securityaffairs.com
Open in
urlscan Pro
2606:4700:3031::ac43:8cd3
Public Scan
Submitted URL: http://securityaffairs.com/
Effective URL: https://securityaffairs.com/
Submission: On March 15 via manual from NL — Scanned from NL
Effective URL: https://securityaffairs.com/
Submission: On March 15 via manual from NL — Scanned from NL
Form analysis 2 forms found in the DOM
GET https://securityaffairs.com
<form method="get" action="https://securityaffairs.com">
<input type="search" name="s" placeholder="Search.." class="site-search-field" value="">
<input type="submit" class="sm-icon">
</form>POST /#wpcf7-f149934-o1
<form action="/#wpcf7-f149934-o1" method="post" class="wpcf7-form init" aria-label="Contact form" novalidate="novalidate" data-status="init">
<div style="display: none;">
<input type="hidden" name="_wpcf7" value="149934">
<input type="hidden" name="_wpcf7_version" value="5.9">
<input type="hidden" name="_wpcf7_locale" value="en_US">
<input type="hidden" name="_wpcf7_unit_tag" value="wpcf7-f149934-o1">
<input type="hidden" name="_wpcf7_container_post" value="0">
<input type="hidden" name="_wpcf7_posted_data_hash" value="">
</div>
<div class="form-field"><span class="wpcf7-form-control-wrap" data-name="your-email"><input size="40" class="wpcf7-form-control wpcf7-email wpcf7-validates-as-required wpcf7-text wpcf7-validates-as-email" autocomplete="email" aria-required="true"
aria-invalid="false" placeholder="Your email address" value="" type="email" name="your-email"></span><input class="wpcf7-form-control wpcf7-submit has-spinner" type="submit" value="SIGN UP"><span class="wpcf7-spinner"></span></div>
<div class="wpcf7-response-output" aria-hidden="true"></div>
</form>Text Content
WE VALUE YOUR PRIVACY We and our partners store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click to consent to our and our 748 partners’ processing as described above. Alternatively you may access more detailed information and change your preferences before consenting or to refuse consenting. Please note that some processing of your personal data may not require your consent, but you have a right to object to such processing. Your preferences will apply to this website only. You can change your preferences at any time by returning to this site or visit our privacy policy. MORE OPTIONSAGREE * Home * Cyber Crime * Cyber warfare * APT * Data Breach * Deep Web * Digital ID * Hacking * Hacktivism * Intelligence * Internet of Things * Laws and regulations * Malware * Mobile * Reports * Security * Social Networks * Terrorism * ICS-SCADA * POLICIES * Contact me MUST READ Cisco fixed high-severity elevation of privilege and DoS bugs | Recent DarkGate campaign exploited Microsoft Windows zero-day | Nissan Oceania data breach impacted roughly 100,000 people | Researchers found multiple flaws in ChatGPT plugins | Fortinet fixes critical bugs in FortiOS, FortiProxy, and FortiClientEMS | Acer Philippines disclosed a data breach after a third-party vendor hack | Stanford University announced that 27,000 individuals were impacted in the 2023 ransomware attack | Microsoft Patch Tuesday security updates for March 2024 fixed 59 flaws | Russia's Foreign Intelligence Service (SVR) alleges US is plotting to interfere in presidential election | First-ever South Korean national detained for espionage in Russia | Insurance scams via QR codes: how to recognise and defend yourself | Massive cyberattacks hit French government agencies | BianLian group exploits JetBrains TeamCity bugs in ransomware attacks | Experts released PoC exploit for critical Progress Software OpenEdge bug | Magnet Goblin group used a new Linux variant of NerbianRAT malware | Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites | Lithuania security services warn of China's espionage against the country | Security Affairs newsletter Round 462 by Pierluigi Paganini – INTERNATIONAL EDITION | Threat actors breached two crucial systems of the US CISA | CISA adds JetBrains TeamCity bug to its Known Exploited Vulnerabilities catalog | Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices | QNAP fixed three flaws in its NAS devices, including an authentication bypass | Russia-linked Midnight Blizzard breached Microsoft systems again | Cisco addressed severe flaws in its Secure Client | Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration. | 2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023 | National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election | CISA adds Apple iOS and iPadOS memory corruption bugs to its Known Exploited Vulnerabilities Catalog | Linux Malware targets misconfigured misconfigured Apache Hadoop, Confluence, Docker, and Redis servers | CISA ADDS ANDROID PIXEL AND SUNHILLO SURELINE BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG | Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks | LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage | Apple emergency security updates fix two new iOS zero-days | VMware urgent updates addressed Critical ESXi Sandbox Escape bugs | US Gov sanctioned Intellexa Consortium individuals and entities behind Predator spyware attacks | CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG | Experts disclosed two severe flaws in JetBrains TeamCity On-Premises software | Ukraine's GUR hacked the Russian Ministry of Defense | Some American Express customers' data exposed in a third-party data breach | META hit with privacy complaints by EU consumer groups | New GTPDOOR backdoor is designed to target telecom carrier networks | Threat actors hacked Taiwan-based Chunghwa Telecom | New Linux variant of BIFROSE RAT uses deceptive domain strategies | Eken camera doorbells allow ill-intentioned individuals to spy on you | Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION | U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp | U.S. authorities charged an Iranian national for long-running hacking campaign | US cyber and law enforcement agencies warn of Phobos ransomware attacks | Police seized Crimemarket, the largest German-speaking cybercrime marketplace | Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws | Crooks stole €15 Million from European retail company Pepco | CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog | Researchers found a zero-click Facebook account takeover | New SPIKEDWINE APT group is targeting officials in Europe | Is the LockBit gang resuming its operation? | Lazarus APT exploited zero-day in Windows driver to gain kernel privileges | Pharmaceutical giant Cencora discloses a data breach | Unmasking 2024's Email Security Landscape | FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector | Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations | Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs | XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk | Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION | US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES | New Redis miner Migo uses novel system weakening techniques | Critical flaw found in deprecated VMware EAP. Uninstall it immediately | Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers | ConnectWise fixed critical flaws in ScreenConnect remote access tool | More details about Operation Cronos that disrupted Lockbit operation | Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric | Operation Cronos: law enforcement disrupted the LockBit operation | A Ukrainian Raccoon Infostealer operator is awaiting trial in the US | Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS | How BRICS Got "Rug Pulled" – Cryptocurrency Counterfeiting is on the Rise | SolarWinds addressed critical RCEs in Access Rights Manager (ARM) | ESET fixed high-severity local privilege escalation bug in Windows products | Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION | Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes | CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks | CISA adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog | US gov offers a reward of up to $10M for info on ALPHV/Blackcat gang leaders | U.S. CISA: hackers breached a state government organization | Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs | US Gov dismantled the Moobot botnet controlled by Russia-linked APT28 | A cyberattack halted operations at Varta production plants | North Korea-linked actors breached the emails of a Presidential Office member | CISA adds Microsoft Windows bugs to its Known Exploited Vulnerabilities catalog | Nation-state actors are using AI services and LLMs for cyberattacks | Abusing the Ubuntu 'command-not-found' utility to install malicious packages | Zoom fixed critical flaw CVE-2024-24691 in Windows software | Adobe Patch Tuesday fixed critical vulnerabilities in Magento, Acrobat and Reader | Microsoft Patch Tuesday for February 2024 fixed 2 actively exploited 0-days | A ransomware attack took 100 Romanian hospitals down | Bank of America customer data compromised after a third-party services provider data breach | Ransomfeed - Third Quarter Report 2023 is out! | Global Malicious Activity Targeting Elections is Skyrocketing | Researchers released a free decryption tool for the Rhysida Ransomware | Residential Proxies vs. Datacenter Proxies: Choosing the Right Option | CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog | Canada Gov plans to ban the Flipper Zero to curb car thefts | 9 Possible Ways Hackers Can Use Public Wi-Fi to Steal Your Sensitive Data | US Feds arrested two men involved in the Warzone RAT operation | Raspberry Robin spotted using two new 1-day LPE exploits | Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION | CISA adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog | macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations | Exploiting a vulnerable Minifilter Driver to create a process killer | Black Basta ransomware gang hacked Hyundai Motor Europe | Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN | Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices | 26 Cyber Security Stats Every User Should Be Aware Of in 2024 | US offers $10 million reward for info on Hive ransomware group leaders | Unraveling the truth behind the DDoS attack from electric toothbrushes | China-linked APT Volt Typhoon remained undetected for years in US infrastructure | Cisco fixes critical Expressway Series CSRF vulnerabilities | CISA adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog | Fortinet addressed two critical FortiSIEM vulnerabilities | Experts warn of a critical bug in JetBrains TeamCity On-Premises | Critical shim bug impacts every Linux boot loader signed in the past decade | China-linked APT deployed malware in a network of the Dutch Ministry of Defence | Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG | Google fixed an Android critical remote code execution flaw | A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e | U.S. Gov imposes visa restrictions on individuals misusing Commercial Spyware | HPE is investigating claims of a new security breach | Experts warn of a surge of attacks targeting Ivanti SSRF flaw | How to hack the Airbus NAVBLUE Flysmart+ Manager | Crooks stole $25.5 million from a multinational firm using a 'deepfake' video call | Software firm AnyDesk disclosed a security breach | The 'Mother of all Breaches': Navigating the Aftermath and Fortifying Your Data with DSPM | US government imposed sanctions on six Iranian intel officials | A cyberattack impacted operations at Lurie Children's Hospital | AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web | Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION | Clorox estimates the costs of the August cyberattack will exceed $49 Million | Mastodon fixed a flaw that can allow the takeover of any account | Iranian hackers breached Albania’s Institute of Statistics (INSTAT) | Operation Synergia led to the arrest of 31 individuals | Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison | Cloudflare breached on Thanksgiving Day, but the attack was promptly contained | PurpleFox malware infected at least 2,000 computers in Ukraine | Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping | CISA orders federal agencies to disconnect Ivanti VPN instances by February 2 | Multiple malware used in attacks exploiting Ivanti VPN flaws | Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k | Crooks stole around $112 million worth of XRP from Ripple’s co-founder | CISA adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog | Ivanti warns of a new actively exploited zero-day | Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware | Data leak at fintech giant Direct Trading Technologies | Root access vulnerability in GNU Library C (glibc) impacts many Linux distros | Italian data protection authority said that ChatGPT violated EU privacy laws | 750 million Indian mobile subscribers' data offered for sale on dark web | Juniper Networks released out-of-band updates to fix high-severity flaws | Hundreds of network operators’ credentials found circulating in Dark Web | Cactus ransomware gang claims the Schneider Electric hack | Mercedes-Benz accidentally exposed sensitive data, including source code | Experts detailed Microsoft Outlook flaw that can leak NTLM v2 hashed passwords | NSA buys internet browsing records from data brokers without a warrant | Ukraine’s SBU arrested a member of Pro-Russia hackers group 'Cyber Army of Russia' | Multiple PoC exploits released for Jenkins flaw CVE-2024-23897 | Medusa ransomware attack hit Kansas City Area Transportation Authority | Security Affairs newsletter Round 456 by Pierluigi Paganini – INTERNATIONAL EDITION | Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center | Participants earned more than $1.3M at the Pwn2Own Automotive competition | A TrickBot malware developer sentenced to 64 months in prison | Russian Midnight Blizzard APT is targeting orgs worldwide, Microsoft warns | Watch out, experts warn of a critical flaw in Jenkins | Pwn2Own Automotive 2024 Day 2 - Tesla hacked again | Yearly Intel Trend Review: The 2023 RedSense report | Cisco warns of a critical bug in Unified Communications products, patch it now! | Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE) | CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog | 5379 GitLab servers vulnerable to zero-click account takeover attacks | Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204 | Splunk fixed high-severity flaw impacting Windows versions | Watch out, a new critical flaw affects Fortra GoAnywhere MFT | Australian government announced sanctions for Medibank hacker | LoanDepot data breach impacted roughly 16.6 individuals | Black Basta gang claims the hack of the UK water utility Southern Water | CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog | Mother of all breaches - a historic data leak reveals 26 billion records: check what's exposed | Apple fixed actively exploited zero-day CVE-2024-23222 | “My Slice”, an Italian adaptive phishing campaign | Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell | Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web | Backdoored pirated applications targets Apple macOS users | LockBit ransomware gang claims the attack on the sandwich chain Subway | Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION | Admin of the BreachForums hacking forum sentenced to 20 years supervised release | VF Corp December data breach impacts 35 million customers | China-linked APT UNC3886 exploits VMware zero-day since 2021 | Ransomware attacks break records in 2023: the number of victims rose by 128% | U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082 | The Quantum Computing Cryptopocalypse – I’ll Know It When I See It | Kansas State University suffered a serious cybersecurity incident | CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog | Google TAG warns that Russian COLDRIVER APT is using a custom backdoor | PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts | iShutdown lightweight method allows to discover spyware infections on iPhones | Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos | Github rotated credentials after the discovery of a vulnerability | FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation | Citrix warns admins to immediately patch NetScaler for actively exploited zero-days | Google fixed the first actively exploited Chrome zero-day of 2024 | Atlassian fixed critical RCE in older Confluence versions | VMware fixed a critical flaw in Aria Automation. Patch it now! | Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws | Experts warn of a vulnerability affecting Bosch BCC100 Thermostat | Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack | Phemedrone info stealer campaign exploits Windows smartScreen bypass | Balada Injector continues to infect thousands of WordPress sites | Attackers target Apache Hadoop and Flink to deliver cryptominers | Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic | Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION | GitLab fixed a critical zero-click account hijacking flaw | Juniper Networks fixed a critical RCE bug in its firewalls and switches | Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election | Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 | Team Liquid’s wiki leak exposes 118K users | CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog | Two zero-day bugs in Ivanti Connect Secure actively exploited | X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected | Cisco fixed critical Unity Connection vulnerability CVE-2024-20272 | ShinyHunters member sentenced to three years in prison | HMG Healthcare disclosed a data breach | Threat actors hacked the X account of the Securities and Exchange Commission (SEC) and announced fake Bitcoin ETF approval | Decryptor for Tortilla variant of Babuk ransomware released | Microsoft Patch Tuesday for January 2024 fixed 2 critical flaws | CISA adds Apache Superset bug to its Known Exploited Vulnerabilities catalog | Syrian group Anonymous Arabic distributes stealthy malware Silver RAT | Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications | DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace | Long-existing Bandook RAT targets Windows machines | A cyber attack hit the Beirut International Airport | Iranian crypto exchange Bit24.cash leaks user passports and IDs | Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION | Turkish Sea Turtle APT targets Dutch IT and Telecom firms | Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea | Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages | The source code of Zeppelin Ransomware sold on a hacking forum | Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months | Ivanti fixed a critical EPM flaw that can result in remote code execution | MyEstatePoint Property Search Android app leaks user passwords | Hacker hijacked Orange Spain RIPE account causing internet outage to company customers | HealthEC data breach impacted more than 4.5 Million people | Experts found 3 malicious packages hiding crypto miners in PyPi repository | Crooks hacked Mandiant X account to push cryptocurrency scam | Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud | CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG | Don’t trust links with known domains: BMW affected by redirect vulnerability | Hackers stole more than $81 million worth of crypto assets from Orbit Chain | Ukraine’s SBU said that Russia's intelligence hacked surveillance cameras to direct a missile strike on Kyiv | Experts warn of JinxLoader loader used to spread Formbook and XLoader | Terrapin attack allows to downgrade SSH protocol security | Multiple organizations in Iran were breached by a mysterious hacker | Top 2023 Security Affairs cybersecurity stories | Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies | Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop | Google agreed to settle a $5 billion privacy lawsuit | Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION | INC RANSOM ransomware gang claims to have breached Xerox Corp | Spotify music converter TuneFab puts users at risk | Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania | Russia-linked APT28 used new malware in a recent phishing campaign | Clash of Clans gamers at risk while using third-party app | New Version of Meduza Stealer Released in Dark Web | Operation Triangulation attacks relied on an undocumented hardware feature | Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data | Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network | Experts warn of critical Zero-Day in Apache OfBiz | Xamalicious Android malware distributed through the Play Store | Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841 | Elections 2024, artificial intelligence could upset world balances | Experts analyzed attacks against poorly managed Linux SSH servers | A cyberattack hit Australian healthcare provider St Vincent’s Health Australia | Rhysida ransomware group hacked Abdali Hospital in Jordan | Carbanak malware returned in ransomware attacks | Resecurity Released a 2024 Cyber Threat Landscape Forecast | APT group UAC-0099 targets Ukraine exploiting a WinRAR flaw | Iran-linked APT33 targets Defense Industrial Base sector with FalseFont backdoor | Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION | Europol and ENISA spotted 443 e-stores compromised with digital skimming | Video game giant Ubisoft investigates reports of a data breach | LockBit ransomware gang claims to have breached accountancy firm Xeinadin | Mobile virtual network operator Mint Mobile discloses a data breach | Akira ransomware gang claims the theft of sensitive data from Nissan Australia | Member of Lapsus$ gang sentenced to an indefinite hospital order | Real estate agency exposes details of 690k customers | ESET fixed a high-severity bug in the Secure Traffic Scanning Feature of several products | Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware | Data leak exposes users of car-sharing service Blink Mobility | Google addressed a new actively exploited Chrome zero-day | German police seized the dark web marketplace Kingdom Market | Law enforcement Operation HAECHI IV led to the seizure of $300 Million | Sophisticated JaskaGO info stealer targets macOS and Windows | BMW dealer at risk of takeover by cybercriminals | Comcast’s Xfinity customer data exposed after CitrixBleed attack | FBI claims to have dismantled AlphV/Blackcat ransomware operation, but the group denies it | Smishing Triad: Cybercriminals Impersonate UAE Federal Authority for Identity and Citizenship on the Peak of Holidays Season | The ransomware attack on Westpole is disrupting digital services for Italian public administration | Info stealers and how to protect against them | Pro-Israel Predatory Sparrow hacker group disrupted services at around 70% of Iran’s fuel stations | Qakbot is back and targets the Hospitality industry | A supply chain attack on crypto hardware wallet Ledger led to the theft of $600K | MongoDB investigates a cyberattack, customer data exposed | InfectedSlurs botnet targets QNAP VioStor NVR vulnerability | Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION | New NKAbuse malware abuses NKN decentralized P2P network protocol | Snatch ransomware gang claims the hack of the food giant Kraft Heinz | Multiple flaws in pfSense firewall can lead to arbitrary code execution | BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign | Data of over a million users of the crypto exchange GokuMarket exposed | Idaho National Laboratory data breach impacted 45,047 individuals | Ubiquiti users claim to have access to other people’s devices | Russia-linked APT29 spotted targeting JetBrains TeamCity servers | Microsoft seized the US infrastructure of the Storm-1152 cybercrime group | French authorities arrested a Russian national for his role in the Hive ransomware operation | China-linked APT Volt Typhoon linked to KV-Botnet | UK Home Office is ignoring the risk of 'catastrophic ransomware attacks,' report warns | OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks | Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks | December 2023 