal
|Threat actors breached Okta support system and stole customers' data
|US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide
|Alleged developer of the Ragnar Locker ransomware was arrested
|CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog
|Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198
|Law enforcement operation seized Ragnar Locker group's infrastructure
|THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!
|North Korea-linked APT groups actively exploit JetBrains TeamCity flaw
|Multiple APT groups exploited WinRAR flaw CVE-2023-38831
|Californian IT company DNA Micro leaks private mobile phone data
| |A flaw in Synology DiskStation Manager allows admin account takeover
|D-Link confirms data breach, but downplayed the impact
|CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems
|Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers
|Ransomware realities in 2023: one employee mistake can cost a company millions
|Malware-laced 'RedAlert - Rocket Alerts' app targets Israeli users
|Cisco warns of active exploitation of IOS XE zero-day
|Signal denies claims of an alleged zero-day flaw in its platform
|Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm
|DarkGate malware campaign abuses Skype and Teams
|The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital
|Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION
|Lockbit ransomware gang demanded an 80 million ransom to CDW
|CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks
| |FBI and CISA published a new advisory on AvosLocker ransomware
|More than 17,000 WordPress websites infected with the Balada Injector in September
|Ransomlooker, a new tool to track and analyze ransomware groups' activities
|Phishing, the campaigns that are targeting Italy
|A new Magecart campaign hides the malicious code in 404 error page
|CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog
|Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers
|Air Europa data breach exposed customers' credit cards
|#OpIsrael, #FreePalestine & #OpSaudiArabia - How Cyber Actors Capitalize On War Actions Via Psy-Ops
|Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws
|New 'HTTP/2 Rapid Reset' technique behind record-breaking DDoS attacks
|Exposed security cameras in Israel and Palestine pose significant risks
|A flaw in libcue library impacts GNOME Linux systems
|Hacktivists in Palestine and Israel after SCADA and other industrial control systems
|Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519
|The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum
|Gaza-linked hackers and Pro-Russia groups are targeting Israel
|Flagstar Bank suffered a data breach once again
|Android devices shipped with backdoored firmware as part of the BADBOX network
|Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition
|North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime
|QakBot threat actors are still operational after the August takedown
|Ransomware attack on MGM Resorts costs $110 Million
|Cybersecurity, why a hotline number could be important?
|Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables
|Cisco Emergency Responder is affected by a critical Static Credentials bug. Fix it immediately!
|Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege
|CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog
|NATO is investigating a new cyber attack claimed by the SiegedSec group
|Global CRM Provider Exposed Millions of Clients’ Files Online
|Sony sent data breach notifications to about 6,800 individuals
|Apple fixed the 17th zero-day flaw exploited in attacks
|Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks
|A cyberattack disrupted Lyca Mobile services
|Chipmaker Qualcomm warns of three actively exploited zero-days
|DRM Report Q2 2023 - Ransomware threat landscape
|Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform
|San Francisco’s transport agency exposes drivers’ parking permits and addresses
|BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums
|Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)
|Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV
|European Telecommunications Standards Institute (ETSI) suffered a data breach
|WS_FTP flaw CVE-2023-40044 actively exploited in the wild
| |North Korea-linked Lazarus targeted a Spanish aerospace company
|Ransomware attack on Johnson Controls may have exposed sensitive DHS data
|BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care
|Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition
|ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One
|FBI warns of dual ransomware attacks
|Progress Software fixed two critical severity flaws in WS_FTP Server
|Child abuse site taken down, organized child exploitation crime suspected – exclusive
|A still unpatched zero-day RCE impacts more than 3.5M Exim servers
|Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach
|Misconfigured WBSC server leaks thousands of passports
|CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog
|Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109
|Dark Angels Team ransomware group hit Johnson Controls
|GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023
|Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices
|China-linked APT BlackTech was spotted hiding in Cisco router firmware
|Watch out! CVE-2023-5129 in libwebp library affects millions applications
|DarkBeam leaks billions of email and password combinations
| |Top 5 Problems Solved by Data Lineage
|Threat actors claim the hack of Sony, and the company investigates
|Canadian Flair Airlines left user data leaking for months
|The Rhysida ransomware group hit the Kuwait Ministry of Finance
|BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients
|Xenomorph malware is back after months of hiatus and expands the list of targets
|Smishing Triad Stretches Its Tentacles into the United Arab Emirates
|Crooks stole $200 million worth of assets from Mixin Network
|A phishing campaign targets Ukrainian military entities with drone manual lures
|Alert! Patch your TeamCity instance to avoid server hack
|Is Gelsemium APT behind a targeted attack in Southeast Asian Government?
