.png)
BOOK THIS SPACE FOR AD
ARTICLE ADA botnet exploits e GeoVision zero-day to compromise EoL devices
|Palo Alto Networks confirmed active exploitation of recently disclosed zero-day
|Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies
|Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison
|U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog
| |Bitdefender released a decryptor for the ShrinkLocker ransomware
|China's Volt Typhoon botnet has re-emerged
|Zoom addressed two high-severity issues in its platform
|Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days
|Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands
|A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel
|Apple indeed added a feature called "inactivity reboot" in iOS 18.1 that reboots locked devices
|Ymir ransomware, a new stealthy ransomware grow in the wild
|Amazon discloses employee data breach after May 2023 MOVEit attacks
|A new fileless variant of Remcos RAT observed in the wild
|A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 19
|Security Affairs newsletter Round 497 by Pierluigi Paganini – INTERNATIONAL EDITION
|U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers
|Mazda Connect flaws allow to hack some Mazda vehicles
|Veeam Backup & Replication exploit reused in new Frag ransomware attack
|Texas oilfield supplier Newpark Resources suffered a ransomware attack
|Palo Alto Networks warns of potential RCE in PAN-OS management interface
| | |DPRK-linked BlueNoroff used macOS malware with novel persistence
|Canada ordered ByteDance to shut down TikTok operations in the country over security concerns
|Critical bug in Cisco UWRB access points allows attackers to run commands as root
|INTERPOL: Operation Synergia II disrupted +22,000 malicious IPs
|Memorial Hospital and Manor suffered a ransomware attack
|South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users
|Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices
|ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy
|U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog
|Canadian authorities arrested alleged Snowflake hacker
|Android flaw CVE-2024-43093 may be under limited, targeted exploitation
|July 2024 ransomware attack on the City of Columbus impacted 500,000 people
|Nigerian man Sentenced to 26+ years in real estate phishing scams
|Russian disinformation campaign active ahead of 2024 US election
|International law enforcement operation shut down DDoS-for-hire platform Dstat.cc
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 18
|Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION
|US Election 2024 – FBI warning about fake election videos
|Chinese threat actors use Quad7 botnet in password-spray attacks
|FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info
| |PTZOptics cameras zero-days actively exploited in the wild
|New LightSpy spyware version targets iPhones with destructive capabilities
|LottieFiles confirmed a supply chain attack on Lottie-Player
|Threat actor says Interbank refused to pay the ransom after a two-week negotiation
|QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024
|New version of Android malware FakeCall redirects bank calls to scammers
| |QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024
|International law enforcement operation dismantled RedLine and Meta infostealers
|Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766
|Russia-linked espionage group UNC5812 targets Ukraine's military with malware
|France’s second-largest telecoms provider Free suffered a cyber attack
|A crime ring compromised Italian state databases reselling stolen info
|Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain
|Black Basta affiliates used Microsoft Teams in recent attacks
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 17
|Four REvil Ransomware members sentenced for hacking and money laundering
|Chinese cyber spies targeted phones used by Trump and Vance
|Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement
|Change Healthcare data breach impacted over 100 million people
|OnePoint Patient Care data breach impacted 795916 individuals
|From Risk Assessment to Action: Improving Your DLP Response
| |Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24
|Cisco fixed tens of vulnerabilities, including an actively exploited one
|FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024
|U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog
|Digital Echo Chambers and Erosion of Trust - Key Threats to the US Elections
|Crooks are targeting Docker API servers to deploy SRBMiner
|Why DSPM is Essential for Achieving Data Privacy in 2024
|SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack
|Samsung zero-day flaw actively exploited in the wild
|Experts warn of a new wave of Bumblebee malware attacks
|U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog
|VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812
|Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment
|Internet Archive was breached twice in a month
|Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 16
|Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION
|F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP
|U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog
|North Korea-linked APT37 exploited IE zero-day in a recent attack
|Omni Family Health data breach impacts 468,344 individuals
|Iran-linked actors target critical infrastructure organizations
|macOS HM Surf flaw in TCC allows bypass Safari privacy settings
|Two Sudanese nationals indicted for operating the Anonymous Sudan group
|Russia-linked RomCom group targeted Ukrainian government agencies since late 2023
|A critical flaw in Kubernetes Image Builder could allow attackers to gain root access
|VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX
|Brazil's Polícia Federal arrested the notorious hacker USDoD
|Finnish Customs dismantled the dark web drugs market Sipulitie
| |GitHub addressed a critical vulnerability in Enterprise Server
|A new Linux variant of FASTCash malware targets financial systems
|WordPress Jetpack plugin critical flaw impacts 27 million sites
|Pokemon dev Game Freak discloses data breach
|U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
|Nation-state actor exploited three Ivanti CSA zero-days
|Dutch police dismantled dual dark web market 'Bohemia/Cannabia'
|Fidelity Investments suffered a second data breach this year
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15
|Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION
|Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale
|A cyber attack hit Iranian government sites and nuclear facilities
|Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks
|GitLab fixed a critical flaw that could allow arbitrary CI/CD pipeline execution
|Iran and China-linked actors used ChatGPT for preparing attacks
|Internet Archive data breach impacted 31M users
|E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer
|U.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog
|Mozilla issued an urgent Firefox update to fix an actively exploited flaw
|Palo Alto fixed critical flaws in PAN-OS firewalls that allow for full compromise of the devices
|Cybercriminals Are Targeting AI Conversational Platforms
|Awaken Likho APT group targets Russian government with a new implant
|U.S. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog
|Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer
|MoneyGram discloses data breach following September cyberattack
|American Water shut down some of its systems following a cyberattack
|Universal Music data breach impacted 680 individuals
|FBCS data breach impacted 238,000 Comcast customers
|Critical Apache Avro SDK RCE flaw impacts Java applications
|Man pleads guilty to stealing over $37 Million worth of cryptocurrency
|U.S. CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalog
|China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14
|Security Affairs newsletter Round 492 by Pierluigi Paganini – INTERNATIONAL EDITION
|Google Pixel 9 supports new security features to mitigate baseband attacks
|WordPress LiteSpeed Cache plugin flaw could allow site takeover
|Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs
|Google removed Kaspersky's security apps from the Play Store
|New Perfctl Malware targets Linux servers in cryptomining campaign
|Microsoft and DOJ seized the attack infrastructure used by Russia-linked Callisto Group
|Dutch police breached by a state actor
|Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug
|Telegram revealed it shared U.S. user data with law enforcement
|U.S. CISA adds Ivanti Endpoint Manager (EPM) flaw to its Known Exploited Vulnerabilities catalog
|14 New DrayTek routers' flaws impacts over 700,000 devices in 168 countries
|Rhadamanthys information stealer introduces AI-driven capabilities
|Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now!
|Police arrested four new individuals linked to the LockBit ransomware operation
|UMC Health System diverted patients following a ransomware attack
| |News agency AFP hit by cyberattack, client services impacted
|North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence
|Patelco Credit Union data breach impacted over 1 million people
|Community Clinic of Maui discloses a data breach following May Lockbit ransomware attack
|A British national has been charged for his execution of a hack-to-trade scheme
|Critical NVIDIA Container Toolkit flaw could allow access to the underlying host
|Israel army hacked the communication network of the Beirut Airport control tower
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 13
|Security Affairs newsletter Round 491 by Pierluigi Paganini – INTERNATIONAL EDITION
|Irish Data Protection Commission fined Meta €91 million for storing passwords in readable format
|A cyberattack on Kuwait Health Ministry impacted hospitals in the country
|Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message
|CUPS flaws allow remote code execution on Linux systems under certain conditions
|U.S. sanctioned virtual currency exchanges Cryptex and PM2BTC for facilitating illegal activities
|Hacking Kia cars made after 2013 using just their license plate
|Critical RCE vulnerability found in OpenPLC
|China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)
|Privacy non-profit noyb claims that Firefox tracks users with privacy preserving feature
|Data of 3,191 congressional staffers leaked in the dark web
|New variant of Necro Trojan infected more than 11 million devices
|U.S. CISA adds Ivanti Virtual Traffic Manager flaw to its Known Exploited Vulnerabilities catalog
|Arkansas City water treatment facility switched to manual operations following a cyberattack
|New Android banking trojan Octo2 targets European banks
|A generative artificial intelligence malware used in phishing attacks
|A cyberattack on MoneyGram caused its service outage
|Did Israel infiltrate Lebanese telecoms networks?