Microsoft Patch Tuesday fixed 4 critical flaws | Ukrainian military intelligence service hacked the Russian Federal Taxation Service | Kyivstar, Ukraine's largest mobile carrier brought down by a cyber attack | Dubai’s largest taxi app exposes 220K+ users | Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware | Apple released iOS 17.2 to address a dozen of security flaws | Toyota Financial Services discloses a data breach | Apache fixed Critical RCE flaw CVE-2023-50164 in Struts 2 | CISA adds Qlik Sense flaws to its Known Exploited Vulnerabilities catalog | CISA and ENISA signed a Working Arrangement to enhance cooperation | Researcher discovered a new lock screen bypass bug for Android 14 and 13 | WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw | Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION | Hacktivists hacked an Irish water utility and interrupted the water supply | 5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips | Norton Healthcare disclosed a data breach after a ransomware attack | Bypassing major EDRs using Pool Party process injection techniques | Founder of Bitzlato exchange has pleaded for unlicensed money transmitting | Android barcode scanner app exposes user passwords | UK and US expose Russia Callisto Group's activity and sanction members | A cyber attack hit Nissan Oceania | New Krasue Linux RAT targets telecom companies in Thailand | Atlassian addressed four new RCE flaws in its products | CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog | Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode | GST Invoice Billing Inventory exposes sensitive data to threat actors | Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw | ENISA published the ENISA Threat Landscape for DoS Attacks Report | Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts | Google fixed critical zero-click RCE in Android | New P2PInfect bot targets routers and IoT devices | Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware | LockBit on a Roll - ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order | Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices | New Agent Raccoon malware targets the Middle East, Africa and the US | Security Affairs newsletter Round 448 by Pierluigi Paganini – INTERNATIONAL EDITION | Researchers devised an attack technique to extract ChatGPT training data | Fortune-telling website WeMystic exposes 13M+ user records | Expert warns of Turtle macOS ransomware | Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 | CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog | Apple addressed 2 new iOS zero-day vulnerabilities | Critical Zoom Room bug allowed to gain access to Zoom Tenants | Rhysida ransomware group hacked King Edward VII’s Hospital in London | Google addressed the sixth Chrome Zero-Day vulnerability in 2023 | Okta reveals additional attackers' activities in October 2023 Breach | Thousands of secrets lurk in app images on Docker Hub | Threat actors started exploiting critical ownCloud flaw CVE-2023-49103 | International police operation dismantled a prominent Ukraine-based Ransomware group | Daixin Team group claimed the hack of North Texas Municipal Water District | Healthcare provider Ardent Health Services disclosed a ransomware attack | Ukraine's intelligence service hacked Russia's Federal Air Transport Agency, Rosaviatsia | Iranian hacker group Cyber Av3ngers hacked the Municipal Water Authority of Aliquippa in Pennsylvania | The hack of MSP provider CTS potentially impacted hundreds of UK law firms | Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION | Rhysida ransomware gang claimed China Energy hack | North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack | Hamas-linked APT uses Rust-based SysJoker backdoor against Israel | App used by hundreds of schools leaking children's data | Microsoft launched its new Microsoft Defender Bounty Program | Exposed Kubernetes configuration secrets can fuel supply chain attacks | North Korea-linked Konni APT uses Russian-language weaponized documents | ClearFake campaign spreads macOS AMOS information stealer | Welltok data breach impacted 8.5 million patients in the U.S. | North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software | Automotive parts giant AutoZone disclosed data breach after MOVEit hack | New InfectedSlurs Mirai-based botnet exploits two zero-days | SiegedSec hacktivist group hacked Idaho National Laboratory (INL) | CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog | Citrix provides additional measures to address Citrix Bleed | Tor Project removed several relays associated with a suspicious cryptocurrency scheme | Experts warn of a surge in NetSupport RAT attacks against education and government sectors | The Top 5 Reasons to Use an API Management Platform | Canadian government impacted by data breaches of two of its contractors | Rhysida ransomware gang is auctioning data stolen from the British Library | Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies | DarkCasino joins the list of APT groups exploiting WinRAR zero-day | US teenager pleads guilty to his role in credential stuffing attack on a betting site | Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION | 8Base ransomware operators use a new variant of the Phobos ransomware | Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine | The board of directors of OpenAI fired Sam Altman | Medusa ransomware gang claims the hack of Toyota Financial Services | CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog | Zimbra zero-day exploited to steal government emails by four groups | Vietnam Post exposes 1.2TB of data, including email addresses | Samsung suffered a new data breach | FBI and CISA warn of attacks by Rhysida ransomware gang | Critical flaw fixed in SAP Business One product | Law enforcement agencies dismantled the illegal botnet proxy service IPStorm | Gamblers’ data compromised after casino giant Strendus fails to set password | VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance | Danish critical infrastructure hit by the largest cyber attack in Denmark's history | Major Australian ports blocked after a cyber attack on DP World | Nuclear and Oil & Gas are Major Targets of Ransomware Groups in 2024 | CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog | LockBit ransomware gang leaked data stolen from Boeing | North Korea-linked APT Sapphire Sleet targets IT job seekers with bogus skills assessment portals | The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital | The State of Maine disclosed a data breach that impacted 1.3M people | Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION | Police seized BulletProftLink phishing-as-a-service (PhaaS) platform | Serbian pleads guilty to running ‘Monopoly’ dark web drug market | McLaren Health Care revealed that a data breach impacted 2.2 million people | After ChatGPT, Anonymous Sudan took down the Cloudflare website | Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack | SysAid zero-day exploited by Clop ransomware group | Dolly.com pays ransom, attackers release data anyway | DDoS attack leads to significant disruption in ChatGPT services | Russian Sandworm disrupts power in Ukraine with a new OT attack | Veeam fixed multiple flaws in Veeam ONE, including critical issues | Pro-Palestinian hackers group 'Soldiers of Solomon' disrupted the production cycle of the biggest flour production plant in Israel | Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks | Critical Confluence flaw exploited in ransomware attacks | QNAP fixed two critical vulnerabilities in QTS OS and apps | Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure | Socks5Systemz proxy service delivered via PrivateLoader and Amadey | US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors | Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION | Lazarus targets blockchain engineers with new KandyKorn macOS Malware | Kinsing threat actors probed the Looney Tunables flaws in recent attacks | ZDI discloses four zero-day flaws in Microsoft Exchange | Okta customer support system breach impacted 134 customers | Multiple WhatsApp mods spotted containing the CanesSpy Spyware | Russian FSB arrested Russian hackers who supported Ukrainian cyber operations | MuddyWater has been spotted targeting two Israeli entities | Clop group obtained access to the email addresses of about 632,000 US federal employees | Okta discloses a new data breach after a third-party vendor was hacked | Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware | Boeing confirmed its services division suffered a cyberattack | Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India | Who is behind the Mozi Botnet kill switch? | CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog | Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748 | Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper | British Library suffers major outage due to cyberattack | Critical Atlassian Confluence flaw can lead to significant data loss | WiHD leak exposes details of all torrent users | Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198 | Canada bans WeChat and Kaspersky apps on government-issued mobile devices | Florida man sentenced to prison for SIM Swapping conspiracy that led to theft of $1M in cryptocurrency | Wiki-Slack attack allows redirecting business professionals to malicious websites | HackerOne awarded over $300 million bug hunters | StripedFly, a complex malware that infected one million devices without being noticed | IT Army of Ukraine disrupted internet providers in territories occupied by Russia | Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION | Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023 | Lockbit ransomware gang claims to have stolen data from Boeing | How to Collect Market Intelligence with Residential Proxies? | F5 urges to address a critical flaw in BIG-IP | Hello Alfred app exposes user data | iLeakage attack exploits Safari to steal data from Apple devices | Cloudflare mitigated 89 hyper-volumetric HTTP distributed DDoS attacks exceeding 100 million rps | Seiko confirmed a data breach after BlackCat attack | Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks | Pwn2Own Toronto 2023 Day 1 - organizers awarded $438,750 in prizes | VMware addressed critical vCenter flaw also for End-of-Life products | Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately | New England Biolabs leak sensitive data | Former NSA employee pleads guilty to attempted selling classified documents to Russia | Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now! | How did the Okta Support breach impact 1Password? | PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web | Spain police dismantled a cybercriminal group who stole the data of 4 million individuals | CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog | Cisco warns of a second IOS XE zero-day used to infect devices worldwide | City of Philadelphia suffers a data breach | SolarWinds fixed three critical RCE flaws in its Access Rights Manager product | Don't use AI-based apps, Philippine defense ordered its personnel | Vietnamese threat actors linked to DarkGate malware campaign | MI5 chief warns of Chinese cyber espionage reached an unprecedented scale | The attack on the International Criminal Court was targeted and sophisticated | Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION | A threat actor is selling access to Facebook and Instagram's Police Portal | Threat actors breached Okta support system and stole customers' data | US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide | Alleged developer of the Ragnar Locker ransomware was arrested | CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog | Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198 | Law enforcement operation seized Ragnar Locker group's infrastructure | THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT! | North Korea-linked APT groups actively exploit JetBrains TeamCity flaw | Multiple APT groups exploited WinRAR flaw CVE-2023-38831 | Californian IT company DNA Micro leaks private mobile phone data | Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August | A flaw in Synology DiskStation Manager allows admin account takeover | D-Link confirms data breach, but downplayed the impact | CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems | Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers | Ransomware realities in 2023: one employee mistake can cost a company millions | Malware-laced 'RedAlert - Rocket Alerts' app targets Israeli users | Cisco warns of active exploitation of IOS XE zero-day | Signal denies claims of an alleged zero-day flaw in its platform | Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm | DarkGate malware campaign abuses Skype and Teams | The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital | Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION | Lockbit ransomware gang demanded an 80 million ransom to CDW | CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks | Stayin' Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT? | FBI and CISA published a new advisory on AvosLocker ransomware | More than 17,000 WordPress websites infected with the Balada Injector in September | Ransomlooker, a new tool to track and analyze ransomware groups' activities | Phishing, the campaigns that are targeting Italy | A new Magecart campaign hides the malicious code in 404 error page | CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog | Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers | Air Europa data breach exposed customers' credit cards | #OpIsrael, #FreePalestine & #OpSaudiArabia - How Cyber Actors Capitalize On War Actions Via Psy-Ops | Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws | New 'HTTP/2 Rapid Reset' technique behind record-breaking DDoS attacks | Exposed security cameras in Israel and Palestine pose significant risks | A flaw in libcue library impacts GNOME Linux systems | Hacktivists in Palestine and Israel after SCADA and other industrial control systems | Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519 | The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum | Gaza-linked hackers and Pro-Russia groups are targeting Israel | Flagstar Bank suffered a data breach once again | Android devices shipped with backdoored firmware as part of the BADBOX network | Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition | North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime | QakBot threat actors are still operational after the August takedown | Ransomware attack on MGM Resorts costs $110 Million | Cybersecurity, why a hotline number could be important? | Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables | Cisco Emergency Responder is affected by a critical Static Credentials bug. Fix it immediately! | Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege | CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog | NATO is investigating a new cyber attack claimed by the SiegedSec group | Global CRM Provider Exposed Millions of Clients’ Files Online | Sony sent data breach notifications to about 6,800 individuals | Apple fixed the 17th zero-day flaw exploited in attacks | Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks | A cyberattack disrupted Lyca Mobile services | Chipmaker Qualcomm warns of three actively exploited zero-days | DRM Report Q2 2023 - Ransomware threat landscape | Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform | San Francisco’s transport agency exposes drivers’ parking permits and addresses | BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums | Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more) | Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV | European Telecommunications Standards Institute (ETSI) suffered a data breach | WS_FTP flaw CVE-2023-40044 actively exploited in the wild | National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers | North Korea-linked Lazarus targeted a Spanish aerospace company | Ransomware attack on Johnson Controls may have exposed sensitive DHS data | BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care | Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition | ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One | FBI warns of dual ransomware attacks | Progress Software fixed two critical severity flaws in WS_FTP Server | Child abuse site taken down, organized child exploitation crime suspected – exclusive | A still unpatched zero-day RCE impacts more than 3.5M Exim servers | Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach | Misconfigured WBSC server leaks thousands of passports | CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog | Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109 | Dark Angels Team ransomware group hit Johnson Controls | GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023 | Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices | China-linked APT BlackTech was spotted hiding in Cisco router firmware | Watch out! CVE-2023-5129 in libwebp library affects millions applications | DarkBeam leaks billions of email and password combinations | 'Ransomed.vc' in the Spotlight - What is Known About the Ransomware Group Targeting Sony and NTT Docomo | Top 5 Problems Solved by Data Lineage | Threat actors claim the hack of Sony, and the company investigates | Canadian Flair Airlines left user data leaking for months | The Rhysida ransomware group hit the Kuwait Ministry of Finance | BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients | Xenomorph malware is back after months of hiatus and expands the list of targets | Smishing Triad Stretches Its Tentacles into the United Arab Emirates | Crooks stole $200 million worth of assets from Mixin Network | A phishing campaign targets Ukrainian military entities with drone manual lures | Alert! Patch your TeamCity instance to avoid server hack | Is Gelsemium APT behind a targeted attack in Southeast Asian Government? | Nigerian National pleads guilty to participating in a millionaire BEC scheme | New variant of BBTok Trojan targets users of +40 banks in LATAM | Deadglyph, a very sophisticated and unknown backdoor targets the Middle East | Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars | Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition | National Student Clearinghouse data breach impacted approximately 900 US schools | Government of Bermuda blames Russian threat actors for the cyber attack | Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware | CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog | Information of Air Canada employees exposed in recent cyberattack | Sandman APT targets telcos with LuaDream backdoor | Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws | Ukrainian hackers are behind the Free Download Manager supply chain attack | Space and defense tech maker Exail Technologies exposes database access | Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions | Experts found critical flaws in Nagios XI network monitoring software | The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs | International Criminal Court hit with a cyber attack | GitLab addressed critical vulnerability CVE-2023-5009 | Trend Micro addresses actively exploited zero-day in Apex One and other security Products | ShroudedSnooper threat actors target telecom companies in the Middle East | Recent cyber attack is causing Clorox products shortage | Earth Lusca expands its arsenal with SprySOCKS Linux malware | Microsoft AI research division accidentally exposed 38TB of sensitive data | German intelligence warns cyberattacks could target liquefied natural gas (LNG) terminals | Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry | FBI hacker USDoD leaks highly sensitive TransUnion data | North Korea's Lazarus APT stole almost $240 million in crypto assets since June | Clop gang stolen data from major North Carolina hospitals | CardX released a data leak notification impacting their customers in Thailand | Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition | TikTok fined €345M by Irish DPC for violating children’s privacy | Dariy Pankov, the NLBrute malware author, pleads guilty | Dangerous permissions detected in top Android health apps | Caesars Entertainment paid a ransom to avoid stolen data leaks | Free Download Manager backdoored to serve Linux malware for more than 3 years | Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York | The iPhone of a Russian journalist was infected with the Pegasus spyware | Kubernetes flaws could lead to remote code execution on Windows endpoints | Threat actor leaks sensitive data belonging to Airbus | A new ransomware family called 3AM appears in the threat landscape | Redfly group infiltrated an Asian national grid as long as six months | Mozilla fixed a critical zero-day in Firefox and Thunderbird | Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws | Save the Children confirms it was hit by cyber attack | Adobe fixed actively exploited zero-day in Acrobat and Reader | A new Repojacking attack exposed over 4,000 GitHub repositories to hack | MGM Resorts hit by a cyber attack | Anonymous Sudan launched a DDoS attack against Telegram | Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor | GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023 | CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog | UK and US sanctioned 11 members of the Russia-based TrickBot gang | New HijackLoader malware is rapidly growing in popularity in the cybercrime community | Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable | Evil Telegram campaign: Trojanized Telegram apps found on Google Play | Rhysida Ransomware gang claims to have hacked three more US hospitals | Akamai prevented the largest DDoS attack on a US financial company | Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition | US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog | Ragnar Locker gang leaks data stolen from the Israel's Mayanei Hayeshua hospital | North Korea-linked threat actors target cybersecurity experts with a zero-day | Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks | Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware | Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs | A malvertising campaign is delivering a new version of the macOS Atomic Stealer | Two flaws in Apache SuperSet allow to remotely hack servers | Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake | Google addressed an actively exploited zero-day in Android | A zero-day in Atlas VPN Linux Client leaks users' IP address | MITRE and CISA release Caldera for OT attack emulation | ASUS routers are affected by three critical remote code execution flaws | Hackers stole $41M worth of crypto assets from crypto gambling firm Stake | Freecycle data breach impacted 7 Million users | Meta disrupted two influence campaigns from China and Russia | A massive DDoS attack took down the site of the German financial agency BaFin | "Smishing Triad" Targeted USPS and US Citizens for Data Theft | University of Sydney suffered a security breach caused by a third-party service provider | Cybercrime will cost Germany $224 billion in 2023 | PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks | Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition | LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM) | UNRAVELING EternalBlue: inside the WannaCry’s enabler | Researchers released a free decryptor for the Key Group ransomware | Fashion retailer Forever 21 data breach impacted +500,000 individuals | Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware | Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication | Paramount Global disclosed a data breach | National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization | Abusing Windows Container Isolation Framework to avoid detection by security products | Critical RCE flaw impacts VMware Aria Operations Networks | UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw | Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months | FIN8-linked actor targets Citrix NetScaler