|Nigerian National pleads guilty to participating in a millionaire BEC scheme
|New variant of BBTok Trojan targets users of +40 banks in LATAM
|Deadglyph, a very sophisticated and unknown backdoor targets the Middle East
|Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars
|Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition
|National Student Clearinghouse data breach impacted approximately 900 US schools
|Government of Bermuda blames Russian threat actors for the cyber attack
| | |Information of Air Canada employees exposed in recent cyberattack
|Sandman APT targets telcos with LuaDream backdoor
|Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws
|Ukrainian hackers are behind the Free Download Manager supply chain attack
|Space and defense tech maker Exail Technologies exposes database access
| |Experts found critical flaws in Nagios XI network monitoring software
|The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs
|International Criminal Court hit with a cyber attack
|GitLab addressed critical vulnerability CVE-2023-5009
|Trend Micro addresses actively exploited zero-day in Apex One and other security Products
|ShroudedSnooper threat actors target telecom companies in the Middle East
|Recent cyber attack is causing Clorox products shortage
|Earth Lusca expands its arsenal with SprySOCKS Linux malware
|Microsoft AI research division accidentally exposed 38TB of sensitive data
|German intelligence warns cyberattacks could target liquefied natural gas (LNG) terminals
| |FBI hacker USDoD leaks highly sensitive TransUnion data
|North Korea's Lazarus APT stole almost $240 million in crypto assets since June
|Clop gang stolen data from major North Carolina hospitals
|CardX released a data leak notification impacting their customers in Thailand
|Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition
|TikTok fined €345M by Irish DPC for violating children’s privacy
|Dariy Pankov, the NLBrute malware author, pleads guilty
|Dangerous permissions detected in top Android health apps
|Caesars Entertainment paid a ransom to avoid stolen data leaks
|Free Download Manager backdoored to serve Linux malware for more than 3 years
| |The iPhone of a Russian journalist was infected with the Pegasus spyware
|Kubernetes flaws could lead to remote code execution on Windows endpoints
|Threat actor leaks sensitive data belonging to Airbus
|A new ransomware family called 3AM appears in the threat landscape
|Redfly group infiltrated an Asian national grid as long as six months
|Mozilla fixed a critical zero-day in Firefox and Thunderbird
|Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws
|Save the Children confirms it was hit by cyber attack
|Adobe fixed actively exploited zero-day in Acrobat and Reader
|A new Repojacking attack exposed over 4,000 GitHub repositories to hack
|MGM Resorts hit by a cyber attack
|Anonymous Sudan launched a DDoS attack against Telegram
| |GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023
|CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog
|UK and US sanctioned 11 members of the Russia-based TrickBot gang
|New HijackLoader malware is rapidly growing in popularity in the cybercrime community
|Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable
|Evil Telegram campaign: Trojanized Telegram apps found on Google Play
|Rhysida Ransomware gang claims to have hacked three more US hospitals
|Akamai prevented the largest DDoS attack on a US financial company
|Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition
|US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog
|Ragnar Locker gang leaks data stolen from the Israel's Mayanei Hayeshua hospital
|North Korea-linked threat actors target cybersecurity experts with a zero-day
|Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks
|Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware
|Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs
|A malvertising campaign is delivering a new version of the macOS Atomic Stealer
|Two flaws in Apache SuperSet allow to remotely hack servers
|Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake
|Google addressed an actively exploited zero-day in Android
|A zero-day in Atlas VPN Linux Client leaks users' IP address
|MITRE and CISA release Caldera for OT attack emulation
|ASUS routers are affected by three critical remote code execution flaws
|Hackers stole $41M worth of crypto assets from crypto gambling firm Stake
|Freecycle data breach impacted 7 Million users
|Meta disrupted two influence campaigns from China and Russia
|A massive DDoS attack took down the site of the German financial agency BaFin
|"Smishing Triad" Targeted USPS and US Citizens for Data Theft
|University of Sydney suffered a security breach caused by a third-party service provider
|Cybercrime will cost Germany $224 billion in 2023
|PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks
|Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition
|LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)
|UNRAVELING EternalBlue: inside the WannaCry’s enabler
|Researchers released a free decryptor for the Key Group ransomware
|Fashion retailer Forever 21 data breach impacted +500,000 individuals
|Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware
|Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication
|Paramount Global disclosed a data breach
| |Abusing Windows Container Isolation Framework to avoid detection by security products
|Critical RCE flaw impacts VMware Aria Operations Networks
|UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw
| |FIN8-linked actor targets Citrix NetScaler systems
|Japan's JPCERT warns of new 'MalDoc in PDF' attack technique
|Attackers can discover IP address by sending a link over the Skype mobile app
|Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software
|Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
|Crypto investor data exposed by a SIM swapping attack against a Kroll employee
|China-linked Flax Typhoon APT targets Taiwan
|Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035
|Resecurity identified a zero-day vulnerability in Schneider Electric Accutech Manager
|