|Telegram will provide user data to law enforcement in response to legal requests
|ESET fixed two privilege escalation flaws in its products
|North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages
|Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw
|Hacktivist group Twelve is back and targets Russian entities
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 12
|Security Affairs newsletter Round 490 by Pierluigi Paganini – INTERNATIONAL EDITION
|Noise Storms: Mysterious massive waves of spoofed traffic observed since 2020
|Hackers stole over $44 million from Asian crypto platform BingX
|OP KAERB: Europol dismantled phishing scheme targeting mobile users
|Ukraine bans Telegram for government agencies, military, and critical infrastructure
|Tor Project responded to claims that law enforcement can de-anonymize Tor users
|UNC1860 provides Iran-linked APTs with access to Middle Eastern networks
|US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency
| | |Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw
|International law enforcement operation dismantled criminal communication platform Ghost
| |SIEM for Small and Medium-Sized Enterprises: What you need to know
|Experts warn of China-linked APT's Raptor Train IoT Botnet
|Credential Flusher, understanding the threat and how to protect your login data
|U.S. Treasury issued fresh sanctions against entities linked to the Intellexa Consortium
|Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812
|Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries
|Chinese man charged for spear-phishing against NASA and US Government
| |Taking Control Online: Ensuring Awareness of Data Usage and Consent
|Qilin ransomware attack on Synnovis impacted over 900,000 patients
|D-Link addressed three critical RCE in wireless router models
|Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024
|SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager
| |Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb
|Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11
| |Ivanti Cloud Service Appliance flaw is being actively exploited in the wild
|GitLab fixed a critical flaw in GitLab CE and GitLab EE
|New Linux malware called Hadooken targets Oracle WebLogic servers
| |Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries
|Cybersecurity giant Fortinet discloses a data breach
|Singapore Police arrest six men allegedly involved in a cybercrime syndicate
|Adobe Patch Tuesday security updates fixed multiple critical issues in the company's products
|Highline Public Schools school district suspended its activities following a cyberattack
|RansomHub ransomware gang relies on Kaspersky TDSKiller tool to disable EDR
|Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)
| |Quad7 botnet evolves to more stealthy tactics to evade detection
|Poland thwarted cyberattacks that were carried out by Russia and Belarus
| |Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals
|Predator spyware operation is back with a new infrastructure
|TIDRONE APT targets drone manufacturers in Taiwan
|Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401
|Progress Software fixed a maximum severity flaw in LoadMaster
|Feds indicted two alleged administrators of WWH Club dark web marketplace
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10
|Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION
| |A flaw in WordPress LiteSpeed Cache Plugin allows account takeover
|Car rental company Avis discloses a data breach
|SonicWall warns that SonicOS bug exploited in attacks
|Apache fixed a new remote code execution flaw in Apache OFBiz
|Russia-linked GRU Unit 29155 targeted critical infrastructure globally
|Veeam fixed a critical flaw in Veeam Backup & Replication software
|Earth Lusca adds multiplatform malware KTLVdoor to its arsenal
|Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?
|Quishing, an insidious threat to electric car owners
|Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them!
|Head Mare hacktivist group targets Russia and Belarus
|Zyxel fixed critical OS command injection flaw in multiple routers
|VMware fixed a code execution flaw in Fusion hypervisor
|Vulnerabilities in Microsoft apps for macOS allow stealing permissions
|Three men plead guilty to running MFA bypass service OTP.Agency
|Transport for London (TfL) is dealing with an ongoing cyberattack
|Lockbit gang claims the attack on the Toronto District School Board (TDSB)
|A new variant of Cicada ransomware targets VMware ESXi systems
|An air transport security system flaw allowed to bypass airport security screenings
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9
|Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION
|Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw
|South Korea-linked group APT-C-60 exploited a WPS Office zero-day
|Threat actors exploit Atlassian Confluence bug in cryptomining campaigns
|Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa
|Cisco addressed a high-severity flaw in NX-OS software
|Corona Mirai botnet spreads via AVTECH CCTV zero-day
|Telegram CEO Pavel Durov charged in France for facilitating criminal activities
|Iran-linked group APT33 adds new Tickler malware to its arsenal
|U.S. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog
|Young Consulting data breach impacts 954,177 individuals
|BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085
|US offers $2.5M reward for Belarusian man involved in mass malware distribution
|U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog
|China-linked APT Volt Typhoon exploited a zero-day in Versa Director
|Researchers unmasked the notorious threat actor USDoD
|The Dutch Data Protection Authority (DPA) has fined Uber a record €290M
|Google addressed the tenth actively exploited Chrome zero-day this year
|SonicWall addressed an improper access control issue in its firewalls
|A cyberattack impacted operations at the Port of Seattle and Sea-Tac Airport
|Linux malware sedexp uses udev rules for persistence and evasion
|France police arrested Telegram CEO Pavel Durov
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8
|Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION
|U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog
|Hackers can take over Ecovacs home robots to spy on their owners
|Russian national arrested in Argentina for laundering money of crooks and Lazarus APT
|Qilin ransomware steals credentials stored in Google Chrome
|Phishing attacks target mobile users via progressive web applications (PWA)
|Member of cybercrime group Karakurt charged in the US
|New malware Cthulhu Stealer targets Apple macOS users
|China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches
|A cyberattack hit US oil giant Halliburton
|SolarWinds fixed a hardcoded credential issue in Web Help Desk
|A cyberattack disrupted operations of US chipmaker Microchip Technology
|Google addressed the ninth actively exploited Chrome zero-day this year
|GitHub fixed a new critical flaw in the GitHub Enterprise Server
|Experts disclosed a critical information-disclosure flaw in Microsoft Copilot Studio
|North Korea-linked APT used a new RAT called MoonPeak
|Pro-Russia group Vermin targets Ukraine with a new malware family
|A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning
|Ransomware payments rose from $449.1 million to $459.8 million
|Previously unseen Msupedge backdoor targeted a university in Taiwan
|Oracle NetSuite misconfiguration could lead to data exposure
|Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum
|CISA adds Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog
|Researchers uncovered new infrastructure linked to the cybercrime group FIN7
|Experts warn of exploit attempt for Ivanti vTM bug
|Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT
|The Mad Liberator ransomware group uses social-engineering techniques
| |SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7
|Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION
|Large-scale extortion campaign targets publicly accessible environment variable files (.env)
|OpenAI dismantled an Iranian influence operation targeting the U.S. presidential election
|National Public Data confirms a data breach
|CISA adds SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog
|Russian national sentenced to 40 months for selling stolen data on the dark web
|Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000
|Millions of Pixel devices can be hacked due to a pre-installed vulnerable app
|Microsoft urges customers to fix zero-click Windows RCE in the TCP/IP stack
|A group linked to RansomHub operation employs EDR-killing tool EDRKillShifter
|Google disrupted hacking campaigns carried out by Iran-linked APT42
|Black Basta ransomware gang linked to a SystemBC malware campaign
|A massive cyber attack hit Central Bank of Iran and other Iranian banks
|China-linked APT Earth Baku targets Europe, the Middle East, and Africa
|SolarWinds addressed a critical RCE in all Web Help Desk versions
|Kootenai Health data breach impacted 464,000 patients
|Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs
|A PoC exploit code is available for critical Ivanti vTM bug
|Elon Musk claims that a DDoS attack caused problems with the livestream interview with Donald Trump
|CERT-UA warns of a phishing campaign targeting government entities
|US DoJ dismantled remote IT worker fraud schemes run by North Korea
|A FreeBSD flaw could allow remote code execution, patch it now!
|EastWind campaign targets Russian organizations with sophisticated backdoors
|Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE
|Foreign nation-state actors hacked Donald Trump’s campaign
|SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
|Security Affairs newsletter Round 484 by Pierluigi Paganini – INTERNATIONAL EDITION
|ADT disclosed a data breach that impacted more than 30,000 customers
|Is the INC ransomware gang behind the attack on McLaren hospitals?
|Crooks took control of a cow milking robot causing the death of a cow
|Sonos smart speakers flaw allowed to eavesdrop on users
|Five zero-days impacts EoL Cisco Small Business IP Phones. Replace them with newer models asap!
|CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog
|Russian cyber spies stole data and emails from UK government systems
|0.0.0.0 Day flaw allows malicious websites to bypass security in major browsers
|FBI and CISA update a joint advisory on the BlackSuit Ransomware group
|Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware
|Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data
|New Android spyware LianSpy relies on Yandex Cloud to avoid detection
|Hackers breached MDM firm Mobile Guardian and wiped thousands of devices
|A ransomware attack hit French museum network
|CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog
|Google warns of an actively exploited Android kernel flaw
|Should Organizations Pay Ransom Demands?