systems | Japan's JPCERT warns of new 'MalDoc in PDF' attack technique | Attackers can discover IP address by sending a link over the Skype mobile app | Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software | Cloud and hosting provider Leaseweb took down critical systems after a cyber attack | Crypto investor data exposed by a SIM swapping attack against a Kroll employee | China-linked Flax Typhoon APT targets Taiwan | Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035 | Resecurity identified a zero-day vulnerability in Schneider Electric Accutech Manager | * Home * Cyber Crime * Cyber warfare * APT * Data Breach * Deep Web * Digital ID * Hacking * Hacktivism * Intelligence * Internet of Things * Laws and regulations * Malware * Mobile * Reports * Security * Social Networks * Terrorism * ICS-SCADA * POLICIES * Contact me Ad Hacking March 09, 2024 CRITICAL FORTINET FORTIOS BUG CVE-2024-21762 POTENTIALLY IMPACTS 150,000 INTERNET-FACING DEVICES Hacking March 09, 2024 THREAT ACTORS BREACHED TWO CRUCIAL SYSTEMS OF THE US CISA Hacking March 11, 2024 MASSIVE CYBERATTACKS HIT FRENCH GOVERNMENT AGENCIES LATEST NEWS VIEW ALL Security CISCO FIXED HIGH-SEVERITY ELEVATION OF PRIVILEGE AND DOS BUGS Pierluigi Paganini March 14, 2024 Cisco this week addressed high-severity elevation of privilege and denial-of-service (DoS) vulnerabilities in IOS RX software. Cisco addressed multiple vulnerabilities in IOS RX software, includin ... Malware RECENT DARKGATE CAMPAIGN EXPLOITED MICROSOFT WINDOWS ZERO-DAY Pierluigi Paganini March 14, 2024 Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGat ... Data Breach NISSAN OCEANIA DATA BREACH IMPACTED ROUGHLY 100,000 PEOPLE Pierluigi Paganini March 14, 2024 The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced i ... Hacking RESEARCHERS FOUND MULTIPLE FLAWS IN CHATGPT PLUGINS Pierluigi Paganini March 14, 2024 Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of ... * * 1 * 2 * 3 ... * 3903 * 3904 * 3905 * TOP ARTICLES EXPERTS SPOTTED A NEW MACOS BACKDOOR NAMED SPECTRALBLUR LINKED TO NORTH KOREA January 06, 2024 UKRAINE’S SBU SAID THAT RUSSIA'S INTELLIGENCE HACKED SURVEILLANCE CAMERAS TO DIRECT A MISSILE STRIKE ON KYIV January 03, 2024 A CYBER ATTACK HIT THE BEIRUT INTERNATIONAL AIRPORT January 07, 2024 SWISS AIR FORCE SENSITIVE FILES STOLEN IN THE HACK OF ULTRA INTELLIGENCE & COMMUNICATIONS January 08, 2024 CYBERCRIMINALS IMPLEMENTED ARTIFICIAL INTELLIGENCE (AI) FOR INVOICE FRAUD January 03, 2024 NEWSLETTER SUBSCRIBE TO MY EMAIL LIST AND STAY UP-TO-DATE! Ad MOST POPULAR VIEW ALL APT ZIMBRA ZERO-DAY EXPLOITED TO STEAL GOVERNMENT EMAILS BY FOUR GROUPS November 16, 2023 Malware FBI AND CISA WARN OF ATTACKS BY RHYSIDA RANSOMWARE GANG November 16, 2023 Security VMWARE DISCLOSED A CRITICAL AND UNPATCHED AUTHENTICATION BYPASS FLAW IN VMWARE CLOUD DIRECTOR APPLIANCE November 15, 2023 APT DANISH CRITICAL INFRASTRUCTURE HIT BY THE LARGEST CYBER ATTACK IN DENMARK'S HISTORY November 14, 2023 Cyber Crime MAJOR AUSTRALIAN PORTS BLOCKED AFTER A CYBER ATTACK ON DP WORLD November 14, 2023 RECENT ARTICLES Previous Cyber Crime CRYPTO INVESTOR DATA EXPOSED BY A SIM SWAPPING ATTACK AGAINST A KROLL EMPLOYEE Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees. Security consulting firm Kroll revealed that a SIM-swappin ... Pierluigi Paganini August 26, 2023 APT CHINA-LINKED FLAX TYPHOON APT TARGETS TAIWAN China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cy ... Pierluigi Paganini August 25, 2023 Breaking News RESEARCHERS RELEASED POC EXPLOIT FOR IVANTI SENTRY FLAW CVE-2023-38035 Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti ... Pierluigi Paganini August 24, 2023 Security RESECURITY IDENTIFIED A ZERO-DAY VULNERABILITY IN SCHNEIDER ELECTRIC ACCUTECH MANAGER Resecurity researchers identified a zero-day Buffer Overflow vulnerability in the Schneider Electric Accutech Manager product. Resecurity identified a zero-day vulnerability in the Schneider Elec ... Pierluigi Paganini July 11, 2023 Security CISCO FIXED HIGH-SEVERITY ELEVATION OF PRIVILEGE AND DOS BUGS Cisco this week addressed high-severity elevation of privilege and denial-of-service (DoS) vulnerabilities in IOS RX software. Cisco addressed multiple vulnerabilities in IOS RX software, includin ... Pierluigi Paganini March 14, 2024 Malware RECENT DARKGATE CAMPAIGN EXPLOITED MICROSOFT WINDOWS ZERO-DAY Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGat ... Pierluigi Paganini March 14, 2024 Data Breach NISSAN OCEANIA DATA BREACH IMPACTED ROUGHLY 100,000 PEOPLE The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced i ... Pierluigi Paganini March 14, 2024 Hacking RESEARCHERS FOUND MULTIPLE FLAWS IN CHATGPT PLUGINS Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of ... Pierluigi Paganini March 14, 2024 Security FORTINET FIXES CRITICAL BUGS IN FORTIOS, FORTIPROXY, AND FORTICLIENTEMS Fortinet released security updates to address critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. Fortinet this week has released security updates to fix critical c ... Pierluigi Paganini March 13, 2024 Data Breach ACER PHILIPPINES DISCLOSED A DATA BREACH AFTER A THIRD-PARTY VENDOR HACK Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. Acer Philippines confirmed that employee data was compromised in an attack targeting a ... Pierluigi Paganini March 13, 2024 Cyber Crime STANFORD UNIVERSITY ANNOUNCED THAT 27,000 INDIVIDUALS WERE IMPACTED IN THE 2023 RANSOMWARE ATTACK Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomwa ... Pierluigi Paganini March 13, 2024 Security MICROSOFT PATCH TUESDAY SECURITY UPDATES FOR MARCH 2024 FIXED 59 FLAWS Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 ... Pierluigi Paganini March 12, 2024 Intelligence RUSSIA'S FOREIGN INTELLIGENCE SERVICE (SVR) ALLEGES US IS PLOTTING TO INTERFERE IN PRESIDENTIAL ELECTION Russia’s Foreign Intelligence Service (SVR) claims that the US intelligence plans to interfere with its presidential election. Russia's Foreign Intelligence Service (SVR) alleges that the US is ... Pierluigi Paganini March 12, 2024 Breaking News FIRST-EVER SOUTH KOREAN NATIONAL DETAINED FOR ESPIONAGE IN RUSSIA Russian authorities have detained a South Korean national on cyber espionage charges, it is the first time for a Korean citizen. Russian authorities have arrested a South Korean citizen on charges ... Pierluigi Paganini March 12, 2024 Cyber Crime INSURANCE SCAMS VIA QR CODES: HOW TO RECOGNISE AND DEFEND YOURSELF Threat actors can abuse QR codes to carry out sophisticated scams, as reported by the Italian Postal Police in its recent alert. As is well known, QR codes are two-dimensional barcodes that can be ... Pierluigi Paganini March 12, 2024 Hacking MASSIVE CYBERATTACKS HIT FRENCH GOVERNMENT AGENCIES A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. "Several "intense" cyberattacks targeted multiple French government agencies ... Pierluigi Paganini March 11, 2024 Hacking BIANLIAN GROUP EXPLOITS JETBRAINS TEAMCITY BUGS IN RANSOMWARE ATTACKS BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack ... Pierluigi Paganini March 11, 2024 Hacking EXPERTS RELEASED POC EXPLOIT FOR CRITICAL PROGRESS SOFTWARE OPENEDGE BUG Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have pub ... Pierluigi Paganini March 11, 2024 Cyber Crime MAGNET GOBLIN GROUP USED A NEW LINUX VARIANT OF NERBIANRAT MALWARE The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. A financially motivated threat actor named Magnet Goblin made ... Pierluigi Paganini March 11, 2024 Hacking HACKERS EXPLOITED WORDPRESS POPUP BUILDER PLUGIN FLAW TO COMPROMISE 3,300 SITES Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada ... Pierluigi Paganini March 11, 2024 Intelligence LITHUANIA SECURITY SERVICES WARN OF CHINA'S ESPIONAGE AGAINST THE COUNTRY A report published by Lithuanian security services warned that China has escalated its espionage operations against Lithuania. A report released by Lithuanian security services has cautioned that ... Pierluigi Paganini March 10, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 462 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini March 10, 2024 Hacking THREAT ACTORS BREACHED TWO CRUCIAL SYSTEMS OF THE US CISA Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency wa ... Pierluigi Paganini March 09, 2024 Security CISA ADDS JETBRAINS TEAMCITY BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a JetBrains TeamCity vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ... Pierluigi Paganini March 09, 2024 Hacking CRITICAL FORTINET FORTIOS BUG CVE-2024-21762 POTENTIALLY IMPACTS 150,000 INTERNET-FACING DEVICES Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remot ... Pierluigi Paganini March 09, 2024 Internet of Things QNAP FIXED THREE FLAWS IN ITS NAS DEVICES, INCLUDING AN AUTHENTICATION BYPASS QNAP addressed three vulnerabilities in its NAS products that can be exploited to access devices. QNAP addressed three vulnerabilities in Network Attached Storage (NAS) devices that can be exploit ... Pierluigi Paganini March 08, 2024 Hacking RUSSIA-LINKED MIDNIGHT BLIZZARD BREACHED MICROSOFT SYSTEMS AGAIN Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the comp ... Pierluigi Paganini March 08, 2024 Security CISCO ADDRESSED SEVERE FLAWS IN ITS SECURE CLIENT Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two hig ... Pierluigi Paganini March 08, 2024 Data Breach PLAY RANSOMWARE ATTACK ON XPLAIN EXPOSED 65,000 FILES CONTAINING DATA RELEVANT TO THE SWISS FEDERAL ADMINISTRATION. The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) publis ... Pierluigi Paganini March 08, 2024 Cyber Crime 2023 FBI INTERNET CRIME REPORT REPORTED CYBERCRIME LOSSES REACHED $12.5 BILLION IN 2023 The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI's Internet Crime Co ... Pierluigi Paganini March 07, 2024 Cyber warfare NATIONAL INTELLIGENCE AGENCY OF MOLDOVA WARNS OF RUSSIA ATTACKS AHEAD OF THE PRESIDENTIAL ELECTION The national intelligence agency of Moldova warns of hybrid attacks from Russia ahead of the upcoming elections. The Moldovan national intelligence agency warns of hybrid attacks from Russia ahead ... Pierluigi Paganini March 07, 2024 Security CISA ADDS APPLE IOS AND IPADOS MEMORY CORRUPTION BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS memory corruption vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and ... Pierluigi Paganini March 07, 2024 Hacking LINUX MALWARE TARGETS MISCONFIGURED MISCONFIGURED APACHE HADOOP, CONFLUENCE, DOCKER, AND REDIS SERVERS A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign target ... Pierluigi Paganini March 07, 2024 Breaking News CISA ADDS ANDROID PIXEL AND SUNHILLO SURELINE BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel and Sunhillo SureLine vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ... Pierluigi Paganini March 06, 2024 Cyber Crime WATCH OUT, GHOSTSEC AND STOURMOUS GROUPS JOINTLY CONDUCTING RANSOMWARE ATTACKS Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec and Stormous ransomware gang are jointly conducting a ransomware cam ... Pierluigi Paganini March 06, 2024 Cyber Crime LOCKBIT 3.0’S BUNGLED COMEBACK HIGHLIGHTS THE UNDYING RISK OF TORRENT-BASED (P2P) DATA LEAKAGE The wide torrent-based accessibility of these leaked victim files ensures the longevity of LockBit 3.0’s harmful impact. While embattled ransomware gang LockBit 3.0 fights for its survival follo ... Pierluigi Paganini March 06, 2024 Hacking APPLE EMERGENCY SECURITY UPDATES FIX TWO NEW IOS ZERO-DAYS Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address ... Pierluigi Paganini March 05, 2024 Security VMWARE URGENT UPDATES ADDRESSED CRITICAL ESXI SANDBOX ESCAPE BUGS VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent up ... Pierluigi Paganini March 05, 2024 Laws and regulations US GOV SANCTIONED INTELLEXA CONSORTIUM INDIVIDUALS AND ENTITIES BEHIND PREDATOR SPYWARE ATTACKS The U.S. government sanctioned two individuals and five entities linked to the development and distribution of the Predator spyware used to target Americans. Today, the Department of the Treasury� ... Pierluigi Paganini March 05, 2024 Hacking CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ... Pierluigi Paganini March 05, 2024 Security EXPERTS DISCLOSED TWO SEVERE FLAWS IN JETBRAINS TEAMCITY ON-PREMISES SOFTWARE Two new security flaws in JetBrains TeamCity On-Premises software can allow attackers to take over affected systems. Rapid7 researchers disclosed two new critical security vulnerabilities, tracked ... Pierluigi Paganini March 05, 2024 Cyber warfare UKRAINE'S GUR HACKED THE RUSSIAN MINISTRY OF DEFENSE The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Def ... Pierluigi Paganini March 05, 2024 Data Breach SOME AMERICAN EXPRESS CUSTOMERS' DATA EXPOSED IN A THIRD-PARTY DATA BREACH American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that thei ... Pierluigi Paganini March 04, 2024 Social Networks META HIT WITH PRIVACY COMPLAINTS BY EU CONSUMER GROUPS This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanctio ... Pierluigi Paganini March 04, 2024 Hacking NEW GTPDOOR BACKDOOR IS DESIGNED TO TARGET TELECOM CARRIER NETWORKS Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux ... Pierluigi Paganini March 04, 2024 Data Breach THREAT ACTORS HACKED TAIWAN-BASED CHUNGHWA TELECOM Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company, Ltd. (literally Chinese Te ... Pierluigi Paganini March 04, 2024 Malware NEW LINUX VARIANT OF BIFROSE RAT USES DECEPTIVE DOMAIN STRATEGIES A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifro ... Pierluigi Paganini March 04, 2024 Hacking EKEN CAMERA DOORBELLS ALLOW ILL-INTENTIONED INDIVIDUALS TO SPY ON YOU Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe ... Pierluigi Paganini March 03, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 461 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini March 03, 2024 Security U.S. JUDGE ORDERED NSO GROUP TO HAND OVER THE PEGASUS SPYWARE CODE TO WHATSAPP A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO G ... Pierluigi Paganini March 03, 2024 Hacking U.S. AUTHORITIES CHARGED AN IRANIAN NATIONAL FOR LONG-RUNNING HACKING CAMPAIGN The U.S. DoJ charged Iranian national Alireza Shafie Nasab for his role in attacks targeting U.S. government and defense entities. The U.S. Department of Justice (DoJ) charged Iranian national Ali ... Pierluigi Paganini March 02, 2024 Cyber Crime US CYBER AND LAW ENFORCEMENT AGENCIES WARN OF PHOBOS RANSOMWARE ATTACKS US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber se ... Pierluigi Paganini March 02, 2024 Cyber Crime POLICE SEIZED CRIMEMARKET, THE LARGEST GERMAN-SPEAKING CYBERCRIME MARKETPLACE German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforc ... Pierluigi Paganini March 01, 2024 Hacking FIVE EYES ALLIANCE WARNS OF ATTACKS EXPLOITING KNOWN IVANTI GATEWAY FLAWS The Five Eyes alliance warns of threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. The Five Eyes intelligence alliance issued a joint cyberse ... Pierluigi Paganini March 01, 2024 Cyber Crime CROOKS STOLE €15 MILLION FROM EUROPEAN RETAIL COMPANY PEPCO Crooks stole €15.5 million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been t ... Pierluigi Paganini March 01, 2024 Security CISA ADDS MICROSOFT STREAMING SERVICE BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ... Pierluigi Paganini March 01, 2024 Hacking RESEARCHERS FOUND A ZERO-CLICK FACEBOOK ACCOUNT TAKEOVER A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed att ... Pierluigi Paganini February 29, 2024 APT NEW SPIKEDWINE APT GROUP IS TARGETING OFFICIALS IN EUROPE A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously un ... Pierluigi Paganini February 29, 2024 Cyber Crime IS THE LOCKBIT GANG RESUMING ITS OPERATION? Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully r ... Pierluigi Paganini February 29, 2024 APT LAZARUS APT EXPLOITED ZERO-DAY IN WINDOWS DRIVER TO GAIN KERNEL PRIVILEGES North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked La ... Pierluigi Paganini February 29, 2024 Data Breach PHARMACEUTICAL GIANT CENCORA DISCLOSES A DATA BREACH Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberat ... Pierluigi Paganini February 28, 2024 Hacking UNMASKING 2024'S EMAIL SECURITY LANDSCAPE Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming ... Pierluigi Paganini February 28, 2024 Cyber Crime FBI, CISA, HHS WARN OF TARGETED ALPHV/BLACKCAT RANSOMWARE ATTACKS AGAINST THE HEALTHCARE SECTOR The FBI, CISA, and the Department of HHS warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. A cybersecurity alert published by the FBI, CISA, and the Department of ... Pierluigi Paganini February 28, 2024 Breaking News RUSSIA-LINKED APT28 COMPROMISED UBIQUITI EDGEROUTERS TO FACILITATE CYBER OPERATIONS Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (N ... Pierluigi Paganini February 28, 2024 Cyber Crime BLACK BASTA AND BL00DY RANSOMWARE GANGS EXPLOIT RECENT CONNECTWISE SCREENCONNECT BUGS New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recen ... Pierluigi Paganini February 27, 2024 Hacking XSS FLAW IN LITESPEED CACHE PLUGIN EXPOSES MILLIONS OF WORDPRESS SITES AT RISK Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerabilit ... Pierluigi Paganini February 27, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 460 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 25, 2024 Cyber Crime US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES U.S. government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. The U.S. Department of Stat ... Pierluigi Paganini February 21, 2024 Malware NEW REDIS MINER MIGO USES NOVEL SYSTEM WEAKENING TECHNIQUES A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis serve ... Pierluigi Paganini February 21, 2024 Security CRITICAL FLAW FOUND IN DEPRECATED VMWARE EAP. UNINSTALL IT IMMEDIATELY VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated E ... Pierluigi Paganini February 21, 2024 Hacking MICROSOFT EXCHANGE FLAW CVE-2024-21410 COULD IMPACT UP TO 97,000 SERVERS Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The vulnerability CVE-2024-21410 is a bypass vulnerabili ... Pierluigi Paganini February 21, 2024 Security CONNECTWISE FIXED CRITICAL FLAWS IN SCREENCONNECT REMOTE ACCESS TOOL ConnectWise addressed two critical vulnerabilities in its ScreenConnect remote desktop access product and urges customers to install the patches asap. ConnectWise warns of the following two critic ... Pierluigi Paganini February 20, 2024 Cyber Crime MORE DETAILS ABOUT OPERATION CRONOS THAT DISRUPTED LOCKBIT OPERATION Law enforcement provided additional details about the international Operation Cronos that led to the disruption of the Lockbit ransomware operation. Yesterday, a joint law enforcement action, code ... Pierluigi Paganini February 20, 2024 Hacking CACTUS RANSOMWARE GANG CLAIMS THE THEFT OF 1.5TB OF DATA FROM ENERGY MANAGEMENT AND INDUSTRIAL AUTOMATION FIRM SCHNEIDER ELECTRIC The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pil ... Pierluigi Paganini February 20, 2024 Cyber Crime OPERATION CRONOS: LAW ENFORCEMENT DISRUPTED THE LOCKBIT OPERATION An international law enforcement operation codenamed 'Operation Cronos' led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, con ... Pierluigi Paganini February 19, 2024 Cyber Crime A UKRAINIAN RACCOON INFOSTEALER OPERATOR IS AWAITING TRIAL IN THE US The Raccoon Infostealer operator, Mark Sokolovsky, was extradited to the US from the Netherlands to appear in a US court. In October 2020, the US Justice Department charged a Ukrainian national, M ... Pierluigi Paganini February 19, 2024 APT RUSSIA-LINKED APT TAG-70 TARGETS EUROPEAN GOVERNMENT AND MILITARY MAIL SERVERS EXPLOITING ROUNDCUBE XSS An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group id ... Pierluigi Paganini February 19, 2024 Cyber Crime HOW BRICS GOT "RUG PULLED" – CRYPTOCURRENCY COUNTERFEITING IS ON THE RISE Resecurity has identified an increasing trend of cryptocurrency counterfeiting, the experts found several tokens impersonating major brands, government organizations and national fiat currencies. ... Pierluigi Paganini February 19, 2024 Security SOLARWINDS ADDRESSED CRITICAL RCES IN ACCESS RIGHTS MANAGER (ARM) SolarWinds addressed three critical vulnerabilities in its Access Rights Manager (ARM) solution, including two RCE bugs. SolarWinds has fixed several Remote Code Execution (RCE) vulnerabilities in ... Pierluigi Paganini February 19, 2024 Breaking News ESET FIXED HIGH-SEVERITY LOCAL PRIVILEGE ESCALATION BUG IN WINDOWS PRODUCTS Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution. ESET addressed a high-severity vulnerability, tracked as CVE-2024-0353 ... Pierluigi Paganini February 18, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 459 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 18, 2024 Cyber Crime UKRAINIAN NATIONAL FACES UP TO 20 YEARS IN PRISON FOR HIS ROLE IN ZEUS, ICEDID MALWARE SCHEMES A Ukrainian national pleaded guilty to his role in the Zeus and IcedID operations, which caused tens of millions of dollars in losses. Ukrainian national Vyacheslav Igorevich Penchukov has pleaded ... Pierluigi Paganini February 17, 2024 Cyber Crime CISA: CISCO ASA/FTD BUG CVE-2020-3259 EXPLOITED IN RANSOMWARE ATTACKS CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) in attacks in the wild. This week the U.S. Cybersecurity and Infrastructure ... Pierluigi Paganini February 17, 2024 Security CISA ADDS MICROSOFT EXCHANGE AND CISCO ASA AND FTD BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ... Pierluigi Paganini February 16, 2024 Cyber Crime US GOV OFFERS A REWARD OF UP TO $10M FOR INFO ON ALPHV/BLACKCAT GANG LEADERS The U.S. government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. The U.S. Department of State is ... Pierluigi Paganini February 16, 2024 Hacking U.S. CISA: HACKERS BREACHED A STATE GOVERNMENT ORGANIZATION U.S. CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The U.S. Cybersecurity and Infrastructure Secur ... Pierluigi Paganini February 16, 2024 APT RUSSIA-LINKED TURLA APT USES NEW TINYTURLA-NG BACKDOOR TO SPY ON POLISH NGOS Russia-linked APT group Turla has been spotted targeting Polish non-governmental organizations (NGO) with a new backdoor dubbed TinyTurla-NG. Russia-linked cyberespionage group Turla has been spo ... Pierluigi Paganini February 16, 2024 Cyber Crime US GOV DISMANTLED THE MOOBOT BOTNET CONTROLLED BY RUSSIA-LINKED APT28 The US authorities dismantled the Moobot botnet, which was controlled by the Russia-linked cyberespionage group APT28. A court order allowed US authorities to neutralize the Moobot botnet, a netwo ... Pierluigi Paganini February 15, 2024 Hacking A CYBERATTACK HALTED OPERATIONS AT VARTA PRODUCTION PLANTS On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber atta ... Pierluigi Paganini February 15, 2024 APT NORTH KOREA-LINKED ACTORS BREACHED THE EMAILS OF A PRESIDENTIAL OFFICE MEMBER The office of South Korean President Yoon Suk Yeol said that North Korea-linked actors breached the personal emails of one of his staff members. The office of South Korean President Yoon Suk Yeol ... Pierluigi Paganini February 15, 2024 Hacking CISA ADDS MICROSOFT WINDOWS BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds 2 Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ... Pierluigi Paganini February 15, 2024 APT NATION-STATE ACTORS ARE USING AI SERVICES AND LLMS FOR CYBERATTACKS Microsoft and OpenAI warn that nation-state actors are using ChatGPT to automate some phases of their attack chains, including target reconnaissance and social engineering attacks. Multiple nation ... Pierluigi Paganini February 15, 2024 Security ABUSING THE UBUNTU 'COMMAND-NOT-FOUND' UTILITY TO INSTALL MALICIOUS PACKAGES Researchers reported that attackers can exploit the 'command-not-found' utility to trick users into installing rogue packages on Ubuntu systems. Cybersecurity researchers from cloud security firm ... Pierluigi Paganini February 14, 2024 Security ZOOM FIXED CRITICAL FLAW CVE-2024-24691 IN WINDOWS SOFTWARE Zoom addressed seven vulnerabilities in its desktop and mobile applications, including a critical flaw (CVE-2024-24691) affecting the Windows software. The popular Video messaging giant Zoom relea ... Pierluigi Paganini February 14, 2024 Security ADOBE PATCH TUESDAY FIXED CRITICAL VULNERABILITIES IN MAGENTO, ACROBAT AND READER Adobe Patch Tuesday security updates for February 2024 addressed more than 30 vulnerabilities in multiple products, including critical issues. Adobe Patch Tuesday security updates released by Adob ... Pierluigi Paganini February 14, 2024 Security MICROSOFT PATCH TUESDAY FOR FEBRUARY 2024 FIXED 2 ACTIVELY EXPLOITED 0-DAYS Microsoft Patch Tuesday security updates for February 2024 addressed 72 flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 2024 resolved ... Pierluigi Paganini February 14, 2024 Cyber Crime A RANSOMWARE ATTACK TOOK 100 ROMANIAN HOSPITALS DOWN Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that target ... Pierluigi Paganini February 13, 2024 Data Breach BANK OF AMERICA CUSTOMER DATA COMPROMISED AFTER A THIRD-PARTY SERVICES PROVIDER DATA BREACH Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers follo ... Pierluigi Paganini February 13, 2024 Reports RANSOMFEED - THIRD QUARTER REPORT 2023 IS OUT! Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. A comprehensive report delving into the intricate landscape ... Pierluigi Paganini February 13, 2024 Hacking GLOBAL MALICIOUS ACTIVITY TARGETING ELECTIONS IS SKYROCKETING Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally With more voters than ever in history heading to the polls in 2024, Resecurity has iden ... Pierluigi Paganini February 13, 2024 Cyber Crime RESEARCHERS RELEASED A FREE DECRYPTION TOOL FOR THE RHYSIDA RANSOMWARE Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Interne ... Pierluigi Paganini February 12, 2024 Security RESIDENTIAL PROXIES VS. DATACENTER PROXIES: CHOOSING THE RIGHT OPTION Residential Proxies vs. Datacenter Proxies: this blog post examines the contours of each type and provides info on how to choose the perfect proxy option In the robust landscape of the digital era ... Pierluigi Paganini February 12, 2024 Hacking CISA ADDS ROUNDCUBE WEBMAIL PERSISTENT XSS BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ... Pierluigi Paganini February 12, 2024 Security CANADA GOV PLANS TO BAN THE FLIPPER ZERO TO CURB CAR THEFTS The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipp ... Pierluigi Paganini February 12, 2024 Security 9 POSSIBLE WAYS HACKERS CAN USE PUBLIC WI-FI TO STEAL YOUR SENSITIVE DATA Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We've all used public Wi-Fi: it's convenient, saves our data, and sp ... Pierluigi Paganini February 12, 2024 Cyber Crime US FEDS ARRESTED TWO MEN INVOLVED IN THE WARZONE RAT OPERATION The U.S. Justice Department (DoJ) seized the infrastructure that was used to sell the remote access trojan (RAT) Warzone RAT. The Justice Department announced the seizure of internet domains used ... Pierluigi Paganini February 12, 2024 Malware RASPBERRY ROBIN SPOTTED USING TWO NEW 1-DAY LPE EXPLOITS Raspberry Robin continues to evolve, it was spotted using two new one-day exploits for vulnerabilities either Discord to host samples. Raspberry Robin is a Windows worm discovered by cybers ... Pierluigi Paganini February 11, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 458 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 11, 2024 Hacking CISA ADDS FORTINET FORTIOS BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ... Pierluigi Paganini February 10, 2024 Malware MACOS BACKDOOR RUSTDOOR LIKELY LINKED TO ALPHV/BLACKCAT RANSOMWARE OPERATIONS Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubb ... Pierluigi Paganini February 10, 2024 Hacking EXPLOITING A VULNERABLE MINIFILTER DRIVER TO CREATE A PROCESS KILLER Researcher demonstrated how to exploit a signed Minifilter Driver in a BYOVD attack to terminate a specific process from the kernel. Exploiting a signed Minifilter Driver that can be used to used ... Pierluigi Paganini February 09, 2024 Data Breach BLACK BASTA RANSOMWARE GANG HACKED HYUNDAI MOTOR EUROPE Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe ... Pierluigi Paganini February 09, 2024 Hacking FORTINET WARNS OF A NEW ACTIVELY EXPLOITED RCE FLAW IN FORTIOS SSL VPN Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. Fortinet is warning that the recently disc ... Pierluigi Paganini February 09, 2024 Security IVANTI WARNS OF A NEW AUTH BYPASS FLAW IN ITS CONNECT SECURE, POLICY SECURE, AND ZTA GATEWAY DEVICES Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. Ivanti has warned customers of a new high-severity security vulne ... Pierluigi Paganini February 09, 2024 Security 26 CYBER SECURITY STATS EVERY USER SHOULD BE AWARE OF IN 2024 26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technology. Cyber Crime Surge: During COVID-19, cyber crimes shot up by 600%, s ... Pierluigi Paganini February 09, 2024 Cyber Crime US OFFERS $10 MILLION REWARD FOR INFO ON HIVE RANSOMWARE GROUP LEADERS U.S. Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards u ... Pierluigi Paganini February 08, 2024 Internet of Things UNRAVELING THE TRUTH BEHIND THE DDOS ATTACK FROM ELECTRIC TOOTHBRUSHES Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. Is it true? The Swiss newspaper Aargauer Zeitung first published the news of a DD ... Pierluigi Paganini February 08, 2024 APT CHINA-LINKED APT VOLT TYPHOON REMAINED UNDETECTED FOR YEARS IN US INFRASTRUCTURE China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. US CISA, the NSA, the FBI, along with partner Five Eyes agenc ... Pierluigi Paganini February 08, 2024 Security CISCO FIXES CRITICAL EXPRESSWAY SERIES CSRF VULNERABILITIES CISCO fixed two critical flaws in Expressway Series collaboration gateways exposing vulnerable devices to cross-site request forgery (CSRF) attacks. Cisco addressed several vulnerabilities in its ... Pierluigi Paganini February 08, 2024 Security CISA ADDS GOOGLE CHROMIUM V8 TYPE CONFUSION BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ... Pierluigi Paganini February 07, 2024 Security FORTINET ADDRESSED TWO CRITICAL FORTISIEM VULNERABILITIES Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code Cybersecurity vendor Fortinet warned of two critical vu ... Pierluigi Paganini February 07, 2024 Hacking EXPERTS WARN OF A CRITICAL BUG IN JETBRAINS TEAMCITY ON-PREMISES A new vulnerability in JetBrains TeamCity On-Premises can be exploited by threat actors to take over vulnerable instances. JetBrains addressed a critical security vulnerability, tracked as CVE-202 ... Pierluigi Paganini February 07, 2024 Hacking CRITICAL SHIM BUG IMPACTS EVERY LINUX BOOT LOADER SIGNED IN THE PAST DECADE The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of 'shim' addressed six vulnerabilities with ... Pierluigi Paganini February 07, 2024 APT CHINA-LINKED APT DEPLOYED MALWARE IN A NETWORK OF THE DUTCH MINISTRY OF DEFENCE China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence and Security Service (MIVD) and the General Int ... Pierluigi Paganini February 07, 2024 Hacking COMMERCIAL SPYWARE VENDORS ARE BEHIND MOST ZERO-DAY EXPLOITS DISCOVERED BY GOOGLE TAG Google's TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. The latest report published by Google Threat Analysis Group (TAG), ... Pierluigi Paganini February 06, 2024 Mobile GOOGLE FIXED AN ANDROID CRITICAL REMOTE CODE EXECUTION FLAW Google released Android ’s February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution issue. Google released Android February 2024 security patches ... Pierluigi Paganini February 06, 2024 Cyber Crime A MAN FACES UP TO 25 YEARS IN PRISON FOR HIS ROLE IN OPERATING UNLICENSED CRYPTO EXCHANGE BTC-E A Belarusian and Cypriot national linked with the cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison. Aliaksandr Klimenka, a Belarusian and Cypriot ... Pierluigi Paganini February 06, 2024 Laws and regulations U.S. GOV IMPOSES VISA RESTRICTIONS ON INDIVIDUALS MISUSING COMMERCIAL SPYWARE The U.S. government imposes visa restrictions on individuals who are involved in the illegal use of commercial spyware. The U.S. State Department announced it is implementing a new policy to impo ... Pierluigi Paganini February 06, 2024 Cyber Crime HPE IS INVESTIGATING CLAIMS OF A NEW SECURITY BREACH Hewlett Packard Enterprise (HPE) is investigating a new data breach after a threat actor claimed to have stolen data on a hacking forum. Hewlett Packard Enterprise (HPE) is investigating a new dat ... Pierluigi Paganini February 06, 2024 Hacking EXPERTS WARN OF A SURGE OF ATTACKS TARGETING IVANTI SSRF FLAW The Ivanti SSRF vulnerability tracked as CVE-2024-21893 is actively exploited in attacks in the wild by multiple threat actors. The Ivanti Server-Side Request Forgery (SSRF) vulnerability, identi ... Pierluigi Paganini February 05, 2024 Hacking HOW TO HACK THE AIRBUS NAVBLUE FLYSMART+ MANAGER Airbus Navblue Flysmart+ Manager allowed attackers to tamper with the engine performance calculations and intercept data. Flysmart+ is a suite of apps for pilot EFBs, helping deliver efficient and ... Pierluigi Paganini February 05, 2024 Cyber Crime CROOKS STOLE $25.5 MILLION FROM A MULTINATIONAL FIRM USING A 'DEEPFAKE' VIDEO CALL Scammers stole HK$200 million (roughly $25,5 million) from a multi-national company using a deepfake conf call to trick an employee into transferring the funds. Scammers successfully stole HK$200 ... Pierluigi Paganini February 05, 2024 Hacking SOFTWARE FIRM ANYDESK DISCLOSED A SECURITY BREACH Remote desktop software company AnyDesk announced that threat actors compromised its production environment. Remote desktop software company AnyDesk announced on Friday that threat actors had acce ... Pierluigi Paganini February 05, 2024 Data Breach THE 'MOTHER OF ALL BREACHES': NAVIGATING THE AFTERMATH AND FORTIFYING YOUR DATA WITH DSPM What is Data Security Posture Management (DSPM) and how you can mitigate the risks of data leaks such as the 'Mother of All Breaches' Cybersecurity researchers recently uncovered what is now being ... Pierluigi Paganini February 04, 2024 Cyber warfare US GOVERNMENT IMPOSED SANCTIONS ON SIX IRANIAN INTEL OFFICIALS The US government issued sanctions against six Iranian government officials linked to cyberattacks against critical infrastructure organizations. The U.S. Treasury Department's Office of Foreign ... Pierluigi Paganini February 04, 2024 Cyber Crime A CYBERATTACK IMPACTED OPERATIONS AT LURIE CHILDREN'S HOSPITAL A cyber attack forced Lurie Children's Hospital in Chicago to take IT systems offline with a severe impact on its operations. The Lurie Children's Hospital in Chicago took IT systems offline after ... Pierluigi Paganini February 04, 2024 Cyber Crime ANYDESK INCIDENT: CUSTOMER CREDENTIALS LEAKED AND PUBLISHED FOR SALE ON THE DARK WEB Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web. Such information being available for cybercriminals could act as a catalys ... Pierluigi Paganini February 04, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 457 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 04, 2024 Security CLOROX ESTIMATES THE COSTS OF THE AUGUST CYBERATTACK WILL EXCEED $49 MILLION Cleaning products giant Clorox estimates the economic impact of the cyber attack that hit the company in August 2023 at $49 million. The Clorox Company is a multinational consumer goods company th ... Pierluigi Paganini February 03, 2024 Hacking MASTODON FIXED A FLAW THAT CAN ALLOW THE TAKEOVER OF ANY ACCOUNT A vulnerability impacting the decentralized social network Mastodon can be exploited by threat actors to impersonate and take over any account. A security flaw, tracked as CVE-2024-23832 (CVSS sco ... Pierluigi Paganini February 03, 2024 Hacking IRANIAN HACKERS BREACHED ALBANIA’S INSTITUTE OF STATISTICS (INSTAT) Albania’s Institute of Statistics (INSTAT) announced that it was targeted by a sophisticated cyberattack that affected some of its systems. A sophisticated cyberattack on Wednesday hit Albania� ... Pierluigi Paganini February 02, 2024 Cyber Crime OPERATION SYNERGIA LED TO THE ARREST OF 31 INDIVIDUALS An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Operation Synergia was led by Interpo ... Pierluigi Paganini February 02, 2024 Intelligence EX CIA EMPLOYEE JOSHUA ADAM SCHULTE SENTENCED TO 40 YEARS IN PRISON A former software engineer with the U.S. CIA has been sentenced to 40 years in prison for leaking classified documents. Former CIA employee Joshua Adam Schulte has been sentenced to 40 years in p ... Pierluigi Paganini February 02, 2024 Hacking CLOUDFLARE BREACHED ON THANKSGIVING DAY, BUT THE ATTACK WAS PROMPTLY CONTAINED Cloudflare revealed that a nation-state actor breached its internal Atlassian server, gaining access to the internal wiki and its bug database (Atlassian Jira). The incident took place on Thanksg ... Pierluigi Paganini February 02, 2024 Malware PURPLEFOX MALWARE INFECTED AT LEAST 2,000 COMPUTERS IN UKRAINE The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. The Computer Emergency Response T ... Pierluigi Paganini February 02, 2024 Cyber Crime MAN SENTENCED TO SIX YEARS IN PRISON FOR STEALING MILLIONS IN CRYPTOCURRENCY VIA SIM SWAPPING A US man has been sentenced to federal prison for his role in a fraudulent scheme that resulted in the theft of millions of dollars through SIM swapping. Daniel James Junk (22) of Portland was sen ... Pierluigi Paganini February 01, 2024 Security CISA ORDERS FEDERAL AGENCIES TO DISCONNECT IVANTI VPN INSTANCES BY FEBRUARY 2 CISA is ordering federal agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. For the first time since its establishment, CISA is ordering federal agenci ... Pierluigi Paganini February 01, 2024 APT MULTIPLE MALWARE USED IN ATTACKS EXPLOITING IVANTI VPN FLAWS Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a Ch ... Pierluigi Paganini February 01, 2024 Cyber Crime POLICE SEIZED 50,000 BITCOIN FROM OPERATOR OF THE NOW-DEFUNCT PIRACY SITE MOVIE2K German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to. The police in Saxony, Germany, have seized 50,000 Bitcoin (more than $2.1 billion at the ... Pierluigi Paganini February 01, 2024 Cyber Crime CROOKS STOLE AROUND $112 MILLION WORTH OF XRP FROM RIPPLE’S CO-FOUNDER Crooks stole around $112 million worth of Ripple XRP from the crypto wallet of Ripple’s co-founder Chris Larsen. This week, crooks stole around $112 million worth of the Ripple-focused cryptocur ... Pierluigi Paganini January 31, 2024 Security CISA ADDS APPLE IMPROPER AUTHENTICATION BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securi ... Pierluigi Paganini January 31, 2024 Hacking IVANTI WARNS OF A NEW ACTIVELY EXPLOITED ZERO-DAY Ivanti warns of two new vulnerabilities in its Connect Secure and Policy Secure products, one of which is actively exploited in the wild. Ivanti is warning of two new high-severity vulnerabilities ... Pierluigi Paganini January 31, 2024 Malware THREAT ACTORS EXPLOIT IVANTI VPN BUGS TO DEPLOY KRUSTYLOADER MALWARE Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early January 2024, software firm Ivanti reported that threat ... Pierluigi Paganini January 31, 2024 Security DATA LEAK AT FINTECH GIANT DIRECT TRADING TECHNOLOGIES Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading Technologies, an international fintech company, jeo ... Pierluigi Paganini January 31, 2024 Breaking News ROOT ACCESS VULNERABILITY IN GNU LIBRARY C (GLIBC) IMPACTS MANY LINUX DISTROS Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The Qualys Threat Research Unit discovered four securit ... Pierluigi Paganini January 30, 2024 Laws and regulations ITALIAN DATA PROTECTION AUTHORITY SAID THAT CHATGPT VIOLATED EU PRIVACY LAWS Italian data protection authority regulator authority Garante said that ChatGPT violated European Union data privacy regulations. The Italian data protection authority regulator authority, known a ... Pierluigi Paganini January 30, 2024 Data Breach 750 MILLION INDIAN MOBILE SUBSCRIBERS' DATA OFFERED FOR SALE ON DARK WEB Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian m ... Pierluigi Paganini January 30, 2024 Security JUNIPER NETWORKS RELEASED OUT-OF-BAND UPDATES TO FIX HIGH-SEVERITY FLAWS Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take over unpatched systems. Juniper Networks has released out-of ... Pierluigi Paganini January 30, 2024 Cyber Crime HUNDREDS OF NETWORK OPERATORS’ CREDENTIALS FOUND CIRCULATING IN DARK WEB Hundreds of compromised credentials of customers of RIPE, APNIC, AFRINIC, and LACNIC are available on the dark web, Resecurity warns. Resecurity conducted a thorough scan of the Dark Web and ident ... Pierluigi Paganini January 30, 2024 Data Breach CACTUS RANSOMWARE GANG CLAIMS THE SCHNEIDER ELECTRIC HACK Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energ ... Pierluigi Paganini January 30, 2024 Data Breach MERCEDES-BENZ ACCIDENTALLY EXPOSED SENSITIVE DATA, INCLUDING SOURCE CODE Researchers discovered that Mercedes-Benz accidentally left a private key online exposing internal data, including the company’s source code. RedHunt Labs researchers discovered that Mercedes-Be ... Pierluigi Paganini January 29, 2024 Hacking EXPERTS DETAILED MICROSOFT OUTLOOK FLAW THAT CAN LEAK NTLM V2 HASHED PASSWORDS A flaw in Microsoft Outlook can be exploited to access NTLM v2 hashed passwords by tricking users into opening a specially crafted file. The vulnerability CVE-2023-35636 impacting Microsoft Outloo ... Pierluigi Paganini January 29, 2024 Intelligence NSA BUYS INTERNET BROWSING RECORDS FROM DATA BROKERS WITHOUT A WARRANT The U.S. National Security Agency (NSA) admitted to buying internet browsing records from data brokers to monitor Americans' activity online without a court order. U.S. Senator Ron Wyden, D-Ore., ... Pierluigi Paganini January 29, 2024 Intelligence UKRAINE’S SBU ARRESTED A MEMBER OF PRO-RUSSIA HACKERS GROUP 'CYBER ARMY OF RUSSIA' Ukraine's security service (SBU) detained an alleged member of the pro-Russia hacker group "the Cyber Army of Russia." Ukraine's security service, the SBU, announced that it has identified and de ... Pierluigi Paganini January 29, 2024 Hacking MULTIPLE POC EXPLOITS RELEASED FOR JENKINS FLAW CVE-2024-23897 Multiple proof-of-concept (PoC) exploits for recently disclosed critical Jenkins vulnerability CVE-2024-23897 have been released. Researchers warn that several proof-of-concept (PoC) exploits targ ... Pierluigi Paganini January 28, 2024 Cyber Crime MEDUSA RANSOMWARE ATTACK HIT KANSAS CITY AREA TRANSPORTATION AUTHORITY Medusa ransomware gang claimed responsibility for the attack against the Kansas City Area Transportation Authority (KCATA). On January 23, 2023, the Kansas City Area Transportation Authority (KCAT ... Pierluigi Paganini January 28, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 456 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 28, 2024 Hacktivism PRO-UKRAINE HACKERS WIPED 2 PETABYTES OF DATA FROM RUSSIAN RESEARCH CENTER The Main Intelligence Directorate of Ukraine's Ministry of Defense states that pro-Ukraine hackers wiped 2 petabytes of data from a Russian research center. The Main Directorate of Intelligence of ... Pierluigi Paganini January 27, 2024 Hacking PARTICIPANTS EARNED MORE THAN $1.3M AT THE PWN2OWN AUTOMOTIVE COMPETITION Bug bounty hunters earned more than $1.3 million for hacking Teslas, infotainment systems, and electric vehicle chargers at the Pwn2Own Automotive competition. The Zero Day Initiative’s Pwn2Own ... Pierluigi Paganini January 27, 2024 Cyber Crime A TRICKBOT MALWARE DEVELOPER SENTENCED TO 64 MONTHS IN PRISON The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sente ... Pierluigi Paganini January 26, 2024 APT RUSSIAN MIDNIGHT BLIZZARD APT IS TARGETING ORGS WORLDWIDE, MICROSOFT WARNS Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign. Microsoft announced that the Russia-linked APT Midnight Blizzar ... Pierluigi Paganini January 26, 2024 Security WATCH OUT, EXPERTS WARN OF A CRITICAL FLAW IN JENKINS Jenkins maintainers addressed several security vulnerabilities, including a critical remote code execution (RCE) flaw. Jenkins is the most popular open source automation server, it is maintai ... Pierluigi Paganini January 26, 2024 Hacking PWN2OWN AUTOMOTIVE 2024 DAY 2 - TESLA HACKED AGAIN Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team (@Synacktiv) compromised ... Pierluigi Paganini January 26, 2024 Reports YEARLY INTEL TREND REVIEW: THE 2023 REDSENSE REPORT The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and disco ... Pierluigi Paganini January 25, 2024 Security CISCO WARNS OF A CRITICAL BUG IN UNIFIED COMMUNICATIONS PRODUCTS, PATCH IT NOW! Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. Cisco released security patches to address a critical ... Pierluigi Paganini January 25, 2024 Security RUSSIA-LINKED APT GROUP MIDNIGHT BLIZZARD HACKED HEWLETT PACKARD ENTERPRISE (HPE) Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight Blizzard gained access to its Microsoft Office 365 email system. Hewlett Packard Enterprise (HPE) revealed that alle ... Pierluigi Paganini January 25, 2024 Hacking CISA ADDS ATLASSIAN CONFLUENCE DATA CENTER BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ... Pierluigi Paganini January 25, 2024 Hacking 5379 GITLAB SERVERS VULNERABLE TO ZERO-CLICK ACCOUNT TAKEOVER ATTACKS Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabi ... Pierluigi Paganini January 24, 2024 Hacking EXPERTS RELEASED POC EXPLOIT FOR FORTRA GOANYWHERE MFT FLAW CVE-2024-0204 Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra's GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3' ... Pierluigi Paganini January 24, 2024 Security SPLUNK FIXED HIGH-SEVERITY FLAW IMPACTING WINDOWS VERSIONS Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw impacting Windows installs. Splunk addressed multiple vulnerabilities in Splunk Enterprise, including ... Pierluigi Paganini January 24, 2024 Hacking WATCH OUT, A NEW CRITICAL FLAW AFFECTS FORTRA GOANYWHERE MFT Fortra addressed a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) product. Fortra warns customers of a new authentication bypass vulnerability tracked as� ... Pierluigi Paganini January 23, 2024 Hacking AUSTRALIAN GOVERNMENT ANNOUNCED SANCTIONS FOR MEDIBANK HACKER The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Ge ... Pierluigi Paganini January 23, 2024 Hacking LOANDEPOT DATA BREACH IMPACTED ROUGHLY 16.6 INDIVIDUALS Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 million individuals. LoanDepot is a financial services company that primarily operates as a mortgage lender. ... Pierluigi Paganini January 23, 2024 Cyber Crime BLACK BASTA GANG CLAIMS THE HACK OF THE UK WATER UTILITY SOUTHERN WATER The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. Southern Water is a private utility company responsible for col ... Pierluigi Paganini January 23, 2024 Security CISA ADDS VMWARE VCENTER SERVER BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds VMware vCenter Server Out-of-Bounds Write bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ... Pierluigi Paganini January 23, 2024 Breaking News MOTHER OF ALL BREACHES - A HISTORIC DATA LEAK REVEALS 26 BILLION RECORDS: CHECK WHAT'S EXPOSED Cybersecurity researcher Bob Dyachenko and CyberNews researchers discovered the largest data leak ever discovered. The supermassive leak contains data from numerous previous breaches, comprising a ... Pierluigi Paganini January 22, 2024 Security APPLE FIXED ACTIVELY EXPLOITED ZERO-DAY CVE-2024-23222 Apple addressed the first zero-day vulnerability that impacts iPhones, Macs, and Apple TVs. The issue is actively exploited in the wild. Apple released security updates to address a zero-day vulne ... Pierluigi Paganini January 22, 2024 Cyber Crime “MY SLICE”, AN ITALIAN ADAPTIVE PHISHING CAMPAIGN Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing t ... Pierluigi Paganini January 22, 2024 Malware THREAT ACTORS EXPLOIT APACHE ACTIVEMQ FLAW TO DELIVER THE GODZILLA WEB SHELL Researchers warn of a spike in attacks exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell. Trustwave researchers observed a surge in attacks exploiting a now-patche ... Pierluigi Paganini January 22, 2024 Data Breach CYBERCRIMINALS LEAKED MASSIVE VOLUMES OF STOLEN PII DATA FROM THAILAND IN DARK WEB Resecurity researchers warn of massive leak of stolen Thai personally identifiable information (PII) on the dark web by cybercriminals. Resecurity has detected a noticeable increase in data leaks ... Pierluigi Paganini January 22, 2024 Malware BACKDOORED PIRATED APPLICATIONS TARGETS APPLE MACOS USERS Researchers warned that pirated applications have been employed to deliver a backdoor to Apple macOS users. Jamf Threat Labs researchers warned that pirated applications have been utilized to dist ... Pierluigi Paganini January 22, 2024 Cyber Crime LOCKBIT RANSOMWARE GANG CLAIMS THE ATTACK ON THE SANDWICH CHAIN SUBWAY The LockBit ransomware gang claimed to have hacked Subway, the American multinational fast food restaurant franchise. Subway IP LLC is an American multinational fast-food restauran ... Pierluigi Paganini January 21, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 455 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 21, 2024 Cyber Crime ADMIN OF THE BREACHFORUMS HACKING FORUM SENTENCED TO 20 YEARS SUPERVISED RELEASE Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, has been sentenced to 20 years supervised release. Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, was s ... Pierluigi Paganini January 20, 2024 Data Breach VF CORP DECEMBER DATA BREACH IMPACTS 35 MILLION CUSTOMERS American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 million customers. VF Corporation is an American global apparel and footwear company ... Pierluigi Paganini January 19, 2024 APT CHINA-LINKED APT UNC3886 EXPLOITS VMWARE ZERO-DAY SINCE 2021 China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has ... Pierluigi Paganini January 19, 2024 Reports RANSOMWARE ATTACKS BREAK RECORDS IN 2023: THE NUMBER OF VICTIMS ROSE BY 128% Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased ... Pierluigi Paganini January 19, 2024 Hacking U.S. CISA WARNS OF ACTIVELY EXPLOITED IVANTI EPMM FLAW CVE-2023-35082 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM flaw CVE-2023-35082 to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ... Pierluigi Paganini January 19, 2024 Security THE QUANTUM COMPUTING CRYPTOPOCALYPSE – I’LL KNOW IT WHEN I SEE IT Can quantum computing break cryptography? Can it do it within a person’s lifetime? Will it be a cryptopocalypse, as some experts suggest? Can quantum computing break cryptography? Sure, it can. ... Pierluigi Paganini January 19, 2024 Security KANSAS STATE UNIVERSITY SUFFERED A SERIOUS CYBERSECURITY INCIDENT Kansas State University (K-State) suffered a cybersecurity incident that has disrupted part of its network and services. Kansas State University (K-State) suffered a cybersecurity incident that im ... Pierluigi Paganini January 19, 2024 Hacking CISA ADDS CHROME AND CITRIX NETSCALER TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ... Pierluigi Paganini January 18, 2024 APT GOOGLE TAG WARNS THAT RUSSIAN COLDRIVER APT IS USING A CUSTOM BACKDOOR Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT (aka “Seaborgium“, "Callisto", “Star Blizzard”, “TA ... Pierluigi Paganini January 18, 2024 Hacking PIXIEFAIL: NINE FLAWS IN UEFI OPEN-SOURCE REFERENCE IMPLEMENTATION COULD HAVE SEVERE IMPACTS Experts found multiple flaws, collectively named PixieFail, in the network protocol stack of an open-source reference implementation of the UEFI. Quarkslab researchers discovered nine vulnerabili ... Pierluigi Paganini January 18, 2024 Malware ISHUTDOWN LIGHTWEIGHT METHOD ALLOWS TO DISCOVER SPYWARE INFECTIONS ON IPHONES Researchers devised a "lightweight method," called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a " ... Pierluigi Paganini January 18, 2024 Hacking PRO-RUSSIA GROUP HIT SWISS GOVT SITES AFTER ZELENSKY VISIT IN DAVOS Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Switzerland believes that the cyberatta ... Pierluigi Paganini January 17, 2024 Security GITHUB ROTATED CREDENTIALS AFTER THE DISCOVERY OF A VULNERABILITY GitHub rotated some credentials after the discovery of a flaw that allowed access to the environment variables of a production container. After GitHub became aware of a vulnerability through its b ... Pierluigi Paganini January 17, 2024 Cyber Crime FBI, CISA WARN OF ANDROXGH0ST BOTNET FOR VICTIM IDENTIFICATION AND EXPLOITATION U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) r ... Pierluigi Paganini January 17, 2024 Hacking CITRIX WARNS ADMINS TO IMMEDIATELY PATCH NETSCALER FOR ACTIVELY EXPLOITED ZERO-DAYS Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited ze ... Pierluigi Paganini January 17, 2024 Security GOOGLE FIXED THE FIRST ACTIVELY EXPLOITED CHROME ZERO-DAY OF 2024 Google has addressed the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. Google has released security updates to address the first Chrome zero-day vul ... Pierluigi Paganini January 16, 2024 Breaking News ATLASSIAN FIXED CRITICAL RCE IN OLDER CONFLUENCE VERSIONS Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerabi ... Pierluigi Paganini January 16, 2024 Security VMWARE FIXED A CRITICAL FLAW IN ARIA AUTOMATION. PATCH IT NOW! VMware warns customers of a critical vulnerability impacting its Aria Automation multi-cloud infrastructure automation platform. VMware Aria Automation (formerly vRealize Automation) is a modern c ... Pierluigi Paganini January 16, 2024 Hacking EXPERTS WARN OF MASS EXPLOITATION OF IVANTI CONNECT SECURE VPN FLAWS Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors ar ... Pierluigi Paganini January 16, 2024 Security EXPERTS WARN OF A VULNERABILITY AFFECTING BOSCH BCC100 THERMOSTAT Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The ... Pierluigi Paganini January 16, 2024 Hacking OVER 178,000 SONICWALL NEXT-GENERATION FIREWALLS (NGFW) ONLINE EXPOSED TO HACK Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two ... Pierluigi Paganini January 15, 2024 Hacking PHEMEDRONE INFO STEALER CAMPAIGN EXPLOITS WINDOWS SMARTSCREEN BYPASS Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver the Phemedrone info stealer. Trend Micro researchers uncovered a malware campaign exploiting the vulnerabil ... Pierluigi Paganini January 15, 2024 Malware BALADA INJECTOR CONTINUES TO INFECT THOUSANDS OF WORDPRESS SITES Balada Injector malware infected more than 7100 WordPress sites using a vulnerable version of the Popup Builder plugin. In September, Sucuri researchers reported that more than 17,000 WordPress we ... Pierluigi Paganini January 15, 2024 Hacking ATTACKERS TARGET APACHE HADOOP AND FLINK TO DELIVER CRYPTOMINERS Researchers devised a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners. Cybersecurity researchers from cyber security firm Aqua have uncovered ... Pierluigi Paganini January 15, 2024 Hacking APPLE FIXED A BUG IN MAGIC KEYBOARD THAT ALLOWS TO MONITOR BLUETOOTH TRAFFIC Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recen ... Pierluigi Paganini January 15, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 454 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 13, 2024 Security GITLAB FIXED A CRITICAL ZERO-CLICK ACCOUNT HIJACKING FLAW GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to add ... Pierluigi Paganini January 13, 2024 Security JUNIPER NETWORKS FIXED A CRITICAL RCE BUG IN ITS FIREWALLS AND SWITCHES Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Juniper Networks released security updat ... Pierluigi Paganini January 12, 2024 Deep Web VAST VOTER DATA LEAKS CAST SHADOW OVER INDONESIA ’S 2024 PRESIDENTIAL ELECTION Investigators from Resecurity’s HUNTER (HUMINT) warn that Indonesia is increasingly being targeted by cyber-threat actors. Investigators from Resecurity’s HUNTER (HUMINT) have found that Indon ... Pierluigi Paganini January 12, 2024 Hacking RESEARCHERS CREATED A POC FOR APACHE OFBIZ FLAW CVE-2023-51467 Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a pro ... Pierluigi Paganini January 12, 2024 Security TEAM LIQUID’S WIKI LEAK EXPOSES 118K USERS Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing its users’ email addresses and other details. Users of the e-sports knowledge base were exposed via a pub ... Pierluigi Paganini January 12, 2024 Security CISA ADDS IVANTI AND MICROSOFT SHAREPOINT BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and In ... Pierluigi Paganini January 11, 2024 Hacking TWO ZERO-DAY BUGS IN IVANTI CONNECT SECURE ACTIVELY EXPLOITED Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure. Software firm Ivanti reported that threat actors are exploiting tw ... Pierluigi Paganini January 11, 2024 Cyber Crime X ACCOUNT OF LEADING CYBERSECURITY FIRM MANDIANT WAS HACKED BECAUSE NOT ADEQUATELY PROTECTED The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mand ... Pierluigi Paganini January 11, 2024 Security CISCO FIXED CRITICAL UNITY CONNECTION VULNERABILITY CVE-2024-20272 Cisco addressed a critical Unity Connection security flaw that can be exploited by an unauthenticated attacker to get root privileges. Cisco has addressed a critical flaw, tracked as CVE-2024-2027 ... Pierluigi Paganini January 11, 2024 Cyber Crime SHINYHUNTERS MEMBER SENTENCED TO THREE YEARS IN PRISON A U.S. District Court sentenced ShinyHunters hacker Sebastien Raoult to three years in prison and ordered him to pay more than $5 million in restitution. The member of the ShinyHunters hacker grou ... Pierluigi Paganini January 10, 2024 Data Breach HMG HEALTHCARE DISCLOSED A DATA BREACH The Healthcare services provider HMG Healthcare has disclosed a data breach that impacted 40 affiliated nursing facilities. In November 2023, the Healthcare services provider HMG Healthcare discov ... Pierluigi Paganini January 10, 2024 Hacking THREAT ACTORS HACKED THE X ACCOUNT OF THE SECURITIES AND EXCHANGE COMMISSION (SEC) AND ANNOUNCED FAKE BITCOIN ETF APPROVAL Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Sec ... Pierluigi Paganini January 10, 2024 Cyber Crime DECRYPTOR FOR TORTILLA VARIANT OF BABUK RANSOMWARE RELEASED Researchers and the Dutch Police released a decryptor for the Tortilla variant of the Babuk ransomware after the arrest of its operator. Cisco Talos researchers obtained a decryptor for the Babuk ... Pierluigi Paganini January 10, 2024 Security MICROSOFT PATCH TUESDAY FOR JANUARY 2024 FIXED 2 CRITICAL FLAWS Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. Microsoft Patch Tuesday security updates for January 2024 fixed 49 ... Pierluigi Paganini January 09, 2024 Security CISA ADDS APACHE SUPERSET BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Superset vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ... Pierluigi Paganini January 09, 2024 Cyber Crime SYRIAN GROUP ANONYMOUS ARABIC DISTRIBUTES STEALTHY MALWARE SILVER RAT A hacker group that calls itself Anonymous Arabic is distributing a stealthy remote access trojan called Silver RAT. Cyfirma researchers observed threat actors called ‘Anonymous Arabic’ distr ... Pierluigi Paganini January 09, 2024 Cyber Crime SWISS AIR FORCE SENSITIVE FILES STOLEN IN THE HACK OF ULTRA INTELLIGENCE & COMMUNICATIONS Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web ... Pierluigi Paganini January 08, 2024 Cyber Crime DOJ CHARGED 19 INDIVIDUALS IN A TRANSNATIONAL CYBERCRIME INVESTIGATION XDEDIC MARKETPLACE 19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The U.S. DoJ charged 19 individuals worldwide for their role in the operati ... Pierluigi Paganini January 08, 2024 Malware LONG-EXISTING BANDOOK RAT TARGETS WINDOWS MACHINES A new variant of the Bandook remote access trojan (RAT) was spotted in attacks aimed at Windows machines. Reseachers from Fortinet observed a new variant of a remote access trojan dubbed Bandook� ... Pierluigi Paganini January 08, 2024 Hacking A CYBER ATTACK HIT THE BEIRUT INTERNATIONAL AIRPORT A cyber attack hit the Beirut International Airport, Rafic Hariri (Lebanon), threat actors breached the Flight Information Display System (FIDS). Threat actors hit the Beirut International Airport ... Pierluigi Paganini January 07, 2024 Breaking News IRANIAN CRYPTO EXCHANGE BIT24.CASH LEAKS USER PASSPORTS AND IDS Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced ... Pierluigi Paganini January 07, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 453 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 07, 2024 APT TURKISH SEA TURTLE APT TARGETS DUTCH IT AND TELECOM FIRMS Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Researchers from Dutch security firm Hunt & Hackett observed Sea Tu ... Pierluigi Paganini January 07, 2024 APT EXPERTS SPOTTED A NEW MACOS BACKDOOR NAMED SPECTRALBLUR LINKED TO NORTH KOREA Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT's malware family. Security researcher Greg Lesnewich discovered a backdoor, call ... Pierluigi Paganini January 06, 2024 Laws and regulations MERCK SETTLES WITH INSURERS REGARDING A $1.4 BILLION CLAIM OVER NOTPETYA DAMAGES Merck has resolved a dispute with insurers regarding a $1.4 billion claim arising from the NotPetya malware incident. Merck and its insurers have agreed with a $1.4 billion claim arising from the ... Pierluigi Paganini January 06, 2024 Cyber Crime THE SOURCE CODE OF ZEPPELIN RANSOMWARE SOLD ON A HACKING FORUM A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Researchers from cybersecurity firm KELA reported that a threat actor ann ... Pierluigi Paganini January 05, 2024 Cyber warfare RUSSIA-LINKED APT SANDWORM WAS INSIDE UKRAINE TELECOMS GIANT KYIVSTAR FOR MONTHS Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant ... Pierluigi Paganini January 05, 2024 Security IVANTI FIXED A CRITICAL EPM FLAW THAT CAN RESULT IN REMOTE CODE EXECUTION Ivanti fixed a critical vulnerability in its Endpoint Manager (EPM) solution that could lead to remote code execution (RCE) on vulnerable servers Ivanti has released security updates to address a ... Pierluigi Paganini January 05, 2024 Security MYESTATEPOINT PROPERTY SEARCH ANDROID APP LEAKS USER PASSWORDS The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real e ... Pierluigi Paganini January 05, 2024 Hacking HACKER HIJACKED ORANGE SPAIN RIPE ACCOUNT CAUSING INTERNET OUTAGE TO COMPANY CUSTOMERS An internet outage impacted Orange Spain after a hacker gained access to the company's RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the R ... Pierluigi Paganini January 04, 2024 Data Breach HEALTHEC DATA BREACH IMPACTED MORE THAN 4.5 MILLION PEOPLE Healthcare technology company HealthEC disclosed a data breach that exposed the personal information of 4.5 million Individuals. Healthcare technology company HealthEC (HEC) disclosed a data brea ... Pierluigi Paganini January 04, 2024 Malware EXPERTS FOUND 3 MALICIOUS PACKAGES HIDING CRYPTO MINERS IN PYPI REPOSITORY Researchers discovered three malicious packages in the PyPI repository targeting Linux systems with a cryptocurrency miner. Fortinet researchers discovered three malicious packages in the open-sou ... Pierluigi Paganini January 04, 2024 Hacking CROOKS HACKED MANDIANT X ACCOUNT TO PUSH CRYPTOCURRENCY SCAM The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity fi ... Pierluigi Paganini January 04, 2024 Cyber Crime CYBERCRIMINALS IMPLEMENTED ARTIFICIAL INTELLIGENCE (AI) FOR INVOICE FRAUD Crooks created a new tool that uses Artificial Intelligence (AI) for creating fraudulent invoices used for wire fraud and BEC. Resecurity has uncovered a cybercriminal faction known as "GXC Team", ... Pierluigi Paganini January 03, 2024 Security CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ... Pierluigi Paganini January 03, 2024 Reports DON’T TRUST LINKS WITH KNOWN DOMAINS: BMW AFFECTED BY REDIRECT VULNERABILITY Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge ... Pierluigi Paganini January 03, 2024 Cyber Crime HACKERS STOLE MORE THAN $81 MILLION WORTH OF CRYPTO ASSETS FROM ORBIT CHAIN Crypto platform Orbit Chain suffered a cyberattack, threat actors have stolen more than $81 million worth of cryptocurrency. Orbit Chain has suffered a security breach that has resulted in the the ... Pierluigi Paganini January 03, 2024 Intelligence UKRAINE’S SBU SAID THAT RUSSIA'S INTELLIGENCE HACKED SURVEILLANCE CAMERAS TO DIRECT A MISSILE STRIKE ON KYIV Ukraine’s SBU revealed that Russia-linked threat actors hacked surveillance cameras to spy on air defense forces and critical infrastructure in Kyiv. Ukraine’s SBU announced they shut down two ... Pierluigi Paganini January 03, 2024 Malware EXPERTS WARN OF JINXLOADER LOADER USED TO SPREAD FORMBOOK AND XLOADER JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader. Researchers from Palo Alto Networks and Symantec warned of a new Go-based malware ... Pierluigi Paganini January 02, 2024 Hacking TERRAPIN ATTACK ALLOWS TO DOWNGRADE SSH PROTOCOL SECURITY Researchers discovered an SSH vulnerability, called Terrapin, that could allow an attacker to downgrade the connection's security. Security researchers from Ruhr University Bochum (Fabian Bäumer, ... Pierluigi Paganini January 02, 2024 Hacking MULTIPLE ORGANIZATIONS IN IRAN WERE BREACHED BY A MYSTERIOUS HACKER Hudson Researchers reported that a mysterious hacker launched a series of attacks against industry-leading companies in Iran. Hudson Researchers reported that on December 20th, a hacker using the ... Pierluigi Paganini January 02, 2024 Breaking News TOP 2023 SECURITY AFFAIRS CYBERSECURITY STORIES These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA ... Pierluigi Paganini January 01, 2024 Hacking MALWARE EXPLOITS UNDOCUMENTED GOOGLE OAUTH ENDPOINT TO REGENERATE GOOGLE COOKIES CloudSEK researchers analyzed a zero-day exploit that can allow the generation of persistent Google cookies through token manipulation. In October 2023, a developer known as PRISMA first uncovered ... Pierluigi Paganini January 01, 2024 Cyber Crime CACTUS RANSOMWARE GANG HIT THE SWEDISH RETAIL AND GROCERY PROVIDER COOP The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. Coop is one of the largest retail and grocery providers in Sweden, with approxima ... Pierluigi Paganini January 01, 2024 Laws and regulations GOOGLE AGREED TO SETTLE A $5 BILLION PRIVACY LAWSUIT Google has agreed to settle a $5 billion privacy lawsuit, which alleged that the company monitored individuals using the Chrome "incognito" mode. Google agreed to settle a $5 billion privacy lawsu ... Pierluigi Paganini December 31, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 452 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 31, 2023 Cyber Crime INC RANSOM RANSOMWARE GANG CLAIMS TO HAVE BREACHED XEROX CORP The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. Xerox Corp provides document management solutions worldwide. The company's Document Technol ... Pierluigi Paganini December 30, 2023 Security SPOTIFY MUSIC CONVERTER TUNEFAB PUTS USERS AT RISK TuneFab converter, used to convert copyrighted music from streaming platforms such as Spotify, Amazon’s Audible, or Apple Music, has exposed its users' private data. Cybernews research showed th ... Pierluigi Paganini December 30, 2023 Security CYBER ATTACKS HIT THE ASSEMBLY OF THE REPUBLIC OF ALBANIA AND TELECOM COMPANY ONE ALBANIA Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania, a government agency reported. Albania's National Authority for Electronic Certification and Cyber Securit ... Pierluigi Paganini December 29, 2023 APT RUSSIA-LINKED APT28 USED NEW MALWARE IN A RECENT PHISHING CAMPAIGN Ukraine's CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of ... Pierluigi Paganini December 29, 2023 Security CLASH OF CLANS GAMERS AT RISK WHILE USING THIRD-PARTY APP An exposed database and secrets on a third-party app puts Clash of Clans players at risk of attacks from threat actors. The Cybernews research team has discovered that the Clash Base Designer Easy ... Pierluigi Paganini December 29, 2023 Malware NEW VERSION OF MEDUZA STEALER RELEASED IN DARK WEB The Resecurity's HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity's HUNTER unit spotted the author of perspec ... Pierluigi Paganini December 29, 2023 Intelligence OPERATION TRIANGULATION ATTACKS RELIED ON AN UNDOCUMENTED HARDWARE FEATURE Experts discovered that Operation Triangulation targeting Apple iOS devices leveraged an undocumented hardware feature. Researchers from the Russian cybersecurity firm Kaspersky discovered that t ... Pierluigi Paganini December 28, 2023 Deep Web CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported. On Christmas Eve, Resecurity protecting Fortune 100 and government agencies globall ... Pierluigi Paganini December 28, 2023 Cyber Crime LOCKBIT RANSOMWARE ATTACK INTERRUPTED MEDICAL EMERGENCIES GANG AT A GERMAN HOSPITAL NETWORK A Lockbit ransomware attack against the German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) caused service disruptions at three hospitals. German hospital network Katholisch ... Pierluigi Paganini December 28, 2023 Security EXPERTS WARN OF CRITICAL ZERO-DAY IN APACHE OFBIZ Experts warn of a zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Experts warn of an authentication bypass zero-day flaw that affects Apache OfBi ... Pierluigi Paganini December 28, 2023 Malware XAMALICIOUS ANDROID MALWARE DISTRIBUTED THROUGH THE PLAY STORE Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdo ... Pierluigi Paganini December 27, 2023 Breaking News BARRACUDA FIXED A NEW ESG ZERO-DAY EXPLOITED BY CHINESE GROUP UNC4841 Security firm Barracuda addressed a new zero-day, affecting its Email Security Gateway (ESG) appliances, that is actively exploited by the China-linked UNC4841 group. On December 21, network and e ... Pierluigi Paganini December 27, 2023 Security ELECTIONS 2024, ARTIFICIAL INTELLIGENCE COULD UPSET WORLD BALANCES Governments should recognize electoral processes as critical infrastructure and enact laws to regulate the use of generative Artificial Intelligence. Elections are scheduled in several countries w ... Pierluigi Paganini December 27, 2023 Hacking EXPERTS ANALYZED ATTACKS AGAINST POORLY MANAGED LINUX SSH SERVERS Researchers warn of attacks against poorly managed Linux SSH servers that mainly aim at installing DDoS bot and CoinMiner. Researchers at AhnLab Security Emergency Response Center (ASEC) are warni ... Pierluigi Paganini December 27, 2023 Data Breach A CYBERATTACK HIT AUSTRALIAN HEALTHCARE PROVIDER ST VINCENT’S HEALTH AUSTRALIA St Vincent’s Health Australia, the largest Australian healthcare provider, suffered a data breach after a cyber attack. St Vincent’s Health Australia is the largest non-profit healthcare prov ... Pierluigi Paganini December 27, 2023 Cyber Crime RHYSIDA RANSOMWARE GROUP HACKED ABDALI HOSPITAL IN JORDAN The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. Abdali Hospital is a multi-specialty hospital located in the modern developm ... Pierluigi Paganini December 26, 2023 Malware CARBANAK MALWARE RETURNED IN RANSOMWARE ATTACKS Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in Novemb ... Pierluigi Paganini December 26, 2023 Reports RESECURITY RELEASED A 2024 CYBER THREAT LANDSCAPE FORECAST Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldw ... Pierluigi Paganini December 26, 2023 Hacking APT GROUP UAC-0099 TARGETS UKRAINE EXPLOITING A WINRAR FLAW The threat actor UAC-0099 is exploiting a flaw in the WinRAR to deliver LONEPAGE malware in attacks against Ukraine. A threat actor, tracked as UAC-0099, continues to target Ukraine. In some att ... Pierluigi Paganini December 25, 2023 APT IRAN-LINKED APT33 TARGETS DEFENSE INDUSTRIAL BASE SECTOR WITH FALSEFONT BACKDOOR Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. Microsoft says the APT33 (aka Peach Sandstorm, Holmium, Elfin, and Magic ... Pierluigi Paganini December 25, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 451 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.Enjoy a new round of the weekly SecurityAf ... Pierluigi Paganini December 25, 2023 Security EUROPOL AND ENISA SPOTTED 443 E-STORES COMPROMISED WITH DIGITAL SKIMMING A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with digital skimming. Europol and ENISA collaborated in ... Pierluigi Paganini December 24, 2023 Data Breach VIDEO GAME GIANT UBISOFT INVESTIGATES REPORTS OF A DATA BREACH Video game publisher