| |Researchers warn of a new critical Apache OFBiz flaw
|Keytronic incurred approximately $17 million of expenses following ransomware attack
| |China-linked APT41 breached Taiwanese research institute
|Chinese StormBamboo APT compromised ISP to deliver malware
|Hackers attempt to sell the personal data of 3 billion people resulting from an April data breach
|Security Affairs Malware Newsletter - Round 5
|Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION
|US sued TikTok and ByteDance for violating children’s privacy laws
|Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware
|Investors sued CrowdStrike over false claims about its Falcon platform
|Avtech camera vulnerability actively exploited in the wild, CISA warns
|U.S. released Russian cybercriminals in diplomatic prisoner exchange
|Sitting Ducks attack technique exposes over a million domains to hijacking
|Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085
|BingoMod Android RAT steals money from victims' bank accounts and wipes data
|A ransomware attack disrupted operations at OneBlood blood bank
|Apple fixed dozens of vulnerabilities in iOS and macOS
|Phishing campaigns target SMBs in Poland, Romania, and Italy with multiple malware families
|A Fortune 50 company paid a record-breaking $75 million ransom
|CISA adds VMware ESXi bug to its Known Exploited Vulnerabilities catalog
|Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022
|SideWinder phishing campaign targets maritime facilities in multiple countries
|A crafty phishing campaign targets Microsoft OneDrive users
|Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085
|Acronis Cyber Infrastructure bug actively exploited in the wild
|Fake Falcon crash reporter installer used to target German Crowdstrike users
|Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware
|French authorities launch disinfection operation to eradicate PlugX malware from infected hosts
|Security Affairs Malware Newsletter - Round 4
|Security Affairs newsletter Round 482 by Pierluigi Paganini – INTERNATIONAL EDITION
|Ukraine's cyber operation shut down the ATM services of major Russian banks
|A bug in Chrome Password Manager caused user credentials to disappear
|BIND updates fix four high-severity DoS bugs in the DNS software suite
|Terrorist Activity is Accelerating in Cyberspace - Risk Precursor to Summer Olympics and Elections
|Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server
|Critical bug in Docker Engine allowed attackers to bypass authorization plugins
| |Michigan Medicine data breach impacted 56953 patients
| |China-linked APT group uses new Macma macOS backdoor version
|FrostyGoop ICS malware targets Ukraine
|Hackers abused swap files in e-skimming attacks on Magento sites
|US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group
|EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos
|SocGholish malware used to spread AsyncRAT malware
|UK police arrested a 17-year-old linked to the Scattered Spider gang
|Security Affairs Malware Newsletter - Round 3
|Security Affairs newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION
| |Threat actors attempted to capitalize CrowdStrike incident
|Russian nationals plead guilty to participating in the LockBit ransomware group
|MediSecure data breach impacted 12.9 million individuals
|CrowdStrike update epic fail crashed Windows systems worldwide
|Cisco fixed a critical flaw in Security Email Gateway that could allow attackers to add root users
|SAPwned flaws in SAP AI core could expose customers' data
|Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums
|How to Protect Privacy and Build Secure AI Products
|A critical flaw in Cisco SSM On-Prem allows attackers to change any user's password
|MarineMax data breach impacted over 123,000 individuals
|Void Banshee exploits CVE-2024-38112 zero-day to spread malware
|The Octo Tempest group adds RansomHub and Qilin ransomware to its arsenal
|CISA adds OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog
|Kaspersky leaves U.S. market following the ban on the sale of its software in the country
|FBI unlocked the phone of the suspect in the assassination attempt on Donald Trump
|Ransomware groups target Veeam Backup & Replication bug
|AT&T paid a $370,000 ransom to prevent stolen data from being leaked
|HardBit ransomware version 4.0 supports new obfuscation techniques
|Dark Gate malware campaign uses Samba file shares
|Security Affairs Malware Newsletter - Round 2
|Security Affairs newsletter Round 480 by Pierluigi Paganini – INTERNATIONAL EDITION
|Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations
|Rite Aid disclosed data breach following RansomHub ransomware attack
|New AT&T data breach exposed call logs of almost all customers
|Critical flaw in Exim MTA could allow to deliver malware to users' inboxes
|Palo Alto Networks fixed a critical bug in the Expedition tool
|Smishing Triad Is Targeting India To Steal Personal and Payment Data at Scale
|October ransomware attack on Dallas County impacted over 200,000 people
|CrystalRay operations have scaled 10x to over 1,500 victims
|Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware
|AI-Powered Russia's bot farm operates on X, US and its allies warn
|VMware fixed critical SQL-Injection in Aria Automation product
|Citrix fixed critical and high-severity bugs in NetScaler product
|A new flaw in OpenSSH can lead to remote code execution
|Microsoft Patch Tuesday for July 2024 fixed 2 actively exploited zero-days
| |Evolve Bank data breach impacted over 7.6 million individuals
|More than 31 million customer email addresses exposed following Neiman Marcus data breach
|Avast released a decryptor for DoNex Ransomware and its predecessors
|RockYou2024 compilation containing 10 billion passwords was leaked online
|Critical Ghostscript flaw exploited in the wild. Patch it now!
|Apple removed 25 VPN apps from the App Store in Russia following Moscow's requests
|CISA adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog
|Apache fixed a source code disclosure flaw in Apache HTTP Server
|Security Affairs Malware Newsletter - Round 1
|Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION
|Alabama State Department of Education suffered a data breach following a blocked attack
|GootLoader is still active and efficient
|Hackers stole OpenAI secrets in a 2023 security breach
|Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes
| |New Golang-based Zergeca Botnet appeared in the threat landscape
|Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus
|Hackers compromised Ethereum mailing list and launched a crypto draining attack
|OVHcloud mitigated a record-breaking DDoS attack in April 2024
|Healthcare fintech firm HealthEquity disclosed a data breach
| |Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform
|Operation Morpheus took down 593 Cobalt Strike servers used by threat actors
|LockBit group claims the hack of the Fairfield Memorial Hospital in the US
|American Patelco Credit Union suffered a ransomware attack
|Polish government investigates Russia-linked cyberattack on state news agency
|Evolve Bank data breach impacted fintech firms Wise and Affirm
|Prudential Financial data breach impacted over 2.5 million individuals
|Australian man charged for Evil Twin Wi-Fi attacks on domestic flights
|China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware
|Critical unauthenticated remote code execution flaw in OpenSSH server
|Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania
|Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769
|Russia-linked Midnight Blizzard stole email of more Microsoft customers
|Russia-linked group APT29 likely breached TeamViewer's corporate network
|Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
|Infosys McCamish Systems data breach impacted over 6 million people
|A cyberattack shut down the University Hospital Centre Zagreb in Croatia
|US announces a $10M reward for Russia's GRU hacker behind attacks on Ukraine
|LockBit group falsely claimed the hack of the Federal Reserve
| |New P2Pinfect version delivers miners and ransomware on Redis servers
|New MOVEit Transfer critical bug is actively exploited
|New Caesar Cipher Skimmer targets popular CMS used by e-stores
|Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw
|Wikileaks founder Julian Assange is free
|CISA confirmed that its CSAT environment was breached in January.
|Threat actors compromised 1,590 CoinStats crypto wallets
|Experts observed approximately 120 malicious campaigns using the Rafel RAT
|LockBit claims the hack of the US Federal Reserve
|Ransomware threat landscape Jan-Apr 2024: insights and challenges
|ExCobalt Cybercrime group targets Russian organizations in multiple sectors
|Threat actor attempts to sell 30 million customer records allegedly stolen from TEG
|Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
|Threat actors are actively exploiting SolarWinds Serv-U bug CVE-2024-28995
|US government sanctions twelve Kaspersky Lab executives
|Experts found a bug in the Linux version of RansomHub ransomware
| |Russia-linked APT Nobelium targets French diplomatic entities
|US bans sale of Kaspersky products due to risks to national security
|Atlassian fixed six high-severity bugs in Confluence Data Center and Server
|China-linked spies target Asian Telcos since at least 2021
|New Rust infostealer Fickle Stealer spreads through various attack methods
|An unpatched bug allows anyone to impersonate Microsoft corporate email accounts
|Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale
|Alleged researchers stole $3 million from Kraken exchange
|Google Chrome 126 update addresses multiple high-severity flaws
|Chip maker giant AMD investigates a data breach
|Cryptojacking campaign targets exposed Docker APIs
|VMware fixed RCE and privilege escalation bugs in vCenter Server
|Meta delays training its AI using public content shared by EU users
|Keytronic confirms data breach after ransomware attack
|The Financial Dynamics Behind Ransomware Attacks
|Empire Market owners charged with operating $430M dark web marketplace
|China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign
|LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals
|Spanish police arrested an alleged member of the Scattered Spider group
|Online job offers, the reshipping and money mule scams
|Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
|ASUS fixed critical remote authentication bypass bug in several routers
|London hospitals canceled over 800 operations in the week after Synnovis ransomware attack
|DORA Compliance Strategy for Business Leaders
| |City of Cleveland still working to fully restore systems impacted by a cyber attack
|Google fixed an actively exploited zero-day in the Pixel Firmware
|Multiple flaws in Fortinet FortiOS fixed
|CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog
| |JetBrains fixed IntelliJ IDE flaw exposing GitHub access tokens
|Microsoft Patch Tuesday security updates for June 2024 fixed only one critical issue
|Cylance confirms the legitimacy of data offered for sale in the dark web
|Arm zero-day in Mali GPU Drivers actively exploited in the wild
| |Japanese video-sharing platform Niconico was victim of a cyber attack
|UK NHS call for O-type blood donations following ransomware attack on London hospitals
|Christie’s data breach impacted 45,798 individuals
|Sticky Werewolf targets the aviation industry in Russia and Belarus
|Frontier Communications data breach impacted over 750,000 individuals
|PHP addressed critical RCE flaw potentially impacting millions of servers
|Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION
|SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform
|Pandabuy was extorted twice by the same threat actor
|UAC-0020 threat actor used the SPECTR Malware to target Ukraine's defense forces
|A new Linux version of TargetCompany ransomware targets VMware ESXi environments
|FBI obtained 7,000 LockBit decryption keys, victims should contact the feds to get support
|RansomHub operation is a rebranded version of the Knight RaaS
|Malware can steal data collected by the Windows Recall tool, experts warn
|Cisco addressed Webex flaws used to compromise German government meetings
|CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs
|Zyxel addressed three RCEs in end-of-life NAS devices
|A ransomware attack on Synnovis impacted several London hospitals
|RansomHub gang claims the hack of the telecommunications giant Frontier Communications
| |Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers
|Multiple flaws in Cox modems could have impacted millions of devices
|CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog
|Spanish police shut down illegal TV streaming network
|APT28 targets key networks in Europe with HeadLace malware
|Experts found information of European politicians on the dark web
|FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware
|Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION
|Ticketmaster confirms data breach impacting 560 million customers
|Critical Apache Log4j2 flaw still threatens global finance
|Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin
|ShinyHunters is selling data of 30 million Santander customers
|Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours
|LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021
|BBC disclosed a data breach impacting its Pension Scheme members
| |Experts found a macOS version of the sophisticated LightSpy spyware
|Operation Endgame, the largest law enforcement operation ever against botnets
|Law enforcement operation dismantled 911 S5 botnet
|Okta warns of credential stuffing attacks targeting its Cross-Origin Authentication feature
|Check Point released hotfix for actively exploited VPN zero-day
|ABN Amro discloses data breach following an attack on a third-party provider
|Christie disclosed a data breach after a RansomHub attack
|Experts released PoC exploit code for RCE in Fortinet SIEM
|WordPress Plugin abused to install e-skimmers in e-commerce sites
|TP-Link Archer C5400X gaming router is affected by a critical flaw
|Sav-Rx data breach impacted over 2.8 million individuals
|The Impact of Remote Work and Cloud Migrations on Security Perimeters
|New ATM Malware family emerged in the threat landscape
|A high-severity vulnerability affects Cisco Firepower Management Center
|CERT-UA warns of malware campaign conducted by threat actor UAC-0006
|Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
|Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack
|Fake AV websites used to distribute info-stealer malware
|MITRE December 2023 attack: Threat actors created rogue VMs to evade detection
|An XSS flaw in GitLab allows attackers to take over accounts
|Google fixes eighth actively exploited Chrome zero-day this year, the third in a month
|CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog
|Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors
|Recall feature in Microsoft Copilot+ PCs raises privacy and security concerns
|APT41: The threat of KeyPlug against Italian industries
|Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)
|Chinese actor 'Unfading Sea Haze' remained undetected for five years
|A consumer-grade spyware app found in check-in systems of 3 US hotels
|Critical Veeam Backup Enterprise Manager authentication bypass bug
|Cybercriminals are targeting elections in India with influence campaigns
|Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!