Ubisoft is investigating reports of an alleged data breach after popular researchers shared evidence of the hack. Ubisoft, the popular video game publisher, is examining repor ... Pierluigi Paganini December 24, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG CLAIMS TO HAVE BREACHED ACCOUNTANCY FIRM XEINADIN The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy ... Pierluigi Paganini December 23, 2023 Data Breach MOBILE VIRTUAL NETWORK OPERATOR MINT MOBILE DISCLOSES A DATA BREACH Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers' personal information. Mint Mobile experienced a recent data breach, exposing customer ... Pierluigi Paganini December 23, 2023 Cyber Crime AKIRA RANSOMWARE GANG CLAIMS THE THEFT OF SENSITIVE DATA FROM NISSAN AUSTRALIA The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Austra ... Pierluigi Paganini December 22, 2023 Cyber Crime MEMBER OF LAPSUS$ GANG SENTENCED TO AN INDEFINITE HOSPITAL ORDER A member of the Lapsus$ cyber extortion group, Arion Kurtaj, has been sentenced to an indefinite hospital order. The UK Southwark Crown Court has sentenced Arion Kurtaj, a prominent member of the ... Pierluigi Paganini December 22, 2023 Security REAL ESTATE AGENCY EXPOSES DETAILS OF 690K CUSTOMERS An exposed instance contained information for a customer relationship management (CRM) system that likely belongs to Goyzer, a real estate property management software maker, the Cybernews research t ... Pierluigi Paganini December 22, 2023 Security ESET FIXED A HIGH-SEVERITY BUG IN THE SECURE TRAFFIC SCANNING FEATURE OF SEVERAL PRODUCTS ESET fixes a high-severity flaw in Secure Traffic Scanning Feature that could have been exploited to cause web browsers to trust sites that should not be trusted. ESET has addressed a vulnerabilit ... Pierluigi Paganini December 21, 2023 Cyber Crime PHISHING ATTACKS USE AN OLD MICROSOFT OFFICE FLAW TO SPREAD AGENT TESLA MALWARE Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability ... Pierluigi Paganini December 21, 2023 Breaking News DATA LEAK EXPOSES USERS OF CAR-SHARING SERVICE BLINK MOBILITY More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. The Cybernews research team has discovered that their personal data ... Pierluigi Paganini December 21, 2023 Security GOOGLE ADDRESSED A NEW ACTIVELY EXPLOITED CHROME ZERO-DAY Google has released emergency updates to address a new actively exploited zero-day vulnerability in the Chrome browser. Google has released emergency updates to address a new zero-day vulnerabili ... Pierluigi Paganini December 20, 2023 Cyber Crime GERMAN POLICE SEIZED THE DARK WEB MARKETPLACE KINGDOM MARKET The German police seized the dark web marketplace Kingdom Market as a result of an international law enforcement operation. The Federal Criminal Police Office in Germany (BKA) and the internet-cri ... Pierluigi Paganini December 20, 2023 Cyber Crime LAW ENFORCEMENT OPERATION HAECHI IV LED TO THE SEIZURE OF $300 MILLION An international law enforcement operation, named HAECHI IV, led to the arrest of approximately 3,500 suspects and the seizure of roughly $300 million worth of assets. Interpol this week announced ... Pierluigi Paganini December 20, 2023 Malware SOPHISTICATED JASKAGO INFO STEALER TARGETS MACOS AND WINDOWS JaskaGO is a new Go-based information stealer malware that targets both Windows and Apple macOS systems, experts warn. Researchers from AT&T Alien Labs uncovered a previously undetected Go-ba ... Pierluigi Paganini December 20, 2023 Data Breach BMW DEALER AT RISK OF TAKEOVER BY CYBERCRIMINALS By neglecting to set a password, a BMW dealer in India has jeopardized the entire network of car dealerships in the country and put its clients at risk. The Cybernews research team has discovered ... Pierluigi Paganini December 20, 2023 Data Breach COMCAST’S XFINITY CUSTOMER DATA EXPOSED AFTER CITRIXBLEED ATTACK Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast's Xfinity is notifying its customers about the compromise of t ... Pierluigi Paganini December 19, 2023 Breaking News FBI CLAIMS TO HAVE DISMANTLED ALPHV/BLACKCAT RANSOMWARE OPERATION, BUT THE GROUP DENIES IT The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware ... Pierluigi Paganini December 19, 2023 Cyber Crime SMISHING TRIAD: CYBERCRIMINALS IMPERSONATE UAE FEDERAL AUTHORITY FOR IDENTITY AND CITIZENSHIP ON THE PEAK OF HOLIDAYS SEASON Smishing Triad: Researchers warn crooks impersonating UAE Federal Authority for Identity and citizenship ahead of the Holiday Season Resecurity, Inc. (USA) has identified a new fraudulent campaign ... Pierluigi Paganini December 19, 2023 Cyber Crime THE RANSOMWARE ATTACK ON WESTPOLE IS DISRUPTING DIGITAL SERVICES FOR ITALIAN PUBLIC ADMINISTRATION An alleged Lockbit 3.0 ransomware attack on the Italian cloud service provider Westpole disrupted multiple services of local and government organizations and municipalities. A cyber attack hit on ... Pierluigi Paganini December 19, 2023 Malware INFO STEALERS AND HOW TO PROTECT AGAINST THEM Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. So, how do you protect against them? Info stealers, also known as information stea ... Pierluigi Paganini December 18, 2023 Hacktivism PRO-ISRAEL PREDATORY SPARROW HACKER GROUP DISRUPTED SERVICES AT AROUND 70% OF IRAN’S FUEL STATIONS A group of Pro-Israel hacktivists, called Predatory Sparrow, is suspected of having carried out a cyber attack against petrol stations across Iran. A Pro-Israel hacktivist group, called Predatory ... Pierluigi Paganini December 18, 2023 Cyber Crime QAKBOT IS BACK AND TARGETS THE HOSPITALITY INDUSTRY Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure. In August, the FBI announced that the Qakbot bot ... Pierluigi Paganini December 18, 2023 Hacking A SUPPLY CHAIN ATTACK ON CRYPTO HARDWARE WALLET LEDGER LED TO THE THEFT OF $600K A supply chain attack against Crypto hardware wallet maker Ledger resulted in the theft of $600,000 in virtual assets. Threat actors pushed a malicious version of the "@ledgerhq/connect-kit" npm ... Pierluigi Paganini December 18, 2023 Hacking MONGODB INVESTIGATES A CYBERATTACK, CUSTOMER DATA EXPOSED MongoDB on Saturday announced it is investigating a cyberattack that exposed customer account metadata and contact information. MongoDB on Saturday disclosed it is investigating a cyber attack aga ... Pierluigi Paganini December 17, 2023 Hacking INFECTEDSLURS BOTNET TARGETS QNAP VIOSTOR NVR VULNERABILITY The Mirai-based botnet InfectedSlurs was spotted targeting QNAP VioStor NVR (Network Video Recorder) devices. In November, Akamai warned of a new Mirai-based DDoS botnet, named InfectedSlurs, acti ... Pierluigi Paganini December 17, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 450 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 17, 2023 Data Breach HUNTERS INTERNATIONAL RANSOMWARE GANG CLAIMS TO HAVE HACKED THE FRED HUTCH CANCER CENTER The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters Internatio ... Pierluigi Paganini December 16, 2023 Malware NEW NKABUSE MALWARE ABUSES NKN DECENTRALIZED P2P NETWORK PROTOCOL Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team (GERT) ... Pierluigi Paganini December 16, 2023 Cyber Crime SNATCH RANSOMWARE GANG CLAIMS THE HACK OF THE FOOD GIANT KRAFT HEINZ The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. Kraft Heinz is an American food company, it is one of the largest food and ... Pierluigi Paganini December 15, 2023 Security MULTIPLE FLAWS IN PFSENSE FIREWALL CAN LEAD TO ARBITRARY CODE EXECUTION Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgat ... Pierluigi Paganini December 15, 2023 Cyber Crime BIANLIAN, WHITE RABBIT, AND MARIO RANSOMWARE GANGS SPOTTED IN A JOINT CAMPAIGN Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Based on a recent Digital Forensics & Incident Response (DFIR) e ... Pierluigi Paganini December 15, 2023 Security DATA OF OVER A MILLION USERS OF THE CRYPTO EXCHANGE GOKUMARKET EXPOSED GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered. The leak comes aft ... Pierluigi Paganini December 15, 2023 Data Breach IDAHO NATIONAL LABORATORY DATA BREACH IMPACTED 45,047 INDIVIDUALS The Idaho National Laboratory (INL) announced that it has suffered a data breach impacting more than 45,000 individuals. In November, the hacktivist group SiegedSec claimed responsibility for the ... Pierluigi Paganini December 15, 2023 Security UBIQUITI USERS CLAIM TO HAVE ACCESS TO OTHER PEOPLE’S DEVICES Users of Ubiquiti WiFi products started reporting that they are accessing other people’s devices when logging into their accounts. Some users of Ubiquiti wifi products started reporting unexpec ... Pierluigi Paganini December 14, 2023 APT RUSSIA-LINKED APT29 SPOTTED TARGETING JETBRAINS TEAMCITY SERVERS Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. Experts warn that the Russia-linked APT29 group has been observed targeting JetBrains ... Pierluigi Paganini December 14, 2023 Security MICROSOFT SEIZED THE US INFRASTRUCTURE OF THE STORM-1152 CYBERCRIME GROUP Microsoft's Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft's Digital Crimes Unit seized multiple domains used by a c ... Pierluigi Paganini December 14, 2023 Cyber Crime FRENCH AUTHORITIES ARRESTED A RUSSIAN NATIONAL FOR HIS ROLE IN THE HIVE RANSOMWARE OPERATION French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian ... Pierluigi Paganini December 14, 2023 APT CHINA-LINKED APT VOLT TYPHOON LINKED TO KV-BOTNET Researchers linked a sophisticated botnet, tracked as KV-Botnet, to the operation of the China-linked threat actor Volt Typhoon. The Black Lotus Labs team at Lumen Technologies linked a small offi ... Pierluigi Paganini December 14, 2023 Security UK HOME OFFICE IS IGNORING THE RISK OF 'CATASTROPHIC RANSOMWARE ATTACKS,' REPORT WARNS A Joint Committee on the National Security Strategy (JCNSS) warns of the high risk of a catastrophic ransomware attack on the UK government. The British government is accused of failing to mitigat ... Pierluigi Paganini December 13, 2023 Hacking OAUTH APPS USED IN CRYPTOCURRENCY MINING, PHISHING CAMPAIGNS, AND BEC ATTACKS Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in crypt ... Pierluigi Paganini December 13, 2023 Security SOPHOS BACKPORTS FIX FOR CVE-2022-3236 FOR EOL FIREWALL FIRMWARE VERSIONS DUE TO ONGOING ATTACKS Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. Sophos backports the fix for the critical code injection ... Pierluigi Paganini December 13, 2023 Security DECEMBER 2023 MICROSOFT PATCH TUESDAY FIXED 4 CRITICAL FLAWS Microsoft Patch Tuesday security updates for December 2023 addressed 33 vulnerabilities in multiple products, including a zero-day. Microsoft Patch Tuesday security updates for December 2023 addre ... Pierluigi Paganini December 13, 2023 Cyber warfare UKRAINIAN MILITARY INTELLIGENCE SERVICE HACKED THE RUSSIAN FEDERAL TAXATION SERVICE The Ukrainian government's military intelligence service announced the hack of the Russian Federal Taxation Service (FNS). Hackers of the Main Intelligence Directorate of the Ministry of Defense o ... Pierluigi Paganini December 12, 2023 Hacking KYIVSTAR, UKRAINE'S LARGEST MOBILE CARRIER BROUGHT DOWN BY A CYBER ATTACK Kyivstar, the largest Ukraine service provider, was hit by a cyber attack that paralyzed its services. The attack is linked to the ongoing conflict. Kyivstar, the largest Ukraine service provider ... Pierluigi Paganini December 12, 2023 Security DUBAI’S LARGEST TAXI APP EXPOSES 220K+ USERS The Dubai Taxi Company (DTC) app, which provides taxi, limousine, and other transport services, left a database open to the public, exposing sensitive customer and driver data. Dubai Taxi Company, ... Pierluigi Paganini December 12, 2023 APT OPERATION BLACKSMITH: LAZARUS EXPLOITS LOG4J FLAWS TO DEPLOY DLANG MALWARE North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a ne ... Pierluigi Paganini December 12, 2023 Security APPLE RELEASED IOS 17.2 TO ADDRESS A DOZEN OF SECURITY FLAWS Apple rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. The company released iOS 17.2 and iPadOS 17.2 which address a dozen of ... Pierluigi Paganini December 12, 2023 Data Breach TOYOTA FINANCIAL SERVICES DISCLOSES A DATA BREACH Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a d ... Pierluigi Paganini December 11, 2023 Hacking APACHE FIXED CRITICAL RCE FLAW CVE-2023-50164 IN STRUTS 2 The Apache Software Foundation addressed a critical remote code execution vulnerability in the Apache Struts 2 open-source framework. The Apache Software Foundation released security updates to ad ... Pierluigi Paganini December 11, 2023 Security CISA ADDS QLIK SENSE FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Qlik Sense vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ... Pierluigi Paganini December 11, 2023 Security CISA AND ENISA SIGNED A WORKING ARRANGEMENT TO ENHANCE COOPERATION ENISA has signed a Working Arrangement with the US CISA to enhance capacity-building, best practices exchange and awareness. The European Union Agency for Cybersecurity (ENISA) has signed a Workin ... Pierluigi Paganini December 11, 2023 Hacking RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users' Google accounts. The security researcher Jose Rodriguez (@VBarraquito) discovered a ... Pierluigi Paganini December 10, 2023 Security WORDPRESS 6.4.2 FIXED A REMOTE CODE EXECUTION (RCE) FLAW WordPress 6.4.2 addressed a security vulnerability that could be chained with another flaw to achieve remote code execution. WordPress released a security update to address a flaw that can be chai ... Pierluigi Paganini December 10, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 449 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 10, 2023 Hacktivism HACKTIVISTS HACKED AN IRISH WATER UTILITY AND INTERRUPTED THE WATER SUPPLY Threat actors launched a cyberattack on an Irish water utility causing the interruption of the power supply for two days. Threat actors hacked a small water utility in Ireland and interrupted the ... Pierluigi Paganini December 09, 2023 Hacking 5GHOUL FLAWS IMPACT HUNDREDS OF 5G DEVICES WITH QUALCOMM, MEDIATEK CHIPS A set of flaws, collectively called 5Ghoul, in the firmware implementation of 5G mobile network modems from major vendors impacts Android and iOS devices. A team of researchers from the Singapore ... Pierluigi Paganini December 09, 2023 Data Breach NORTON HEALTHCARE DISCLOSED A DATA BREACH AFTER A RANSOMWARE ATTACK Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit t ... Pierluigi Paganini December 09, 2023 Hacking BYPASSING MAJOR EDRS USING POOL PARTY PROCESS INJECTION TECHNIQUES Researchers devised a novel attack vector for process injection, dubbed Pool Party, that evades EDR solutions. Researchers from cybersecurity firm SafeBreach devised a set of process injection tec ... Pierluigi Paganini December 08, 2023 Cyber Crime FOUNDER OF BITZLATO EXCHANGE HAS PLEADED FOR UNLICENSED MONEY TRANSMITTING Anatoly Legkodymov, the founder of the Bitzlato cryptocurrency exchange has pleaded in a money-laundering scheme. Anatoly Legkodymov (41) (aka Anatolii Legkodymov, Gandalf, and Tolik), the Russian ... Pierluigi Paganini December 08, 2023 Mobile ANDROID BARCODE SCANNER APP EXPOSES USER PASSWORDS An Android app with over 100k Google Play downloads and a 4.5-star average rating has let an open instance go unchecked, leaving sensitive user data up for grabs. The Cybernews team discovered the ... Pierluigi Paganini December 08, 2023 APT UK AND US EXPOSE RUSSIA CALLISTO GROUP'S ACTIVITY AND SANCTION MEMBERS The UK NCSC and Microsoft warned that Russia-linked threat actor Callisto Group is targeting organizations worldwide. The UK National Cyber Security Centre (NCSC) and Microsoft reported that the R ... Pierluigi Paganini December 07, 2023 Security A CYBER ATTACK HIT NISSAN OCEANIA Japanese carmaker Nissan announced it has suffered a cyberattack impacting the internal systems at Nissan Oceania. Nissan Oceania, the regional division of the multinational carmaker, announced it ... Pierluigi Paganini December 07, 2023 Malware NEW KRASUE LINUX RAT TARGETS TELECOM COMPANIES IN THAILAND A previously undetected Linux RAT dubbed Krasue has been observed targeting telecom companies in Thailand. Group-IB researchers discovered a previously undetected Linux remote access trojan called ... Pierluigi Paganini December 07, 2023 Security ATLASSIAN ADDRESSED FOUR NEW RCE FLAWS IN ITS PRODUCTS Australian Software giant Atlassian addressed four critical Remote Code Execution (RCE) vulnerabilities in its products. Atlassian released security patches to address four critical remote c ... Pierluigi Paganini December 06, 2023 Security CISA ADDS QUALCOMM FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds four Qualcomm vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ... Pierluigi Paganini December 06, 2023 Security EXPERTS DEMONSTRATE A POST-EXPLOITATION TAMPERING TECHNIQUE TO DISPLAY FAKE LOCKDOWN MODE Researchers devised a new post-exploitation tampering technique to trick users into believing that their iPhone is in Lockdown Mode. Researchers from Jamf Threat Labs devised a new post-exploit ta ... Pierluigi Paganini December 06, 2023 Hacking GST INVOICE BILLING INVENTORY EXPOSES SENSITIVE DATA TO THREAT ACTORS GST Invoice Billing Inventory, a business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up for grabs. ... Pierluigi Paganini December 06, 2023 Security THREAT ACTORS BREACHED US GOVT SYSTEMS BY EXPLOITING ADOBE COLDFUSION FLAW The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. The U.S. Cybersecurity and Infrastructure Security Agency ... Pierluigi Paganini December 06, 2023 Security ENISA PUBLISHED THE ENISA THREAT LANDSCAPE FOR DOS ATTACKS REPORT ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk ... Pierluigi Paganini December 05, 2023 APT RUSSIA-LINKED APT28 GROUP SPOTTED EXPLOITING OUTLOOK FLAW TO HIJACK MS EXCHANGE ACCOUNTS Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Microsoft's Threat Intelligence is warning of Russi ... Pierluigi Paganini December 05, 2023 Mobile GOOGLE FIXED CRITICAL ZERO-CLICK RCE IN ANDROID Google fixed a critical zero-click RCE vulnerability (CVE-2023-40088) with the release of the December 2023 Android security updates. Google December 2023 Android security updates addressed 85 vul ... Pierluigi Paganini December 05, 2023 Malware NEW P2PINFECT BOT TARGETS ROUTERS AND IOT DEVICES Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botne ... Pierluigi Paganini December 04, 2023 Cyber Crime MALVERTISING ATTACKS RELY ON DANABOT TROJAN TO SPREAD CACTUS RANSOMWARE Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to ... Pierluigi Paganini December 04, 2023 Cyber Crime LOCKBIT ON A ROLL - ICBC RANSOMWARE ATTACK STRIKES AT THE HEART OF THE GLOBAL FINANCIAL ORDER The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. The ransomware breach that crippled U.S. Treasu ... Pierluigi Paganini December 04, 2023 Security ZYXEL FIXED TENS OF FLAWS IN FIREWALLS, ACCESS POINTS, AND NAS DEVICES Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. Taiwanese vendor Zyxel addressed tens of vulnerabilities in its f ... Pierluigi Paganini December 04, 2023 Malware NEW AGENT RACCOON MALWARE TARGETS THE MIDDLE EAST, AFRICA AND THE US Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is ... Pierluigi Paganini December 03, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 448 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 03, 2023 Hacking RESEARCHERS DEVISED AN ATTACK TECHNIQUE TO EXTRACT CHATGPT TRAINING DATA Researchers devised an attack technique that could have been used to trick ChatGPT into disclosing training data. A team of researchers from several universities and Google have demonstrated an at ... Pierluigi Paganini December 02, 2023 Security FORTUNE-TELLING WEBSITE WEMYSTIC EXPOSES 13M+ USER RECORDS WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms' users. Telling the future is a tricky bus ... Pierluigi Paganini December 02, 2023 Security EXPERT WARNS OF TURTLE MACOS RANSOMWARE The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detaile ... Pierluigi Paganini December 01, 2023 Cyber Crime BLACK BASTA RANSOMWARE GANG ACCUMULATED AT LEAST $107 MILLION IN BITCOIN RANSOM PAYMENTS SINCE EARLY 2022 The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, l ... Pierluigi Paganini December 01, 2023 Security CISA ADDS OWNCLOUD AND GOOGLE CHROME BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Googl ... Pierluigi Paganini December 01, 2023 Security APPLE ADDRESSED 2 NEW IOS ZERO-DAY VULNERABILITIES Apple released emergency security updates to fix two actively exploited zero-day flaws impacting iPhone, iPad, and Mac devices. Apple released emergency security updates to address two zero-day vu ... Pierluigi Paganini November 30, 2023 Hacking CRITICAL ZOOM ROOM BUG ALLOWED TO GAIN ACCESS TO ZOOM TENANTS A critical vulnerability in Zoom Room allowed threat actors to take over meetings and steal sensitive data. Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne ... Pierluigi Paganini November 30, 2023 Cyber Crime RHYSIDA RANSOMWARE GROUP HACKED KING EDWARD VII’S HOSPITAL IN LONDON The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. King Edward VII's Hospital is a private hospital located on Beaumont Street in the Marylebone district o ... Pierluigi Paganini November 30, 2023 Security GOOGLE ADDRESSED THE SIXTH CHROME ZERO-DAY VULNERABILITY IN 2023 Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to addre ... Pierluigi Paganini November 29, 2023 Hacking OKTA REVEALS ADDITIONAL ATTACKERS' ACTIVITIES IN OCTOBER 2023 BREACH Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 20 ... Pierluigi Paganini November 29, 2023 Security THOUSANDS OF SECRETS LURK IN APP IMAGES ON DOCKER HUB Thousands of secrets have been left exposed on Docker Hub, a platform where web developers collaborate on their code for web applications. While some are harmless API keys, others could lead to unaut ... Pierluigi Paganini November 29, 2023 Hacking THREAT ACTORS STARTED EXPLOITING CRITICAL OWNCLOUD FLAW CVE-2023-49103 Threat actors started exploiting a critical ownCloud vulnerability (CVE-2023-49103) that can lead to sensitive information disclosure. ownCloud is an open-source software platform designed for fil ... Pierluigi Paganini November 28, 2023 Cyber Crime INTERNATIONAL POLICE OPERATION DISMANTLED A PROMINENT UKRAINE-BASED RANSOMWARE GROUP An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the ... Pierluigi Paganini November 28, 2023 Cyber Crime DAIXIN TEAM GROUP CLAIMED THE HACK OF NORTH TEXAS MUNICIPAL WATER DISTRICT The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional wa ... Pierluigi Paganini November 28, 2023 Cyber Crime HEALTHCARE PROVIDER ARDENT HEALTH SERVICES DISCLOSED A RANSOMWARE ATTACK The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and othe ... Pierluigi Paganini November 28, 2023 Cyber warfare UKRAINE'S INTELLIGENCE SERVICE HACKED RUSSIA'S FEDERAL AIR TRANSPORT AGENCY, ROSAVIATSIA Ukraine's intelligence service announced the hack of the Russian Federal Air Transport Agency, 'Rosaviatsia.' Ukraine's intelligence service announced they have hacked Russia's Federal Air Transpo ... Pierluigi Paganini November 27, 2023 Hacktivism IRANIAN HACKER GROUP CYBER AV3NGERS HACKED THE MUNICIPAL WATER AUTHORITY OF ALIQUIPPA IN PENNSYLVANIA Threat actors breached the Municipal Water Authority of Aliquippa in Pennsylvania and took control of a booster station. During the weekend, Iranian threat actors hacked the Municipal Water Author ... Pierluigi Paganini November 27, 2023 Hacking THE HACK OF MSP PROVIDER CTS POTENTIALLY IMPACTED HUNDREDS OF UK LAW FIRMS The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom. CTS is a trusted provider of IT services to the legal sector in the UK. The co ... Pierluigi Paganini November 27, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 447 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 26, 2023 Cyber Crime RHYSIDA RANSOMWARE GANG CLAIMED CHINA ENERGY HACK The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering ... Pierluigi Paganini November 25, 2023 APT NORTH KOREA-LINKED APT LAZARUS IS USING A MAGICLINE4NX ZERO-DAY FLAW IN SUPPLY CHAIN ATTACK UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply-chain attack The National Cyber Security Centre (NCSC) and Korea's National Int ... Pierluigi Paganini November 25, 2023 Malware HAMAS-LINKED APT USES RUST-BASED SYSJOKER BACKDOOR AGAINST ISRAEL Researchers reported that a Hamas-linked APT group is using a Rust-based SysJoker backdoor against Israeli entities. Check Point researchers observed a Hamas-linked APT group is using the SysJoker ... Pierluigi Paganini November 25, 2023 Security APP USED BY HUNDREDS OF SCHOOLS LEAKING CHILDREN'S DATA Almost a million files with minors' data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. During a recent investigation, the Cybernews re ... Pierluigi Paganini November 24, 2023 Security MICROSOFT LAUNCHED ITS NEW MICROSOFT DEFENDER BOUNTY PROGRAM Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products. Microsoft launched its new Microsoft Defender Bounty Program with a focus on Defender ... Pierluigi Paganini November 24, 2023 Hacking EXPOSED KUBERNETES CONFIGURATION SECRETS CAN FUEL SUPPLY CHAIN ATTACKS Researchers warn of publicly exposed Kubernetes configuration secrets that could pose a threat of supply chain attack for organizations. Aqua Nautilus researchers warn of publicly exposed Kubernet ... Pierluigi Paganini November 24, 2023 APT NORTH KOREA-LINKED KONNI APT USES RUSSIAN-LANGUAGE WEAPONIZED DOCUMENTS North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized ... Pierluigi Paganini November 24, 2023 Malware CLEARFAKE CAMPAIGN SPREADS MACOS AMOS INFORMATION STEALER Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being ... Pierluigi Paganini November 23, 2023 Data Breach WELLTOK DATA BREACH IMPACTED 8.5 MILLION PATIENTS IN THE U.S. Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S. Welltok is a company that specializes in health optimization solutions. It provi ... Pierluigi Paganini November 23, 2023 APT NORTH KOREA-LINKED APT DIAMOND SLEET SUPPLY CHAIN ATTACK RELIES ON CYBERLINK SOFTWARE North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack. Microsoft Threat Intelligence researchers uncovered a supply cha ... Pierluigi Paganini November 23, 2023 Data Breach AUTOMOTIVE PARTS GIANT AUTOZONE DISCLOSED DATA BREACH AFTER MOVEIT HACK American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts a ... Pierluigi Paganini November 23, 2023 Malware NEW INFECTEDSLURS MIRAI-BASED BOTNET EXPLOITS TWO ZERO-DAYS Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai warned of a new Mirai-based DDoS botnet, named In ... Pierluigi Paganini November 22, 2023 Hacktivism SIEGEDSEC HACKTIVIST GROUP HACKED IDAHO NATIONAL LABORATORY (INL) The Idaho National Laboratory (INL) disclosed a data breach after the SiegedSec hacktivist group leaked stolen human resources data. SiegedSec hacktivists group claimed responsibility for the hack ... Pierluigi Paganini November 22, 2023 Security CISA ADDS LOONEY TUNABLES LINUX BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA adds Looney Tunables Linux flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Looney Tunables Linux ... Pierluigi Paganini November 22, 2023 Hacking CITRIX PROVIDES ADDITIONAL MEASURES TO ADDRESS CITRIX BLEED Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability. Citrix is providing additional measures to admins who are ... Pierluigi Paganini November 22, 2023 Digital ID TOR PROJECT REMOVED SEVERAL RELAYS ASSOCIATED WITH A SUSPICIOUS CRYPTOCURRENCY SCHEME The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users. The Tor Project announced the removal of multiple network relays t ... Pierluigi Paganini November 21, 2023 Malware EXPERTS WARN OF A SURGE IN NETSUPPORT RAT ATTACKS AGAINST EDUCATION AND GOVERNMENT SECTORS Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The Carbon Black Managed Detection & Response team is warning of a surge in the ... Pierluigi Paganini November 21, 2023 Security THE TOP 5 REASONS TO USE AN API MANAGEMENT PLATFORM Organizations need to govern and control the API ecosystem, this governance is the role of API management. Uber uses APIs (Application Programming Interfaces) to connect with third-party services ... Pierluigi Paganini November 21, 2023 Data Breach CANADIAN GOVERNMENT IMPACTED BY DATA BREACHES OF TWO OF ITS CONTRACTORS The Canadian government discloses a data breach after threat actors hacked two of its contractors. The Canadian government declared that two of its contractors,Brookfield Global Relocation S ... Pierluigi Paganini November 20, 2023 Data Breach RHYSIDA RANSOMWARE GANG IS AUCTIONING DATA STOLEN FROM THE BRITISH LIBRARY The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to th ... Pierluigi Paganini November 20, 2023 APT RUSSIA-LINKED APT29 GROUP EXPLOITED WINRAR 0DAY IN ATTACKS AGAINST EMBASSIES Russia-linked cyberespionage group APT29 has been observed leveraging the CVE-2023-38831 vulnerability in WinRAR in recent attacks. The Ukrainian National Security and Defense Council (NDSC) repor ... Pierluigi Paganini November 20, 2023 APT DARKCASINO JOINS THE LIST OF APT GROUPS EXPLOITING WINRAR ZERO-DAY The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploi ... Pierluigi Paganini November 20, 2023 Cyber Crime US TEENAGER PLEADS GUILTY TO HIS ROLE IN CREDENTIAL STUFFING ATTACK ON A BETTING SITE US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website. US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential ... Pierluigi Paganini November 20, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 446 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 19, 2023 Malware 8BASE RANSOMWARE OPERATORS USE A NEW VARIANT OF THE PHOBOS RANSOMWARE 8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the ... Pierluigi Paganini November 19, 2023 APT RUSSIAN APT GAMAREDON USES USB WORM LITTERDRIFTER AGAINST UKRAINE Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB. Check Point researchers observed Russia-linked Gamaredon spreading the worm called ... Pierluigi Paganini November 18, 2023 Breaking News THE BOARD OF DIRECTORS OF OPENAI FIRED SAM ALTMAN OpenAI fired its CEO Sam Altman, and the Chief technology officer Mira Murati appointed interim CEO to lead the company. Sam Altman has been removed as CEO of OpenAI. The company announced that Mi ... Pierluigi Paganini November 17, 2023 Data Breach MEDUSA RANSOMWARE GANG CLAIMS THE HACK OF TOYOTA FINANCIAL SERVICES Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unaut ... Pierluigi Paganini November 17, 2023 Security CISA ADDS SOPHOS WEB APPLIANCE BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added three new vulnerabilities (tracked as CVE-2023-36584, CVE-2023-1671, and CVE-2023-2551) to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ... Pierluigi Paganini November 17, 2023 APT ZIMBRA ZERO-DAY EXPLOITED TO STEAL GOVERNMENT EMAILS BY FOUR GROUPS Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments. Google Threat Analysis Group (TAG) researchers revealed t ... Pierluigi Paganini November 16, 2023 Data Breach VIETNAM POST EXPOSES 1.2TB OF DATA, INCLUDING EMAIL ADDRESSES Vietnam Post Corporation, a Vietnamese government-owned postal service, exposed security logs and employee email addresses to external cyber threats Vietnam Post Corporation, a Vietnamese governme ... Pierluigi Paganini November 16, 2023 Data Breach SAMSUNG SUFFERED A NEW DATA BREACH Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal informati ... Pierluigi Paganini November 16, 2023 Malware FBI AND CISA WARN OF ATTACKS BY RHYSIDA RANSOMWARE GANG The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to ... Pierluigi Paganini November 16, 2023 Security CRITICAL FLAW FIXED IN SAP BUSINESS ONE PRODUCT Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product. SAP November 2023 Security Patch Day includes three new and three updated secu ... Pierluigi Paganini November 15, 2023 Cyber Crime LAW ENFORCEMENT AGENCIES DISMANTLED THE ILLEGAL BOTNET PROXY SERVICE IPSTORM The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm. The IPStorm botnet was first uncovered in May 2019 while targeting Windows ... Pierluigi Paganini November 15, 2023 Security GAMBLERS’ DATA COMPROMISED AFTER CASINO GIANT STRENDUS FAILS TO SET PASSWORD Mexican online casino Strendus has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling. Strendus, one of the biggest online casinos in Mexico has ... Pierluigi Paganini November 15, 2023 Security VMWARE DISCLOSED A CRITICAL AND UNPATCHED AUTHENTICATION BYPASS FLAW IN VMWARE CLOUD DIRECTOR APPLIANCE VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. VMware disclosed an aut ... Pierluigi Paganini November 15, 2023 APT DANISH CRITICAL INFRASTRUCTURE HIT BY THE LARGEST CYBER ATTACK IN DENMARK'S HISTORY Danish critical infrastructure was hit by the largest cyber attack on record that hit the country, according to Denmark's SektorCERT. In May, Danish critical infrastructure faced the biggest cyber ... Pierluigi Paganini November 14, 2023 Cyber Crime MAJOR AUSTRALIAN PORTS BLOCKED AFTER A CYBER ATTACK ON DP WORLD A cyber attack on the logistics giant DP World caused significant disruptions in the operations of several major Australian ports. A cyberattack hit the international logistics firm DP World Aust ... Pierluigi Paganini November 14, 2023 Malware NUCLEAR AND OIL & GAS ARE MAJOR TARGETS OF RANSOMWARE GROUPS IN 2024 Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Resecurity, Inc. (USA) protecting major Fortune 1 ... Pierluigi Paganini November 14, 2023 Security CISA ADDS FIVE VULNERABILITIES IN JUNIPER DEVICES TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. The U.S. Cybe ... Pierluigi Paganini November 13, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG LEAKED DATA STOLEN FROM BOEING The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. The Boeing Company, commonly known as Boeing, is one of the world’s largest aeros ... Pierluigi Paganini November 13, 2023 APT NORTH KOREA-LINKED APT SAPPHIRE SLEET TARGETS IT JOB SEEKERS WITH BOGUS SKILLS ASSESSMENT PORTALS North Korea-linked APT group Sapphire Sleet set up bogus skills assessment portals in attacks aimed at IT job seekers. The North Korea-linked APT group Sapphire Sleet (aka APT38, BlueNoroff, Cagey ... Pierluigi Paganini November 13, 2023 Data Breach THE LORENZ RANSOMWARE GROUP HIT TEXAS-BASED COGDELL MEMORIAL HOSPITAL The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it w ... Pierluigi Paganini November 12, 2023 Data Breach THE STATE OF MAINE DISCLOSED A DATA BREACH THAT IMPACTED 1.3M PEOPLE The State of Maine disclosed a data breach that impacted about 1.3 million people after an attack hit its MOVEit file transfer install. The State of Maine was the victim of the large-scale hack ... Pierluigi Paganini November 12, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 445 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 12, 2023 Cyber Crime POLICE SEIZED BULLETPROFTLINK PHISHING-AS-A-SERVICE (PHAAS) PLATFORM The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious Bu ... Pierluigi Paganini November 11, 2023 Cyber Crime SERBIAN PLEADS GUILTY TO RUNNING ‘MONOPOLY’ DARK WEB DRUG MARKET The Serbian citizen Milomir Desnica (33) has pleaded guilty to running the dark web Monopoly drug marketplace. Milomir Desnica, a 33-year-old Serbian citizen, admited to being responsible for oper ... Pierluigi Paganini November 11, 2023 Data Breach MCLAREN HEALTH CARE REVEALED THAT A DATA BREACH IMPACTED 2.2 MILLION PEOPLE McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 million individuals. McLaren Health Care (McLaren) disclosed a data ... Pierluigi Paganini November 10, 2023 Hacktivism AFTER CHATGPT, ANONYMOUS SUDAN TOOK DOWN THE CLOUDFLARE WEBSITE After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive di ... Pierluigi Paganini November 10, 2023 Hacking INDUSTRIAL AND COMMERCIAL BANK OF CHINA (ICBC) SUFFERED A RANSOMWARE ATTACK The Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack that disrupted trades in the US Treasury market. The Industrial and Commercial Bank of China (ICBC) announced it has ... Pierluigi Paganini November 10, 2023 Hacking SYSAID ZERO-DAY EXPLOITED BY CLOP RANSOMWARE GROUP Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group. Microsoft reported the exploitation of a zero-day vulnerability, tra ... Pierluigi Paganini November 10, 2023 Cyber Crime DOLLY.COM PAYS RANSOM, ATTACKERS RELEASE DATA ANYWAY On-demand moving and delivery platform Dolly.com allegedly paid a ransom but crooks found an excuse not to hold their end of the bargain. Cybercriminals are hardly a trustworthy bunch. Case in poi ... Pierluigi Paganini November 10, 2023 Hacktivism DDOS ATTACK LEADS TO SIGNIFICANT DISRUPTION IN CHATGPT SERVICES OpenAI confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. OpenAI confirmed earlier today that the outage suffered ... Pierluigi Paganini November 09, 2023 APT RUSSIAN SANDWORM DISRUPTS POWER IN UKRAINE WITH A NEW OT ATTACK Mandiant reported that Russia-linked Sandworm APT used a novel OT attack to cause power outages during mass missile strikes on Ukraine. Mandiant researchers reported that Russia-linked APT group S ... Pierluigi Paganini November 09, 2023 Security VEEAM FIXED MULTIPLE FLAWS IN VEEAM ONE, INCLUDING CRITICAL ISSUES Veeam addressed multiple vulnerabilities in its Veeam ONE IT infrastructure monitoring and analytics platform, including two critical issues. Veeam addressed four vulnerabilities (CVE-2023-38547, ... Pierluigi Paganini November 07, 2023 Security PRO-PALESTINIAN HACKERS GROUP 'SOLDIERS OF SOLOMON' DISRUPTED THE PRODUCTION CYCLE OF THE BIGGEST FLOUR PRODUCTION PLANT IN ISRAEL Pro-Palestinian hackers group 'Soldiers of Solomon' claims to have hacked one of the largest Israeli flour plants causing severe damage to the operations. The Pro-Palestinian hackers group 'Soldie ... Pierluigi Paganini November 07, 2023 APT IRANIAN AGONIZING SERPENS APT IS TARGETING ISRAELI ENTITIES WITH DESTRUCTIVE CYBER ATTACKS Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January. Iran-linked Agonizing Serpens group (aka Agrius, BlackShadow,&n ... Pierluigi Paganini November 07, 2023 Security CRITICAL CONFLUENCE FLAW EXPLOITED IN RANSOMWARE ATTACKS Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server. Over the weekend threat actors started exploiting a recent ... Pierluigi Paganini November 06, 2023 Security QNAP FIXED TWO CRITICAL VULNERABILITIES IN QTS OS AND APPS Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices. Taiwanese vendor QNAP Systems addressed two critical command in ... Pierluigi Paganini November 06, 2023 Hacking ATTACKERS USE GOOGLE CALENDAR RAT TO ABUSE CALENDAR SERVICE AS C2 INFRASTRUCTURE Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-con ... Pierluigi Paganini November 06, 2023 Cyber Crime SOCKS5SYSTEMZ PROXY SERVICE DELIVERED VIA PRIVATELOADER AND AMADEY Threat actors infected more than 10,000 devices worldwide with the 'PrivateLoader' and 'Amadey' loaders to recruit them into the proxy botnet 'Socks5Systemz.' Bitsight researchers uncovered a pro ... Pierluigi Paganini November 06, 2023 Breaking News US GOVT SANCTIONED A RUSSIAN WOMAN FOR LAUNDERING VIRTUAL CURRENCY ON BEHALF OF THREAT ACTORS The Treasury Department sanctioned a Russian woman accused of laundering virtual currency on behalf of cybercriminals. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) on ... Pierluigi Paganini November 05, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 444 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 05, 2023 APT LAZARUS TARGETS BLOCKCHAIN ENGINEERS WITH NEW KANDYKORN MACOS MALWARE North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware i ... Pierluigi Paganini November 05, 2023 Hacking KINSING THREAT ACTORS PROBED THE LOONEY TUNABLES FLAWS IN RECENT ATTACKS Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments. Researchers are cloud security firm Aqua have observed th ... Pierluigi Paganini November 04, 2023 Hacking ZDI DISCLOSES FOUR ZERO-DAY FLAWS IN MICROSOFT EXCHANGE Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs. Trend Micro's Zer ... Pierluigi Paganini November 03, 2023 Data Breach OKTA CUSTOMER SUPPORT SYSTEM BREACH IMPACTED 134 CUSTOMERS Threat actors who breached the Okta customer support system also gained access to files belonging to 134 customers. Threat actors who breached the Okta customer support system in October gained ac ... Pierluigi Paganini November 03, 2023 Mobile MULTIPLE WHATSAPP MODS SPOTTED CONTAINING THE CANESSPY SPYWARE Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module du ... Pierluigi Paganini November 03, 2023 Cyber warfare RUSSIAN FSB ARRESTED RUSSIAN HACKERS WHO SUPPORTED UKRAINIAN CYBER OPERATIONS The FSB arrested two Russian hackers who are accused of having helped Ukrainian entities carry out cyberattacks on critical infrastructure targets. The Russian intelligence agency Federal Security ... Pierluigi Paganini November 03, 2023 APT MUDDYWATER HAS BEEN SPOTTED TARGETING TWO ISRAELI ENTITIES Iran-linked cyberespionage group MuddyWater is targeting Israeli entities in a new spear-phishing campaign. Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, and&nbs ... Pierluigi Paganini November 03, 2023 Data Breach CLOP GROUP OBTAINED ACCESS TO THE EMAIL ADDRESSES OF ABOUT 632,000 US FEDERAL EMPLOYEES Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to ... Pierluigi Paganini November 02, 2023 Data Breach OKTA DISCLOSES A NEW DATA BREACH AFTER A THIRD-PARTY VENDOR WAS HACKED Okta warns approximately 5,000 employees that their personal information was compromised due to a third-party vendor data breach. Cloud identity and access management solutions provider Okta warns ... Pierluigi Paganini November 02, 2023 Hacking SUSPECTED EXPLOITATION OF APACHE ACTIVEMQ FLAW CVE-2023-46604 TO INSTALL HELLOKITTY RANSOMWARE Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the ... Pierluigi Paganini November 02, 2023 Cyber Crime BOEING CONFIRMED ITS SERVICES DIVISION SUFFERED A CYBERATTACK Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is ... Pierluigi Paganini November 02, 2023 Data Breach RESECURITY: INSECURITY OF 3RD-PARTIES LEADS TO AADHAAR DATA LEAKS IN INDIA Data leaks containing Aadhaar IDs in India were caused by the insecurity of 3rd parties while aggregating such information for KYC. According to Resecurity, a global cybersecurity provider protect ... Pierluigi Paganini November 02, 2023 Cyber Crime WHO IS BEHIND THE MOZI BOTNET KILL SWITCH? Researchers speculate that the recent shutdown of the Mozi botnet was the response of its authors to the pressure from Chinese law enforcement. ESET researchers speculate that the recent shutdown ... Pierluigi Paganini November 02, 2023 Hacking CISA ADDS TWO F5 BIG-IP FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added two vulnerabilities, tracked as CVE-2023-46747 and CVE-2023-46748, in BIG-IP to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ... Pierluigi Paganini November 01, 2023 Security THREAT ACTORS ACTIVELY EXPLOIT F5 BIG-IP FLAWS CVE-2023-46747 AND CVE-2023-46748 Experts warn that threat actors started exploiting the critical flaw CVE-2023-46747 in F5 BIG-IP installs less than five days after PoC exploit disclosure. F5 this week warned customers about a cr ... Pierluigi Paganini November 01, 2023 Malware PRO-HAMAS HACKTIVIST GROUP TARGETS ISRAEL WITH BIBI-LINUX WIPER A pro-Hamas hacker group is targeting Israeli entities using a new Linux-based wiper malware dubbed BiBi-Linux Wiper. During a forensics investigation, Security Joes Incident Response team di ... Pierluigi Paganini November 01, 2023 Hacking BRITISH LIBRARY SUFFERS MAJOR OUTAGE DUE TO CYBERATTACK Last weekend, the British Library suffered a cyberattack that caused a major IT outage, impacting many of its services. The British Library is facing a major outage that impacts the website and ma ... Pierluigi Paganini November 01, 2023 Security CRITICAL ATLASSIAN CONFLUENCE FLAW CAN LEAD TO SIGNIFICANT DATA LOSS Atlassian warned of a critical security vulnerability, tracked as CVE-2023-22518, in the Confluence Data Center and Server. Atlassian is warning of a critical security flaw, tracked as CVE-2023-2 ... Pierluigi Paganini October 31, 2023 Deep Web WIHD LEAK EXPOSES DETAILS OF ALL TORRENT USERS World-in-HD (WiHD), a French private video torrent community, left an open instance exposing the emails and passwords of all of its users and administrators. WiHD, a popular torrent tracker specia ... Pierluigi Paganini October 31, 2023 Hacking EXPERTS RELEASED POC EXPLOIT CODE FOR CISCO IOS XE FLAW CVE-2023-20198 Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. Researchers from Researchers at Horizon3.ai publicly released the exploit code ... Pierluigi Paganini October 31, 2023 Intelligence CANADA BANS WECHAT AND KASPERSKY APPS ON GOVERNMENT-ISSUED MOBILE DEVICES Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the We ... Pierluigi Paganini October 31, 2023 Cyber Crime FLORIDA MAN SENTENCED TO PRISON FOR SIM SWAPPING CONSPIRACY THAT LED TO THEFT OF $1M IN CRYPTOCURRENCY A man from Orlando was sentenced to prison for SIM Swapping conspiracy that led to the theft of approximately $1M in cryptocurrency. Jordan Dave Persad (20), from Orlando, Florida, was sentenced t ... Pierluigi Paganini October 30, 2023 Hacking WIKI-SLACK ATTACK ALLOWS REDIRECTING BUSINESS PROFESSIONALS TO MALICIOUS WEBSITES eSentire researchers devised a new attack technique, named Wiki-Slack attack, that can be used to redirect business professionals to malicious websites. eSentire Threat Response Unit (TRU) secur ... Pierluigi Paganini October 30, 2023 Security HACKERONE AWARDED OVER $300 MILLION BUG HUNTERS HackerOne announced that it has awarded over $300 million bug hunters as part of its bug bounty programs since the launch of its platform. HackerOne announced that it has surpassed $300 million in ... Pierluigi Paganini October 30, 2023 Malware STRIPEDFLY, A COMPLEX MALWARE THAT INFECTED ONE MILLION DEVICES WITHOUT BEING NOTICED A sophisticated malware tracked as StripedFly remained undetected for five years and infected approximately one million devices. Researchers from Kaspersky discovered a sophisticated malware, dubb ... Pierluigi Paganini October 30, 2023 Hacktivism IT ARMY OF UKRAINE DISRUPTED INTERNET PROVIDERS IN TERRITORIES OCCUPIED BY RUSSIA IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine� ... Pierluigi Paganini October 29, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 443 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 29, 2023 Hacking BUG HUNTERS EARNED $1,038,250 FOR 58 UNIQUE 0-DAYS AT PWN2OWN TORONTO 2023 The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,25 ... Pierluigi Paganini October 28, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG CLAIMS TO HAVE STOLEN DATA FROM BOEING The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Boeing Company, commonly known as Boeing, is ... Pierluigi Paganini October 27, 2023 APT FRANCE AGENCY ANSSI WARNS OF RUSSIA-LINKED APT28 ATTACKS ON FRENCH ENTITIES France National Agency for the Security of Information Systems warns that the Russia-linked APT28 group has breached several critical networks. The French National Agency for the Security of Infor ... Pierluigi Paganini October 27, 2023 Security HOW TO COLLECT MARKET INTELLIGENCE WITH RESIDENTIAL PROXIES? How residential proxies using real IPs from diverse locations enable businesses to gather comprehensive and accurate data from the web Since the adoption of the first digital tools and connection ... Pierluigi Paganini October 27, 2023 Hacking F5 URGES TO ADDRESS A CRITICAL FLAW IN BIG-IP F5 warns customers of a critical vulnerability impacting BIG-IP that could lead to unauthenticated remote code execution. F5 is warning customers about a critical security vulnerability, tracked a ... Pierluigi Paganini October 27, 2023 Data Breach HELLO ALFRED APP EXPOSES USER DATA Hello Alfred, an in-home hospitality app, left a database accessible without password protection, exposing almost 170,000 records containing private user data. Hello Alfred is a one-stop applicat ... Pierluigi Paganini October 27, 2023 Hacking ILEAKAGE ATTACK EXPLOITS SAFARI TO STEAL DATA FROM APPLE DEVICES Boffins devised a new iLeakage side-channel speculative execution attack exploits Safari to steal sensitive data from Macs, iPhones, and iPads. A team of researchers from the University of Michiga ... Pierluigi Paganini October 26, 2023 Hacking CLOUDFLARE MITIGATED 89 HYPER-VOLUMETRIC HTTP DISTRIBUTED DDOS ATTACKS EXCEEDING 100 MILLION RPS Cloudflare mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks exploiting the flaw HTTP/2 Rapid Reset. Cloudflare DDoS threat report of 2023 states that the c ... Pierluigi Paganini October 26, 2023 Data Breach SEIKO CONFIRMED A DATA BREACH AFTER BLACKCAT ATTACK Japanese watchmaker Seiko revealed that the attack that suffered earlier this year was carried out by the Black Cat ransomware gang. On August 10, 2023, the Japanese maker of watches Seiko disclos ... Pierluigi Paganini October 26, 2023 APT WINTER VIVERN APT EXPLOITED ZERO-DAY IN ROUNDCUBE WEBMAIL SOFTWARE IN RECENT ATTACKS Russia-linked threat actor Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software. Russian APT group Winter Vivern (aka TA473) has been observed exploiting a ze ... Pierluigi Paganini October 26, 2023 Hacking PWN2OWN TORONTO 2023 DAY 1 - ORGANIZERS AWARDED $438,750 IN PRIZES The Pwn2Own Toronto 2023 hacking contest has begun and during the first day, participants received $438,750 in prizes! During the Day 1 of the Pwn2Own Toronto 2023 hacking contest, the organizatio ... Pierluigi Paganini October 25, 2023 Security VMWARE ADDRESSED CRITICAL VCENTER FLAW ALSO FOR END-OF-LIFE PRODUCTS VMware addressed a critical out-of-bounds write vulnerability, tracked as CVE-2023-34048, that impacts vCenter Server. vCenter Server is a critical component in VMware virtualization and cloud c ... Pierluigi Paganini October 25, 2023 Security CITRIX WARNS ADMINS TO PATCH NETSCALER CVE-2023-4966 BUG IMMEDIATELY Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway applia ... Pierluigi Paganini October 25, 2023 Data Breach NEW ENGLAND BIOLABS LEAK SENSITIVE DATA On September 18th, the Cybernews research team discovered two publicly hosted environment files (.env) attributed to New England Biolabs. Leaving environment files open to the public is one of the ... Pierluigi Paganini October 25, 2023 Intelligence FORMER NSA EMPLOYEE PLEADS GUILTY TO ATTEMPTED SELLING CLASSIFIED DOCUMENTS TO RUSSIA A former NSA employee has pleaded guilty to charges of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke (31), a former NSA employee has admitted to attempting ... Pierluigi Paganini October 24, 2023 Hacking EXPERTS RELEASED POC EXPLOIT CODE FOR VMWARE ARIA OPERATIONS FOR LOGS FLAW. PATCH IT NOW! VMware is aware of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in VMware Aria Operations for Logs. VMware warned customers of the availability of a ... Pierluigi Paganini October 24, 2023 Hacking HOW DID THE OKTA SUPPORT BREACH IMPACT 1PASSWORD? 