|OmniVision disclosed a data breach after the 2023 Cactus ransomware attack
|CISA adds NextGen Healthcare Mirth Connect flaw to its Known Exploited Vulnerabilities catalog
|Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors
|Experts warn of a flaw in Fluent Bit utility that is used by major cloud platforms and firms
|Experts released PoC exploit code for RCE in QNAP QTS
|GitCaught campaign relies on Github and Filezilla to deliver multiple malware
|Two students uncovered a flaw that allows to use laundry machines for free
|Grandoreiro Banking Trojan is back and targets banks worldwide
|Healthcare firm WebTPA data breach impacted 2.5 million individuals
|Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION
|North Korea-linked Kimsuky used a new Linux backdoor in recent attacks
|North Korea-linked IT workers infiltrated hundreds of US firms
|Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs
|City of Wichita disclosed a data breach after the recent ransomware attack
|CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog
|CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog
|North Korea-linked Kimsuky APT attack targets victims via Messenger
|Electronic prescription provider MediSecure impacted by a ransomware attack
|Google fixes seventh actively exploited Chrome zero-day this year, the third in a week
|Santander: a data breach at a third-party provider impacted customers and employees
|FBI seized the notorious BreachForums hacking forum
|A Tornado Cash developer has been sentenced to 64 months in prison
|Adobe fixed multiple critical flaws in Acrobat and Reader
|Ransomware attack on Singing River Health System impacted 895,000 people
|Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days
|VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024
|MITRE released EMB3D Threat Model for embedded devices
|Google fixes sixth actively exploited Chrome zero-day this year
|Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware
|Threat actors may have exploited a zero-day in older iPhones, Apple warns
|City of Helsinki suffered a data breach
|Russian hackers defaced local British news sites
|Australian Firstmac Limited disclosed a data breach after cyber attack
|Pro-Russia hackers targeted Kosovo’s government websites
|Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION
|As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide
|Ohio Lottery data breach impacted over 538,000 individuals
|Notorius threat actor IntelBroker claims the hack of the Europol
|A cyberattack hit the US healthcare giant Ascension
|Google fixes fifth actively exploited Chrome zero-day this year
|Russia-linked APT28 targets government Polish institutions
|Citrix warns customers to update PuTTY version installed on their XenCenter system manually
|Dell discloses data breach impacting millions of customers
|Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs
|Zscaler is investigating data breach claims
|Experts warn of two BIG-IP Next Central Manager flaws that allow device takeover
|LockBit gang claimed responsibility for the attack on City of Wichita
|New TunnelVision technique can bypass the VPN encapsulation
|LiteSpeed Cache WordPress plugin actively exploited in the wild
|Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606
|UK Ministry of Defense disclosed a third-party data breach exposing military personnel data
|Law enforcement agencies identified LockBit ransomware admin and sanctioned him
|MITRE attributes the recent attack to China-linked UNC5221
|Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering
|City of Wichita hit by a ransomware attack
|El Salvador suffered a massive leak of biometric data
|Finland authorities warn of Android malware campaign targeting bank users
|NATO and the EU formally condemned Russia-linked APT28 cyber espionage
|Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
|Blackbasta gang claimed responsibility for Synlab Italia attack
|LockBit published data stolen from Simone Veil hospital in Cannes
|Russia-linked APT28 and crooks are still using the Moobot botnet
|Dirty stream attack poses billions of Android installs at risk
|ZLoader Malware adds Zeus's anti-analysis feature
|Ukrainian REvil gang member sentenced to 13 years in prison
|HPE Aruba Networking addressed four critical ArubaOS RCE flaws
|Threat actors hacked the Dropbox Sign production environment
|CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog
|Panda Restaurant Group disclosed a data breach
| |Cuttlefish malware targets enterprise-grade SOHO routers
|A flaw in the R programming language could allow code execution
|Muddling Meerkat, a mysterious DNS Operation involving China's Great Firewall
|Notorious Finnish Hacker sentenced to more than six years in prison
|CISA guidelines to protect critical infrastructure against AI-based threats
|NCSC: New UK law bans default passwords on smart devices
|The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data
|Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023
|Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals
|Cyber-Partisans hacktivists claim to have breached Belarus KGB
|The Los Angeles County Department of Health Services disclosed a data breach
|Multiple Brocade SANnav SAN Management SW flaws allow device compromise
|ICICI Bank exposed credit card data of 17000 customers
|Okta warns of unprecedented scale in credential stuffing attacks on online services
|Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
|Targeted operation against Ukraine exploited 7-year-old MS Office bug
|Hackers may have accessed thousands of accounts on the California state welfare platform
|Brokewell Android malware supports an extensive set of Device Takeover capabilities
|Experts warn of an ongoing malware campaign targeting WP-Automatic plugin
|Cryptocurrencies and cybercrime: A critical intermingling
|Kaiser Permanente data breach may have impacted 13.4 million patients
|Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug
|Sweden’s liquor supply severely impacted by ransomware attack on logistics company
|CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog
|CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog
| |Google fixed critical Chrome vulnerability CVE-2024-4058
|Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks
|Hackers hijacked the eScan Antivirus update mechanism in malware campaign
|US offers a $10 million reward for information on four Iranian nationals
|The street lights in Leicester City cannot be turned off due to a cyber attack
|North Korea-linked APT groups target South Korean defense contractors
|U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
|A cyber attack paralyzed operations at Synlab Italia
|Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw
| |A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites
|Akira ransomware received $42M in ransom payments from over 250 victims
|DuneQuixote campaign targets the Middle East with a complex backdoor
|Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION
|Critical CrushFTP zero-day exploited in attacks in the wild
|A French hospital was forced to reschedule procedures after cyberattack
|MITRE revealed that nation-state actors breached its systems via Ivanti zero-days
|FBI chief says China is preparing to attack US critical infrastructure
|United Nations Development Programme (UNDP) investigates data breach
|FIN7 targeted a large U.S. carmaker with phishing attacks
|Law enforcement operation dismantled phishing-as-a-service platform LabHost
|Previously unknown Kapeka backdoor linked to Russian Sandworm APT
|Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available
|Linux variant of Cerber ransomware targets Atlassian servers
|Ivanti fixed two critical flaws in its Avalanche MDM
|Researchers released exploit code for actively exploited Palo Alto PAN-OS bug
|Cisco warns of large-scale brute-force attacks against VPN and SSH services
|PuTTY SSH Client flaw allows of private keys recovery
|A renewed espionage campaign targets South Asia with iOS spyware LightSpy
|Misinformation and hacktivist campaigns targeting the Philippines skyrocket
|Russia is trying to sabotage European railways, Czech minister said
|Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia
|Cisco Duo warns telephony supplier data breach exposed MFA SMS logs
|Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets
| |Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor
|U.S. and Australian police arrested Firebird RAT author and operator
|Canadian retail chain Giant Tiger data breach may have impacted millions of customers
|Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
|Crooks manipulate GitHub's search results to distribute malware
|BatBadBut flaw allowed an attacker to perform command injection on Windows
|Roku disclosed a new security breach impacting 576,000 accounts
|LastPass employee targeted via an audio deepfake call
|TA547 targets German organizations with Rhadamanthys malware
|CISA adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog
|US CISA published an alert on the Sisense data breach
|Palo Alto Networks fixed multiple DoS bugs in its firewalls
|Apple warns of mercenary spyware attacks on iPhone users in 92 countries
|Microsoft fixed two zero-day bugs exploited in malware attacks
|Group Health Cooperative data breach impacted 530,000 individuals
|AT&T states that the data breach impacted 51 million former and current customers
|Fortinet fixed a critical remote code execution bug in FortiClientLinux
|Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues
|Cybersecurity in the Evolving Threat Landscape
|Over 91,000 LG smart TVs running webOS are vulnerable to hacking
|ScrubCrypt used to drop VenomRAT along with many malicious plugins
|Google announces V8 Sandbox to protect Chrome users
|China is using generative AI to carry out influence operations
|Greylock McKinnon Associates data breach exposed DOJ data of 341650 people
|Crowdfense is offering a larger 30M USD exploit acquisition program
|U.S. Department of Health warns of attacks against IT help desks
|Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION
|Over 92,000 Internet-facing D-Link NAS devices can be easily hacked
|More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894
|Cisco warns of XSS flaw in end-of-life small business routers
|Magento flaw exploited to deploy persistent backdoor hidden in XML
|Cyberattack disrupted services at Omni Hotels & Resorts
|HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks
|US cancer center City of Hope: data breach impacted 827149 individuals
|Ivanti fixed for 4 new issues in Connect Secure and Policy Secure
|Jackson County, Missouri, discloses a ransomware attack
|Google addressed another Chrome zero-day exploited at Pwn2Own in March
|The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse
|Google fixed two actively exploited Pixel vulnerabilities
|Highly sensitive files mysteriously disappeared from EUROPOL headquarters
|XSS flaw in WordPress WP-Members Plugin can lead to script injection
|Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor
|Google agreed to erase billions of browser records to settle a class action lawsuit
|PandaBuy data breach allegedly impacted over 1.3 million customers
| |New Vultur malware version includes enhanced remote control and evasion capabilities
|Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy
|Info stealer attacks target macOS users
|Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION
|DinodasRAT Linux variant targets users worldwide
|AT&T confirmed that a data breach impacted 73 million customers
|Expert found a backdoor in XZ tools used many Linux distributions
|German BSI warns of 17,000 unpatched Microsoft Exchange servers
|Cisco warns of password-spraying attacks targeting Secure Firewall devices
|American fast-fashion firm Hot Topic hit by credential stuffing attacks
|Cisco addressed high-severity flaws in IOS and IOS XE software
|Google: China dominates government exploitation of zero-day vulnerabilities in 2023
|Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024
| |The DDR Advantage: Real-Time Data Defense
|Finnish police linked APT31 to the 2021 parliament attack
|TheMoon bot infected 40,000 devices in January and February
|UK, New Zealand against China-linked cyber operations
|US Treasury Dep announced sanctions against members of China-linked APT31
| |Iran-Linked APT TA450 embeds malicious links in PDF attachments
|StrelaStealer targeted over 100 organizations across the EU and US
|GoFetch side-channel attack against Apple systems allows secret keys extraction
|Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION
|Cybercriminals Accelerate Online Scams During Ramadan and Eid Fitr
|Russia-linked APT29 targeted German political parties with WINELOADER backdoor
|Mozilla fixed Firefox zero-days exploited at Pwn2Own Vancouver 2024
|Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites
|German police seized the darknet marketplace Nemesis Market
|Unsaflok flaws allow to open millions of doors using Dormakaba Saflok electronic locks
|Pwn2Own Vancouver 2024: participants earned $1,132,500 for 29 unique 0-days
|Critical Fortinet's FortiClient EMS flaw actively exploited in the wild
|Pwn2Own Vancouver 2024 Day 1 - team Synacktiv hacked a Tesla
|New Loop DoS attack may target 300,000 vulnerable hosts
|Critical flaw in Atlassian Bamboo Data Center and Server must be fixed immediately
|Threat actors actively exploit JetBrains TeamCity flaws to deliver malware
|BunnyLoader 3.0 surfaces in the threat landscape
|Pokemon Company resets some users' passwords
|Ukraine cyber police arrested crooks selling 100 million compromised accounts
|New AcidPour wiper targets Linux x86 devices. Is it a Russia's weapon?
|Players hacked during the matches of Apex Legends Global Series. Tournament suspended
|Earth Krahang APT breached tens of government organizations worldwide
|PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released
|Fujitsu suffered a malware attack and probably a data breach
|Remove WordPress miniOrange plugins, a critical flaw can allow site takeover
|The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats
|Email accounts of the International Monetary Fund compromised
|Threat actors leaked 70,000,000+ records allegedly stolen from AT&T
|“gitgub” malware campaign targets Github users with RisePro info-stealer
|Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION
|France Travail data breach impacted 43 Million people
|Scranton School District in Pennsylvania suffered a ransomware attack
|Lazarus APT group returned to Tornado Cash to launder stolen funds
|Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case
|UK Defence Secretary jet hit by an electronic warfare attack in Poland
|Cisco fixed high-severity elevation of privilege and DoS bugs
|Recent DarkGate campaign exploited Microsoft Windows zero-day
|Nissan Oceania data breach impacted roughly 100,000 people
|Researchers found multiple flaws in ChatGPT plugins
|Fortinet fixes critical bugs in FortiOS, FortiProxy, and FortiClientEMS
|Acer Philippines disclosed a data breach after a third-party vendor hack
|Stanford University announced that 27,000 individuals were impacted in the 2023 ransomware attack
|Microsoft Patch Tuesday security updates for March 2024 fixed 59 flaws
| |First-ever South Korean national detained for espionage in Russia
|Insurance scams via QR codes: how to recognise and defend yourself
|Massive cyberattacks hit French government agencies
|BianLian group exploits JetBrains TeamCity bugs in ransomware attacks
|Experts released PoC exploit for critical Progress Software OpenEdge bug
|Magnet Goblin group used a new Linux variant of NerbianRAT malware
|Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites
|Lithuania security services warn of China's espionage against the country
|Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION
|Threat actors breached two crucial systems of the US CISA
|CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog
|Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices
|QNAP fixed three flaws in its NAS devices, including an authentication bypass
|Russia-linked Midnight Blizzard breached Microsoft systems again
|Cisco addressed severe flaws in its Secure Client
| |2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023
|National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election
|CISA adds Apple iOS and iPadOS memory corruption bugs to its Known Exploited Vulnerabilities Catalog
| |CISA ADDS ANDROID PIXEL AND SUNHILLO SURELINE BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
|Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks
|LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage
|Apple emergency security updates fix two new iOS zero-days
|VMware urgent updates addressed Critical ESXi Sandbox Escape bugs
|US Gov sanctioned Intellexa Consortium individuals and entities behind Predator spyware attacks
| |Experts disclosed two severe flaws in JetBrains TeamCity On-Premises software
|Ukraine's GUR hacked the Russian Ministry of Defense
|Some American Express customers' data exposed in a third-party data breach
|META hit with privacy complaints by EU consumer groups
|New GTPDOOR backdoor is designed to target telecom carrier networks
|Threat actors hacked Taiwan-based Chunghwa Telecom
|New Linux variant of BIFROSE RAT uses deceptive domain strategies
|Eken camera doorbells allow ill-intentioned individuals to spy on you
|Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION
|U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp
|U.S. authorities charged an Iranian national for long-running hacking campaign
|US cyber and law enforcement agencies warn of Phobos ransomware attacks
|Police seized Crimemarket, the largest German-speaking cybercrime marketplace
|Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws
|Crooks stole €15 Million from European retail company Pepco
|CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog
|Researchers found a zero-click Facebook account takeover
|New SPIKEDWINE APT group is targeting officials in Europe
|Is the LockBit gang resuming its operation?
|Lazarus APT exploited zero-day in Windows driver to gain kernel privileges
|Pharmaceutical giant Cencora discloses a data breach
|Unmasking 2024's Email Security Landscape
|FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector
|Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations
|Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs
|XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk
|Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION
|US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES
|New Redis miner Migo uses novel system weakening techniques
|Critical flaw found in deprecated VMware EAP. Uninstall it immediately
|Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers
|ConnectWise fixed critical flaws in ScreenConnect remote access tool
|More details about Operation Cronos that disrupted Lockbit operation
| |Operation Cronos: law enforcement disrupted the LockBit operation
|A Ukrainian Raccoon Infostealer operator is awaiting trial in the US
| |How BRICS Got "Rug Pulled" – Cryptocurrency Counterfeiting is on the Rise
|SolarWinds addressed critical RCEs in Access Rights Manager (ARM)
|ESET fixed high-severity local privilege escalation bug in Windows products
|Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION
|Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes
|CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks
| |US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders
|U.S. CISA: hackers breached a state government organization
|Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs
|US Gov dismantled the Moobot botnet controlled by Russia-linked APT28
|A cyberattack halted operations at Varta production plants
|North Korea-linked actors breached the emails of a Presidential Office member
|CISA adds Microsoft Windows bugs to its Known Exploited Vulnerabilities catalog
|Nation-state actors are using AI services and LLMs for cyberattacks
|Abusing the Ubuntu 'command-not-found' utility to install malicious packages
|Zoom fixed critical flaw CVE-2024-24691 in Windows software
|Adobe Patch Tuesday fixed critical vulnerabilities in Magento, Acrobat and Reader
|Microsoft Patch Tuesday for February 2024 fixed 2 actively exploited 0-days
|A ransomware attack took 100 Romanian hospitals down
|Bank of America customer data compromised after a third-party services provider data breach
|Ransomfeed - Third Quarter Report 2023 is out!
|Global Malicious Activity Targeting Elections is Skyrocketing
|Researchers released a free decryption tool for the Rhysida Ransomware
|Residential Proxies vs. Datacenter Proxies: Choosing the Right Option
|CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog
|Canada Gov plans to ban the Flipper Zero to curb car thefts
|9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data
|US Feds arrested two men involved in the Warzone RAT operation
|Raspberry Robin spotted using two new 1-day LPE exploits
|Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION
|CISA adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog
|macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations
|Exploiting a vulnerable Minifilter Driver to create a process killer
|Black Basta ransomware gang hacked Hyundai Motor Europe
|Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN
|Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices
|26 Cyber Security Stats Every User Should Be Aware Of in 2024
|US offers $10 million reward for info on Hive ransomware group leaders
|Unraveling the truth behind the DDoS attack from electric toothbrushes
|China-linked APT Volt Typhoon remained undetected for years in US infrastructure
|Cisco fixes critical Expressway Series CSRF vulnerabilities
|CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog
|Fortinet addressed two critical FortiSIEM vulnerabilities
|Experts warn of a critical bug in JetBrains TeamCity On-Premises
|Critical shim bug impacts every Linux boot loader signed in the past decade
|China-linked APT deployed malware in a network of the Dutch Ministry of Defence
|Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG
|Google fixed an Android critical remote code execution flaw
|A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e
|U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware
|HPE is investigating claims of a new security breach
|Experts warn of a surge of attacks targeting Ivanti SSRF flaw
|How to hack the Airbus NAVBLUE Flysmart+ Manager
|Crooks stole $25.5 million from a multinational firm using a 'deepfake' video call
|Software firm AnyDesk disclosed a security breach
|The 'Mother of all Breaches': Navigating the Aftermath and Fortifying Your Data with DSPM
|US government imposed sanctions on six Iranian intel officials
|A cyberattack impacted operations at Lurie Children's Hospital
|AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web
|Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION
|Clorox estimates the costs of the August cyberattack will exceed $49 Million
|Mastodon fixed a flaw that can allow the takeover of any account
|Iranian hackers breached Albania’s Institute of Statistics (INSTAT)
|Operation Synergia led to the arrest of 31 individuals
|Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison
|Cloudflare breached on Thanksgiving Day, but the attack was promptly contained
|PurpleFox malware infected at least 2,000 computers in Ukraine
|Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping
|CISA orders federal agencies to disconnect Ivanti VPN instances by February 2
|Multiple malware used in attacks exploiting Ivanti VPN flaws
|Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k
|Crooks stole around $112 million worth of XRP from Ripple’s co-founder
|CISA adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog
|Ivanti warns of a new actively exploited zero-day
|Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware
|Data leak at fintech giant Direct Trading Technologies
|Root access vulnerability in GNU Library C (glibc) impacts many Linux distros
|Italian data protection authority said that ChatGPT violated EU privacy laws
|750 million Indian mobile subscribers' data offered for sale on dark web
|Juniper Networks released out-of-band updates to fix high-severity flaws
|Hundreds of network operators’ credentials found circulating in Dark Web
|Cactus ransomware gang claims the Schneider Electric hack
|Mercedes-Benz accidentally exposed sensitive data, including source code
|Experts detailed Microsoft Outlook flaw that can leak NTLM v2 hashed passwords
|NSA buys internet browsing records from data brokers without a warrant
|Ukraine’s SBU arrested a member of Pro-Russia hackers group 'Cyber Army of Russia'
|Multiple PoC exploits released for Jenkins flaw CVE-2024-23897
|Medusa ransomware attack hit Kansas City Area Transportation Authority
|Security Affairs newsletter Round 456 by Pierluigi Paganini – INTERNATIONAL EDITION
|Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center
|Participants earned more than $1.3M at the Pwn2Own Automotive competition
|A TrickBot malware developer sentenced to 64 months in prison
|Russian Midnight Blizzard APT is targeting orgs worldwide, Microsoft warns
|Watch out, experts warn of a critical flaw in Jenkins
|Pwn2Own Automotive 2024 Day 2 - Tesla hacked again
|Yearly Intel Trend Review: The 2023 RedSense report
|Cisco warns of a critical bug in Unified Communications products, patch it now!
|Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE)
|CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog
|5379 GitLab servers vulnerable to zero-click account takeover attacks
|Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204
|Splunk fixed high-severity flaw impacting Windows versions
|Watch out, a new critical flaw affects Fortra GoAnywhere MFT
|Australian government announced sanctions for Medibank hacker
|LoanDepot data breach impacted roughly 16.6 individuals
|Black Basta gang claims the hack of the UK water utility Southern Water
|CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog
|Mother of all breaches - a historic data leak reveals 26 billion records: check what's exposed
|Apple fixed actively exploited zero-day CVE-2024-23222
|“My Slice”, an Italian adaptive phishing campaign
|Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell
|Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web
|Backdoored pirated applications targets Apple macOS users
|LockBit ransomware gang claims the attack on the sandwich chain Subway
|Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION
|Admin of the BreachForums hacking forum sentenced to 20 years supervised release
|VF Corp December data breach impacts 35 million customers
|China-linked APT UNC3886 exploits VMware zero-day since 2021
|Ransomware attacks break records in 2023: the number of victims rose by 128%
|U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082
|The Quantum Computing Cryptopocalypse – I’ll Know It When I See It
|Kansas State University suffered a serious cybersecurity incident
|CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog
|Google TAG warns that Russian COLDRIVER APT is using a custom backdoor
|PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts
|iShutdown lightweight method allows to discover spyware infections on iPhones
|Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos
|Github rotated credentials after the discovery of a vulnerability
|FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation
|Citrix warns admins to immediately patch NetScaler for actively exploited zero-days
|Google fixed the first actively exploited Chrome zero-day of 2024
|Atlassian fixed critical RCE in older Confluence versions
|VMware fixed a critical flaw in Aria Automation. Patch it now!
|Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws
|Experts warn of a vulnerability affecting Bosch BCC100 Thermostat
|Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack
|Phemedrone info stealer campaign exploits Windows smartScreen bypass
|Balada Injector continues to infect thousands of WordPress sites
|Attackers target Apache Hadoop and Flink to deliver cryptominers
|Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic
|Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION
|GitLab fixed a critical zero-click account hijacking flaw
|Juniper Networks fixed a critical RCE bug in its firewalls and switches
|Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election
|Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467
|Team Liquid’s wiki leak exposes 118K users
|CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog
|Two zero-day bugs in Ivanti Connect Secure actively exploited
|X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected
|Cisco fixed critical Unity Connection vulnerability CVE-2024-20272
|ShinyHunters member sentenced to three years in prison
|HMG Healthcare disclosed a data breach
| |Decryptor for Tortilla variant of Babuk ransomware released
|Microsoft Patch Tuesday for January 2024 fixed 2 critical flaws
|CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog
|Syrian group Anonymous Arabic distributes stealthy malware Silver RAT
|Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications
|DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace
|Long-existing Bandook RAT targets Windows machines
|A cyber attack hit the Beirut International Airport
|Iranian crypto exchange Bit24.cash leaks user passports and IDs
|Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION
|Turkish Sea Turtle APT targets Dutch IT and Telecom firms
|Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea
|Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages
|The source code of Zeppelin Ransomware sold on a hacking forum
|Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months
|Ivanti fixed a critical EPM flaw that can result in remote code execution
|MyEstatePoint Property Search Android app leaks user passwords
|Hacker hijacked Orange Spain RIPE account causing internet outage to company customers
|HealthEC data breach impacted more than 4.5 Million people
|Experts found 3 malicious packages hiding crypto miners in PyPi repository
|Crooks hacked Mandiant X account to push cryptocurrency scam
|Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud
|CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG
|Don’t trust links with known domains: BMW affected by redirect vulnerability
|Hackers stole more than $81 million worth of crypto assets from Orbit Chain
| |Experts warn of JinxLoader loader used to spread Formbook and XLoader
|Terrapin attack allows to downgrade SSH protocol security
|Multiple organizations in Iran were breached by a mysterious hacker
|Top 2023 Security Affairs cybersecurity stories
|Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies
|Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop
|Google agreed to settle a $5 billion privacy lawsuit
|Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION
|INC RANSOM ransomware gang claims to have breached Xerox Corp
|Spotify music converter TuneFab puts users at risk
|Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania
|Russia-linked APT28 used new malware in a recent phishing campaign
|Clash of Clans gamers at risk while using third-party app
|New Version of Meduza Stealer Released in Dark Web
|Operation Triangulation attacks relied on an undocumented hardware feature
| |Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network
|Experts warn of critical Zero-Day in Apache OfBiz
|Xamalicious Android malware distributed through the Play Store
|Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841
|Elections 2024, artificial intelligence could upset world balances
|Experts analyzed attacks against poorly managed Linux SSH servers
|A cyberattack hit Australian healthcare provider St Vincent’s Health Australia
|Rhysida ransomware group hacked Abdali Hospital in Jordan
|Carbanak malware returned in ransomware attacks
|Resecurity Released a 2024 Cyber Threat Landscape Forecast
|APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw
|Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor
|Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION
|Europol and ENISA spotted 443 e-stores compromised with digital skimming
|Video game giant Ubisoft investigates reports of a data breach
|LockBit ransomware gang claims to have breached accountancy firm Xeinadin
|Mobile virtual network operator Mint Mobile discloses a data breach
|Akira ransomware gang claims the theft of sensitive data from Nissan Australia
|Member of Lapsus$ gang sentenced to an indefinite hospital order
|Real estate agency exposes details of 690k customers
|ESET fixed a high-severity bug in the Secure Traffic Scanning Feature of several products
|Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware
|Data leak exposes users of car-sharing service Blink Mobility
|Google addressed a new actively exploited Chrome zero-day
|German police seized the dark web marketplace Kingdom Market
|Law enforcement Operation HAECHI IV led to the seizure of $300 Million
|Sophisticated JaskaGO info stealer targets macOS and Windows
|BMW dealer at risk of takeover by cybercriminals
|Comcast’s Xfinity customer data exposed after CitrixBleed attack
|FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it
| |The ransomware attack on Westpole is disrupting digital services for Italian public administration
|Info stealers and how to protect against them
|Pro-Israel Predatory Sparrow hacker group disrupted services at around 70% of Iran’s fuel stations
|Qakbot is back and targets the Hospitality industry
|A supply chain attack on crypto hardware wallet Ledger led to the theft of $600K
|MongoDB investigates a cyberattack, customer data exposed
|InfectedSlurs botnet targets QNAP VioStor NVR vulnerability
|Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION
|New NKAbuse malware abuses NKN decentralized P2P network protocol
|Snatch ransomware gang claims the hack of the food giant Kraft Heinz
|Multiple flaws in pfSense firewall can lead to arbitrary code execution
|BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign
|Data of over a million users of the crypto exchange GokuMarket exposed
|Idaho National Laboratory data breach impacted 45,047 individuals
|Ubiquiti users claim to have access to other people’s devices
|Russia-linked APT29 spotted targeting JetBrains TeamCity servers
|Microsoft seized the US infrastructure of the Storm-1152 cybercrime group
|French authorities arrested a Russian national for his role in the Hive ransomware operation
|China-linked APT Volt Typhoon linked to KV-Botnet
|UK Home Office is ignoring the risk of 'catastrophic ransomware attacks,' report warns
|OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks
|Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks
|December 2023 Microsoft Patch Tuesday fixed 4 critical flaws
|Ukrainian military intelligence service hacked the Russian Federal Taxation Service
|Kyivstar, Ukraine's largest mobile carrier brought down by a cyber attack
|Dubai’s largest taxi app exposes 220K+ users
|Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware
|Apple released iOS 17.2 to address a dozen of security flaws
|Toyota Financial Services discloses a data breach
|Apache fixed Critical RCE flaw CVE-2023-50164 in Struts 2
|CISA adds Qlik Sense flaws to its Known Exploited Vulnerabilities catalog
|CISA and ENISA signed a Working Arrangement to enhance cooperation
|Researcher discovered a new lock screen bypass bug for Android 14 and 13
|WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw
|Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION
|Hacktivists hacked an Irish water utility and interrupted the water supply
|5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips
|Norton Healthcare disclosed a data breach after a ransomware attack
|Bypassing major EDRs using Pool Party process injection techniques
|Founder of Bitzlato exchange has pleaded for unlicensed money transmitting
|Android barcode scanner app exposes user passwords
|UK and US expose Russia Callisto Group's activity and sanction members
|A cyber attack hit Nissan Oceania
|New Krasue Linux RAT targets telecom companies in Thailand
|Atlassian addressed four new RCE flaws in its products
|CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog
|Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode
|GST Invoice Billing Inventory exposes sensitive data to threat actors
|Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw
|ENISA published the ENISA Threat Landscape for DoS Attacks Report
|Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts
|Google fixed critical zero-click RCE in Android
|New P2PInfect bot targets routers and IoT devices
|Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware
|LockBit on a Roll - ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order
|Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices
|New Agent Raccoon malware targets the Middle East, Africa and the US
|Security Affairs newsletter Round 448 by Pierluigi Paganini – INTERNATIONAL EDITION
|Researchers devised an attack technique to extract ChatGPT training data
|Fortune-telling website WeMystic exposes 13M+ user records
|Expert warns of Turtle macOS ransomware
| |CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog
|Apple addressed 2 new iOS zero-day vulnerabilities
|Critical Zoom Room bug allowed to gain access to Zoom Tenants
|Rhysida ransomware group hacked King Edward VII’s Hospital in London
|Google addressed the sixth Chrome Zero-Day vulnerability in 2023
|Okta reveals additional attackers' activities in October 2023 Breach
|Thousands of secrets lurk in app images on Docker Hub
|Threat actors started exploiting critical ownCloud flaw CVE-2023-49103
|International police operation dismantled a prominent Ukraine-based Ransomware group
|Daixin Team group claimed the hack of North Texas Municipal Water District
|Healthcare provider Ardent Health Services disclosed a ransomware attack
|Ukraine's intelligence service hacked Russia's Federal Air Transport Agency, Rosaviatsia
| |The hack of MSP provider CTS potentially impacted hundreds of UK law firms
|Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION
|Rhysida ransomware gang claimed China Energy hack
|North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack
|Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
|App used by hundreds of schools leaking children's data
|Microsoft launched its new Microsoft Defender Bounty Program
|Exposed Kubernetes configuration secrets can fuel supply chain attacks
|North Korea-linked Konni APT uses Russian-language weaponized documents
|ClearFake campaign spreads macOS AMOS information stealer
|Welltok data breach impacted 8.5 million patients in the U.S.
|North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software
|Automotive parts giant AutoZone disclosed data breach after MOVEit hack
|New InfectedSlurs Mirai-based botnet exploits two zero-days
|SiegedSec hacktivist group hacked Idaho National Laboratory (INL)
|CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog
|Citrix provides additional measures to address Citrix Bleed
|Tor Project removed several relays associated with a suspicious cryptocurrency scheme
|Experts warn of a surge in NetSupport RAT attacks against education and government sectors
|The Top 5 Reasons to Use an API Management Platform
|Canadian government impacted by data breaches of two of its contractors
|Rhysida ransomware gang is auctioning data stolen from the British Library
|Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies
|DarkCasino joins the list of APT groups exploiting WinRAR zero-day
|US teenager pleads guilty to his role in credential stuffing attack on a betting site
|Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION
|8Base ransomware operators use a new variant of the Phobos ransomware
|Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
|The board of directors of OpenAI fired Sam Altman
|Medusa ransomware gang claims the hack of Toyota Financial Services
|CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog
|Zimbra zero-day exploited to steal government emails by four groups
|Vietnam Post exposes 1.2TB of data, including email addresses
|Samsung suffered a new data breach
|FBI and CISA warn of attacks by Rhysida ransomware gang
|Critical flaw fixed in SAP Business One product
|Law enforcement agencies dismantled the illegal botnet proxy service IPStorm
|Gamblers’ data compromised after casino giant Strendus fails to set password
| |Danish critical infrastructure hit by the largest cyber attack in Denmark's history
|Major Australian ports blocked after a cyber attack on DP World
|Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024
|CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog
|LockBit ransomware gang leaked data stolen from Boeing
|North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals
|The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
|The State of Maine disclosed a data breach that impacted 1.3M people
|Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION
|Police seized BulletProftLink phishing-as-a-service (PhaaS) platform
|Serbian pleads guilty to running ‘Monopoly’ dark web drug market
|McLaren Health Care revealed that a data breach impacted 2.2 million people
|After ChatGPT, Anonymous Sudan took down the Cloudflare website
|Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack
|SysAid zero-day exploited by Clop ransomware group
|Dolly.com pays ransom, attackers release data anyway
|DDoS attack leads to significant disruption in ChatGPT services
|Russian Sandworm disrupts power in Ukraine with a new OT attack
|Veeam fixed multiple flaws in Veeam ONE, including critical issues
| |Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks
|Critical Confluence flaw exploited in ransomware attacks
|QNAP fixed two critical vulnerabilities in QTS OS and apps
|Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure
|Socks5Systemz proxy service delivered via PrivateLoader and Amadey
|US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors
|Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION
|Lazarus targets blockchain engineers with new KandyKorn macOS Malware
|Kinsing threat actors probed the Looney Tunables flaws in recent attacks
|ZDI discloses four zero-day flaws in Microsoft Exchange
|Okta customer support system breach impacted 134 customers
|Multiple WhatsApp mods spotted containing the CanesSpy Spyware
|Russian FSB arrested Russian hackers who supported Ukrainian cyber operations
|MuddyWater has been spotted targeting two Israeli entities
|Clop group obtained access to the email addresses of about 632,000 US federal employees
|Okta discloses a new data breach after a third-party vendor was hacked
|Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware
|Boeing confirmed its services division suffered a cyberattack
|Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India
|Who is behind the Mozi Botnet kill switch?
|CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog
|Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748
|Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper
|British Library suffers major outage due to cyberattack
|Critical Atlassian Confluence flaw can lead to significant data loss
|WiHD leak exposes details of all torrent users
|Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198
|Canada bans WeChat and Kaspersky apps on government-issued mobile devices
| |Wiki-Slack attack allows redirecting business professionals to malicious websites
|HackerOne awarded over $300 million bug hunters
|StripedFly, a complex malware that infected one million devices without being noticed
|IT Army of Ukraine disrupted internet providers in territories occupied by Russia
|Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION
|Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023
|Lockbit ransomware gang claims to have stolen data from Boeing
|How to Collect Market Intelligence with Residential Proxies?
|F5 urges to address a critical flaw in BIG-IP
|Hello Alfred app exposes user data
|iLeakage attack exploits Safari to steal data from Apple devices
|Cloudflare mitigated 89 hyper-volumetric HTTP distributed DDoS attacks exceeding 100 million rps
|Seiko confirmed a data breach after BlackCat attack
|Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks
|Pwn2Own Toronto 2023 Day 1 - organizers awarded $438,750 in prizes
|VMware addressed critical vCenter flaw also for End-of-Life products
|Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
|New England Biolabs leak sensitive data
|Former NSA employee pleads guilty to attempted selling classified documents to Russia
|Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now!
|How did the Okta Support breach impact 1Password?
|PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web
|Spain police dismantled a cybercriminal group who stole the data of 4 million individuals
|CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog
|Cisco warns of a second IOS XE zero-day used to infect devices worldwide
|City of Philadelphia suffers a data breach
|SolarWinds fixed three critical RCE flaws in its Access Rights Manager product
|Don't use AI-based apps, Philippine defense ordered its personnel
|Vietnamese threat actors linked to DarkGate malware campaign
|MI5 chief warns of Chinese cyber espionage reached an unprecedented scale
|The attack on the International Criminal Court was targeted and sophisticated
|Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION
|A threat actor is selling access to Facebook and Instagram's Police Portal
|Threat actors breached Okta support system and stole customers' data
|US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide
|Alleged developer of the Ragnar Locker ransomware was arrested
|CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog
|Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198
|Law enforcement operation seized Ragnar Locker group's infrastructure
|THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!
|North Korea-linked APT groups actively exploit JetBrains TeamCity flaw
|Multiple APT groups exploited WinRAR flaw CVE-2023-38831
|Californian IT company DNA Micro leaks private mobile phone data
| |A flaw in Synology DiskStation Manager allows admin account takeover
|D-Link confirms data breach, but downplayed the impact
|CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems
|Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers
|Ransomware realities in 2023: one employee mistake can cost a company millions
|Malware-laced 'RedAlert - Rocket Alerts' app targets Israeli users
|Cisco warns of active exploitation of IOS XE zero-day
|Signal denies claims of an alleged zero-day flaw in its platform
|Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm
|DarkGate malware campaign abuses Skype and Teams
|The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital
|Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION
|Lockbit ransomware gang demanded an 80 million ransom to CDW
|CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks
| |FBI and CISA published a new advisory on AvosLocker ransomware
|More than 17,000 WordPress websites infected with the Balada Injector in September
|Ransomlooker, a new tool to track and analyze ransomware groups' activities
|Phishing, the campaigns that are targeting Italy
|A new Magecart campaign hides the malicious code in 404 error page
|CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog
|Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers
|Air Europa data breach exposed customers' credit cards
|#OpIsrael, #FreePalestine & #OpSaudiArabia - How Cyber Actors Capitalize On War Actions Via Psy-Ops
|Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws
|New 'HTTP/2 Rapid Reset' technique behind record-breaking DDoS attacks
|Exposed security cameras in Israel and Palestine pose significant risks
|A flaw in libcue library impacts GNOME Linux systems
|Hacktivists in Palestine and Israel after SCADA and other industrial control systems
|Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519
|The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum
|Gaza-linked hackers and Pro-Russia groups are targeting Israel
|Flagstar Bank suffered a data breach once again
|Android devices shipped with backdoored firmware as part of the BADBOX network
|Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition
|North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime
|QakBot threat actors are still operational after the August takedown
|Ransomware attack on MGM Resorts costs $110 Million
|Cybersecurity, why a hotline number could be important?
|Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables
|Cisco Emergency Responder is affected by a critical Static Credentials bug. Fix it immediately!
|Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege
|CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog
|NATO is investigating a new cyber attack claimed by the SiegedSec group
|Global CRM Provider Exposed Millions of Clients’ Files Online
|Sony sent data breach notifications to about 6,800 individuals
|Apple fixed the 17th zero-day flaw exploited in attacks
|Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks
|A cyberattack disrupted Lyca Mobile services
|Chipmaker Qualcomm warns of three actively exploited zero-days
|DRM Report Q2 2023 - Ransomware threat landscape
|Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform
|San Francisco’s transport agency exposes drivers’ parking permits and addresses
|BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums
|Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)
|Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV
|European Telecommunications Standards Institute (ETSI) suffered a data breach
|WS_FTP flaw CVE-2023-40044 actively exploited in the wild
| |North Korea-linked Lazarus targeted a Spanish aerospace company
|Ransomware attack on Johnson Controls may have exposed sensitive DHS data
|BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care
|Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition
|ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One
|FBI warns of dual ransomware attacks
|Progress Software fixed two critical severity flaws in WS_FTP Server
|Child abuse site taken down, organized child exploitation crime suspected – exclusive
|A still unpatched zero-day RCE impacts more than 3.5M Exim servers
|Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach
|Misconfigured WBSC server leaks thousands of passports
|CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog
|Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109
|Dark Angels Team ransomware group hit Johnson Controls
|GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023
|Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices
|China-linked APT BlackTech was spotted hiding in Cisco router firmware
|Watch out! CVE-2023-5129 in libwebp library affects millions applications
|DarkBeam leaks billions of email and password combinations
| |Top 5 Problems Solved by Data Lineage
|Threat actors claim the hack of Sony, and the company investigates
|Canadian Flair Airlines left user data leaking for months
|The Rhysida ransomware group hit the Kuwait Ministry of Finance
|BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients
|Xenomorph malware is back after months of hiatus and expands the list of targets
|Smishing Triad Stretches Its Tentacles into the United Arab Emirates
|Crooks stole $200 million worth of assets from Mixin Network
|A phishing campaign targets Ukrainian military entities with drone manual lures
|Alert! Patch your TeamCity instance to avoid server hack
|Is Gelsemium APT behind a targeted attack in Southeast Asian Government?
|Nigerian National pleads guilty to participating in a millionaire BEC scheme
|New variant of BBTok Trojan targets users of +40 banks in LATAM
|Deadglyph, a very sophisticated and unknown backdoor targets the Middle East
|Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars
|Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition
|National Student Clearinghouse data breach impacted approximately 900 US schools
|Government of Bermuda blames Russian threat actors for the cyber attack
| | |Information of Air Canada employees exposed in recent cyberattack
|Sandman APT targets telcos with LuaDream backdoor
|Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws
|Ukrainian hackers are behind the Free Download Manager supply chain attack
|Space and defense tech maker Exail Technologies exposes database access
| |Experts found critical flaws in Nagios XI network monitoring software
|The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs
|International Criminal Court hit with a cyber attack
|GitLab addressed critical vulnerability CVE-2023-5009
|Trend Micro addresses actively exploited zero-day in Apex One and other security Products
|ShroudedSnooper threat actors target telecom companies in the Middle East
|Recent cyber attack is causing Clorox products shortage
|Earth Lusca expands its arsenal with SprySOCKS Linux malware
|Microsoft AI research division accidentally exposed 38TB of sensitive data
|German intelligence warns cyberattacks could target liquefied natural gas (LNG) terminals
| |FBI hacker USDoD leaks highly sensitive TransUnion data
|North Korea's Lazarus APT stole almost $240 million in crypto assets since June
|Clop gang stolen data from major North Carolina hospitals
|CardX released a data leak notification impacting their customers in Thailand
|Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition
|TikTok fined €345M by Irish DPC for violating children’s privacy
|Dariy Pankov, the NLBrute malware author, pleads guilty
|Dangerous permissions detected in top Android health apps
|Caesars Entertainment paid a ransom to avoid stolen data leaks
|Free Download Manager backdoored to serve Linux malware for more than 3 years
| |The iPhone of a Russian journalist was infected with the Pegasus spyware
|Kubernetes flaws could lead to remote code execution on Windows endpoints
|Threat actor leaks sensitive data belonging to Airbus
|A new ransomware family called 3AM appears in the threat landscape
|Redfly group infiltrated an Asian national grid as long as six months
|Mozilla fixed a critical zero-day in Firefox and Thunderbird
|Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws
|Save the Children confirms it was hit by cyber attack
|Adobe fixed actively exploited zero-day in Acrobat and Reader
|A new Repojacking attack exposed over 4,000 GitHub repositories to hack
|MGM Resorts hit by a cyber attack
|Anonymous Sudan launched a DDoS attack against Telegram
| |GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023
|CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog
|UK and US sanctioned 11 members of the Russia-based TrickBot gang
|New HijackLoader malware is rapidly growing in popularity in the cybercrime community
|Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable
|Evil Telegram campaign: Trojanized Telegram apps found on Google Play
|Rhysida Ransomware gang claims to have hacked three more US hospitals
|Akamai prevented the largest DDoS attack on a US financial company
|Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition
|US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog
|Ragnar Locker gang leaks data stolen from the Israel's Mayanei Hayeshua hospital
|North Korea-linked threat actors target cybersecurity experts with a zero-day
|Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks
|Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware
|Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs
|A malvertising campaign is delivering a new version of the macOS Atomic Stealer
|Two flaws in Apache SuperSet allow to remotely hack servers
|Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake
|Google addressed an actively exploited zero-day in Android
|A zero-day in Atlas VPN Linux Client leaks users' IP address
|MITRE and CISA release Caldera for OT attack emulation
|ASUS routers are affected by three critical remote code execution flaws
|Hackers stole $41M worth of crypto assets from crypto gambling firm Stake
|Freecycle data breach impacted 7 Million users
|Meta disrupted two influence campaigns from China and Russia
|A massive DDoS attack took down the site of the German financial agency BaFin
|"Smishing Triad" Targeted USPS and US Citizens for Data Theft
|University of Sydney suffered a security breach caused by a third-party service provider
|Cybercrime will cost Germany $224 billion in 2023
|PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks
|Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition
|LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)
|UNRAVELING EternalBlue: inside the WannaCry’s enabler
|Researchers released a free decryptor for the Key Group ransomware
|Fashion retailer Forever 21 data breach impacted +500,000 individuals
|Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware
|Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication
|Paramount Global disclosed a data breach
| |Abusing Windows Container Isolation Framework to avoid detection by security products
|Critical RCE flaw impacts VMware Aria Operations Networks
|UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw
| |FIN8-linked actor targets Citrix NetScaler systems
|Japan's JPCERT warns of new 'MalDoc in PDF' attack technique
|Attackers can discover IP address by sending a link over the Skype mobile app
|Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software
|Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
|Crypto investor data exposed by a SIM swapping attack against a Kroll employee
|China-linked Flax Typhoon APT targets Taiwan
|Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035
|Resecurity identified a zero-day vulnerability in Schneider Electric Accutech Manager
|
Bengali (Bangladesh) · 
English (United States) ·