1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system. The password management and security application 1Password announced it had dete ... Pierluigi Paganini October 24, 2023 Security PII BELONGING TO INDIAN CITIZENS, INCLUDING THEIR AADHAAR IDS, OFFERED FOR SALE ON THE DARK WEB Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web. PII Belonging to Indian Citizens, Including their Aadhaar ID ... Pierluigi Paganini October 24, 2023 Cyber Crime SPAIN POLICE DISMANTLED A CYBERCRIMINAL GROUP WHO STOLE THE DATA OF 4 MILLION INDIVIDUALS The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over four million individuals. The Spanish police have arrested 34 members of a cybe ... Pierluigi Paganini October 24, 2023 Security CISA ADDS SECOND CISCO IOS XE FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulner ... Pierluigi Paganini October 23, 2023 Hacking CISCO WARNS OF A SECOND IOS XE ZERO-DAY USED TO INFECT DEVICES WORLDWIDE Cisco found a second IOS XE zero-day vulnerability, tracked as CVE-2023-20273, which is actively exploited in attacks in the wild. Cisco last week warned customers of a zero-day vulnerability, ... Pierluigi Paganini October 23, 2023 Hacking CITY OF PHILADELPHIA SUFFERS A DATA BREACH The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is inve ... Pierluigi Paganini October 23, 2023 Security SOLARWINDS FIXED THREE CRITICAL RCE FLAWS IN ITS ACCESS RIGHTS MANAGER PRODUCT Researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product. Security researchers discovered three critical remote code execu ... Pierluigi Paganini October 23, 2023 Intelligence DON'T USE AI-BASED APPS, PHILIPPINE DEFENSE ORDERED ITS PERSONNEL The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits. The Philippine defense warned of the risks of using AI-based applications to genera ... Pierluigi Paganini October 23, 2023 Malware VIETNAMESE THREAT ACTORS LINKED TO DARKGATE MALWARE CAMPAIGN Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., the U.S., and India. WithSecure researchers linked the recent attacks using the DarkG ... Pierluigi Paganini October 23, 2023 Intelligence MI5 CHIEF WARNS OF CHINESE CYBER ESPIONAGE REACHED AN UNPRECEDENTED SCALE MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted. The head of MI5, Ken McCallum, warns that Chinese spies targeted more than ... Pierluigi Paganini October 22, 2023 Intelligence THE ATTACK ON THE INTERNATIONAL CRIMINAL COURT WAS TARGETED AND SOPHISTICATED The International Criminal Court revealed the recent attack was carried out by a threat actor for espionage purposes. The International Criminal Court shared additional information about the cyber ... Pierluigi Paganini October 22, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 442 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 22, 2023 Cyber Crime A THREAT ACTOR IS SELLING ACCESS TO FACEBOOK AND INSTAGRAM'S POLICE PORTAL A threat actor is selling access to Facebook and Instagram's Police Portal used by law enforcement agencies to request data relating to users under investigation. Cyber security researcher Alon Ga ... Pierluigi Paganini October 21, 2023 Data Breach THREAT ACTORS BREACHED OKTA SUPPORT SYSTEM AND STOLE CUSTOMERS' DATA Okta revealed that threat actors breached its support case management system and stole sensitive data that can be used in future attacks. Okta says that threat actors broke into its support case m ... Pierluigi Paganini October 21, 2023 Security US DOJ SEIZED DOMAINS USED BY NORTH KOREAN IT WORKERS TO DEFRAUD BUSINESSES WORLDWIDE The U.S. government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide. The U.S. government announced the seizure of 17 website doma ... Pierluigi Paganini October 21, 2023 Cyber Crime ALLEGED DEVELOPER OF THE RAGNAR LOCKER RANSOMWARE WAS ARRESTED A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation. Yesterday we became aware of a joint law en ... Pierluigi Paganini October 20, 2023 Hacking CISA ADDS CISCO IOS XE FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the vulnerability CVE-2021-1435 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnera ... Pierluigi Paganini October 20, 2023 Hacking TENS OF THOUSANDS CISCO IOS XE DEVICES WERE HACKED BY EXPLOITING CVE-2023-20198 More than 40,000 Cisco IOS XE devices have been compromised in attacks exploiting recently disclosed critical vulnerability CVE-2023-20198. Researchers from LeakIX used the indicators of compromis ... Pierluigi Paganini October 20, 2023 Cyber Crime LAW ENFORCEMENT OPERATION SEIZED RAGNAR LOCKER GROUP'S INFRASTRUCTURE An international law enforcement operation shuts down the infrastructure of the Ragnar Locker ransomware operation. Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Nethe ... Pierluigi Paganini October 19, 2023 Security THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT! I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases ... Pierluigi Paganini October 19, 2023 APT NORTH KOREA-LINKED APT GROUPS ACTIVELY EXPLOIT JETBRAINS TEAMCITY FLAW North Korea-linked threat actors are actively exploiting a critical vulnerability CVE-2023-42793 in JetBrains TeamCity. Microsoft warns that North Korea-linked threat actors are actively exploitin ... Pierluigi Paganini October 19, 2023 APT MULTIPLE APT GROUPS EXPLOITED WINRAR FLAW CVE-2023-38831 Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google's Threat Analysis Group (TAG) reported that in recent weeks ... Pierluigi Paganini October 19, 2023 Data Breach CALIFORNIAN IT COMPANY DNA MICRO LEAKS PRIVATE MOBILE PHONE DATA Hundreds of thousands of clients who opted-in for a screen warranty were exposed when DNA Micro leaked data from its systems. The Cybernews research team found that DNA Micro, a California-based I ... Pierluigi Paganini October 18, 2023 Hacking THREAT ACTORS HAVE BEEN EXPLOITING CVE-2023-4966 IN CITRIX NETSCALER ADC/GATEWAY DEVICES SINCE AUGUST Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin ... Pierluigi Paganini October 18, 2023 Hacking A FLAW IN SYNOLOGY DISKSTATION MANAGER ALLOWS ADMIN ACCOUNT TAKEOVER A vulnerability in Synology DiskStation Manager (DSM) could be exploited to decipher an administrator's password. Researchers from Claroty's Team82 discovered a vulnerability, tracked as CVE-2023- ... Pierluigi Paganini October 18, 2023 Hacking D-LINK CONFIRMS DATA BREACH, BUT DOWNPLAYED THE IMPACT Taiwanese manufacturer D-Link confirmed a data breach after a threat actor offered for sale on BreachForums stolen data. The global networking equipment and technology company D-Link confirmed a ... Pierluigi Paganini October 18, 2023 Breaking News CVE-2023-20198 ZERO-DAY WIDELY EXPLOITED TO INSTALL IMPLANTS ON CISCO IOS XE SYSTEMS Threat actors exploited the recently disclosed zero-day flaw (CVE-2023-20198) in a large-scale hacking campaign on Cisco IOS XE devices. Threat actors have exploited the recently disclosed critica ... Pierluigi Paganini October 17, 2023 APT RUSSIA-LINKED SANDWORM APT COMPROMISED 11 UKRAINIAN TELECOMMUNICATIONS PROVIDERS Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between May and September 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised el ... Pierluigi Paganini October 17, 2023 Cyber Crime RANSOMWARE REALITIES IN 2023: ONE EMPLOYEE MISTAKE CAN COST A COMPANY MILLIONS What is the impact of ransomware on organizations? One employee's mistake can cost a company millions of dollars. Studies show that human error is the root cause of more than 80% of all cyber brea ... Pierluigi Paganini October 17, 2023 Malware MALWARE-LACED 'REDALERT - ROCKET ALERTS' APP TARGETS ISRAELI USERS Threat actors are targeting Israeli Android users with a malicious version of the 'RedAlert – Rocket Alerts' that hide spyware. A threat actor is targeting Israeli Android users with a spyware-l ... Pierluigi Paganini October 17, 2023 Hacking CISCO WARNS OF ACTIVE EXPLOITATION OF IOS XE ZERO-DAY Cisco warned customers of a critical zero-day vulnerability in its IOS XE Software that is actively exploited in attacks. Cisco warned customers of a zero-day vulnerability, tracked as CVE-2023-2 ... Pierluigi Paganini October 16, 2023 Hacking SIGNAL DENIES CLAIMS OF AN ALLEGED ZERO-DAY FLAW IN ITS PLATFORM Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation. The popular encrypted messaging app Signal denied claims of an alleged z ... Pierluigi Paganini October 16, 2023 Malware MICROSOFT DEFENDER THWARTED AKIRA RANSOMWARE ATTACK ON AN INDUSTRIAL ENGINEERING FIRM Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. Microsoft announced that its Microsoft Defender for Endpo ... Pierluigi Paganini October 16, 2023 Cyber Crime DARKGATE MALWARE CAMPAIGN ABUSES SKYPE AND TEAMS Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. From July to September, researchers from Trend Micro observed a ma ... Pierluigi Paganini October 16, 2023 Cyber Crime THE ALPHV RANSOMWARE GANG STOLE 5TB OF DATA FROM THE MORRISON COMMUNITY HOSPITAL The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. Threat actors continue to target hospitals. The ALPHV/BlackCat ransomware group claims to have hacked th ... Pierluigi Paganini October 15, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 441 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 15, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. The technology services giant CDW announced it has launched an investiga ... Pierluigi Paganini October 14, 2023 Breaking News CISA WARNS OF VULNERABILITIES AND MISCONFIGURATIONS EXPLOITED IN RANSOMWARE ATTACKS CISA warns organizations of vulnerabilities and misconfigurations that are known to be exploited in ransomware operations. The US cybersecurity agency CISA is sharing knowledge about vulnerabiliti ... Pierluigi Paganini October 14, 2023 APT STAYIN' ALIVE CAMPAIGN TARGETS HIGH-PROFILE ASIAN GOVERNMENT AND TELECOM ENTITIES. IS IT LINKED TO TODDYCAT APT? A cyberespionage campaign, tracked as Stayin' Alive, targeted high-profile government and telecom entities in Asia. Cybersecurity company Check Point uncovered a malicious activity, tracked as ... Pierluigi Paganini October 13, 2023 Uncategorized FBI AND CISA PUBLISHED A NEW ADVISORY ON AVOSLOCKER RANSOMWARE FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) published ... Pierluigi Paganini October 13, 2023 Hacking MORE THAN 17,000 WORDPRESS WEBSITES INFECTED WITH THE BALADA INJECTOR IN SEPTEMBER In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. Sucuri researchers reported that more than 17,000 WordPress websites have been compromised i ... Pierluigi Paganini October 13, 2023 Malware RANSOMLOOKER, A NEW TOOL TO TRACK AND ANALYZE RANSOMWARE GROUPS' ACTIVITIES Ransomlooker monitors ransomware groups' extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker, a tool to monitor ransomware groups' extortio ... Pierluigi Paganini October 12, 2023 Cyber Crime PHISHING, THE CAMPAIGNS THAT ARE TARGETING ITALY This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail ... Pierluigi Paganini October 12, 2023 Cyber Crime A NEW MAGECART CAMPAIGN HIDES THE MALICIOUS CODE IN 404 ERROR PAGE Researchers observed a new Magecart web skimming campaign changing the websites' default 404 error page to steal credit cards. Researchers from the Akamai Security Intelligence Group unc ... Pierluigi Paganini October 12, 2023 Hacking CISA ADDS ADOBE ACROBAT READER FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the flaw CVE-2023-21608 in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five new fl ... Pierluigi Paganini October 11, 2023 Malware MIRAI-BASED DDOS BOTNET IZ1H9 ADDED 13 PAYLOADS TO TARGET ROUTERS A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Fortinet researchers observed a new Mir ... Pierluigi Paganini October 11, 2023 Data Breach AIR EUROPA DATA BREACH EXPOSED CUSTOMERS' CREDIT CARDS Airline Air Europa disclosed a data breach and warned customers to cancel their credit cards after threat actors accessed their card information. Air Europa is a Spanish airline and a subsidiary o ... Pierluigi Paganini October 11, 2023 Cyber warfare #OPISRAEL, #FREEPALESTINE & #OPSAUDIARABIA - HOW CYBER ACTORS CAPITALIZE ON WAR ACTIONS VIA PSY-OPS Gaza: Resecurity identified threat actors exploiting the conflict to weaponize psychological operations (PSYOPs) campaigns. Amidst the outbreak of war on the Gaza Strip last weekend, Resecurity (L ... Pierluigi Paganini October 11, 2023 Security MICROSOFT PATCH TUESDAY UPDATES FOR OCTOBER 2023 FIXED THREE ACTIVELY EXPLOITED ZERO-DAY FLAWS Microsoft Patch Tuesday security updates for October 2023 fixed three actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for October 2023 addressed a total of 10 ... Pierluigi Paganini October 11, 2023 Hacking NEW 'HTTP/2 RAPID RESET' TECHNIQUE BEHIND RECORD-BREAKING DDOS ATTACKS A new DDoS technique named 'HTTP/2 Rapid Reset' is actively employed in attacks since August enabling record-breaking attacks. Researchers disclosed a new zero-day DDoS attack technique, named 'HT ... Pierluigi Paganini October 10, 2023 Hacking EXPOSED SECURITY CAMERAS IN ISRAEL AND PALESTINE POSE SIGNIFICANT RISKS Many poorly configured security cameras are exposed to hacktivists in Israel and Palestine, placing the owners using them and the people around them at substantial risk. After the Hamas attacks on ... Pierluigi Paganini October 10, 2023 Hacking A FLAW IN LIBCUE LIBRARY IMPACTS GNOME LINUX SYSTEMS A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked a ... Pierluigi Paganini October 10, 2023 Hacktivism HACKTIVISTS IN PALESTINE AND ISRAEL AFTER SCADA AND OTHER INDUSTRIAL CONTROL SYSTEMS Both pro-Israeli and pro-Palestinian hacktivists have joined the fight and are targeting SCADA and ICS systems. Both pro-Israeli and pro-Palestinian hacktivists have joined the fight in the cyber ... Pierluigi Paganini October 10, 2023 Hacking LARGE-SCALE CITRIX NETSCALER GATEWAY CREDENTIAL HARVESTING CAMPAIGN EXPLOITS CVE-2023-3519 IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability. IBM's X-Force researchers reported that threat actors are con ... Pierluigi Paganini October 09, 2023 Malware THE SOURCE CODE OF THE 2020 VARIANT OF HELLOKITTY RANSOMWARE WAS LEAKED ON A CYBERCRIME FORUM A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. Cybersecurity researchers 3xp0rt reported that a threat actor ... Pierluigi Paganini October 09, 2023 Hacking GAZA-LINKED HACKERS AND PRO-RUSSIA GROUPS ARE TARGETING ISRAEL Microsoft linked a Gaza-based threat actor tracked as Storm-1133 to a series of attacks aimed at private organizations in Israel. The fourth annual Digital Defense Report published by Microsoft l ... Pierluigi Paganini October 09, 2023 Data Breach FLAGSTAR BANK SUFFERED A DATA BREACH ONCE AGAIN Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that t ... Pierluigi Paganini October 09, 2023 Malware ANDROID DEVICES SHIPPED WITH BACKDOORED FIRMWARE AS PART OF THE BADBOX NETWORK Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security disc ... Pierluigi Paganini October 09, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 440 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 08, 2023 APT NORTH KOREA-LINKED LAZARUS APT LAUNDERED OVER $900 MILLION THROUGH CROSS-CHAIN CRIME North Korea-linked APT group Lazarus has laundered $900 million worth of cryptocurrency, Elliptic researchers reported. Researchers from blockchain analytics firm Elliptic reported that threat act ... Pierluigi Paganini October 08, 2023 Cyber Crime QAKBOT THREAT ACTORS ARE STILL OPERATIONAL AFTER THE AUGUST TAKEDOWN Threat actors behind the QakBot malware are still active, since August they are carrying out a phishing campaign delivering Ransom Knight ransomware and Remcos RAT. In August, the FBI announced th ... Pierluigi Paganini October 07, 2023 Cyber Crime RANSOMWARE ATTACK ON MGM RESORTS COSTS $110 MILLION Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM R ... Pierluigi Paganini October 06, 2023 Breaking News CYBERSECURITY, WHY A HOTLINE NUMBER COULD BE IMPORTANT? The creation of a dedicated emergency number for cybersecurity could provide an effective solution to this rapidly growing challenge The growing threat of cybercrime is calling for new and innovat ... Pierluigi Paganini October 06, 2023 Hacking MULTIPLE EXPERTS RELEASED EXPLOITS FOR LINUX LOCAL PRIVILEGE ESCALATION FLAW LOONEY TUNABLES Researchers published PoC exploits for CVE-2023-4911 vulnerability (aka Looney Tunables) impacting most popular Linux distributions. The vulnerability CVE-2023-4911 (CVSS score 7.8) is a buffer ov ... Pierluigi Paganini October 06, 2023 Security CISCO EMERGENCY RESPONDER IS AFFECTED BY A CRITICAL STATIC CREDENTIALS BUG. FIX IT IMMEDIATELY! Cisco addressed a critical Static Credentials Vulnerability, tracked as CVE-2023-20101, impacting Emergency Responder. Cisco released security updates to address a critical vulnerability, tracked ... Pierluigi Paganini October 06, 2023 Intelligence BELGIAN INTELLIGENCE SERVICE VSSE ACCUSED ALIBABA OF ‘POSSIBLE ESPIONAGE’ AT EUROPEAN HUB IN LIEGE Belgian intelligence agency State Security Service (VSSE) fears that Chinese giant Alibaba is spying on logistics to gather financial intelligence. The Belgian intelligence service VSSE revealed t ... Pierluigi Paganini October 06, 2023 Hacking CISA ADDS JETBRAINS TEAMCITY AND WINDOWS FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG The U.S. CISA added JetBrains TeamCity and Windows vulnerabilities to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the JetBra ... Pierluigi Paganini October 05, 2023 Hacking NATO IS INVESTIGATING A NEW CYBER ATTACK CLAIMED BY THE SIEGEDSEC GROUP NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politicall ... Pierluigi Paganini October 05, 2023 Data Breach GLOBAL CRM PROVIDER EXPOSED MILLIONS OF CLIENTS’ FILES ONLINE Researcher discovered that global B2B CRM provider Really Simple Systems exposed online a non-password-protected database with million records. Cybersecurity Researcher, Jeremiah Fowler, discovere ... Pierluigi Paganini October 05, 2023 Data Breach SONY SENT DATA BREACH NOTIFICATIONS TO ABOUT 6,800 INDIVIDUALS Sony Interactive Entertainment has notified current and former employees and their family members about a data breach. Sony Interactive Entertainment (SIE) has notified current and former employee ... Pierluigi Paganini October 05, 2023 Hacking APPLE FIXED THE 17TH ZERO-DAY FLAW EXPLOITED IN ATTACKS Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple released emergency security updates to address a new ... Pierluigi Paganini October 04, 2023 Hacking ATLASSIAN CONFLUENCE ZERO-DAY CVE-2023-22515 ACTIVELY EXPLOITED IN ATTACKS Atlassian fixed a critical zero-day flaw in its Confluence Data Center and Server software, which has been exploited in the wild. Software giant Atlassian released emergency security updates to ad ... Pierluigi Paganini October 04, 2023 Hacking A CYBERATTACK DISRUPTED LYCA MOBILE SERVICES International mobile virtual network operator Lyca Mobile announced it has been the victim of a cyber attack that disrupted its network. Lyca Mobile is a mobile virtual network operator (MVNO) tha ... Pierluigi Paganini October 04, 2023 Security CHIPMAKER QUALCOMM WARNS OF THREE ACTIVELY EXPLOITED ZERO-DAYS Chipmaker Qualcomm addressed 17 vulnerabilities in various components and warns of three other actively exploited zero-day flaws. Chipmaker Qualcomm released security updates to address 17 vulnera ... Pierluigi Paganini October 04, 2023 Reports DRM REPORT Q2 2023 - RANSOMWARE THREAT LANDSCAPE The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. In an era where digitalization has woven its web into ... Pierluigi Paganini October 04, 2023 Cyber Crime PHISHING CAMPAIGN TARGETED US EXECUTIVES EXPLOITING A FLAW IN INDEED JOB SEARCH PLATFORM Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that thre ... Pierluigi Paganini October 04, 2023 Data Breach SAN FRANCISCO’S TRANSPORT AGENCY EXPOSES DRIVERS’ PARKING PERMITS AND ADDRESSES A misconfiguration in the Metropolitan Transportation Commission (MTC) systems caused a leak of over 26K files, exposing clients’ parking permits and home addresses. The MTC is a governmental ag ... Pierluigi Paganini October 03, 2023 Malware BUNNYLOADER, A NEW MALWARE-AS-A-SERVICE ADVERTISED IN CYBERCRIME FORUMS Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that's appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-servi ... Pierluigi Paganini October 03, 2023 Breaking News EXCLUSIVE: LIGHTING THE EXFILTRATION INFRASTRUCTURE OF A LOCKBIT AFFILIATE (AND MORE) Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary We investigated ... Pierluigi Paganini October 03, 2023 Malware TWO HACKER GROUPS ARE BACK IN THE NEWS, LOCKBIT 3.0 BLACK AND BLACKCAT/ALPHV Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups th ... Pierluigi Paganini October 03, 2023 Data Breach EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI) SUFFERED A DATA BREACH The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users ... Pierluigi Paganini October 03, 2023 Hacking WS_FTP FLAW CVE-2023-40044 ACTIVELY EXPLOITED IN THE WILD Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. Progress Software recently warned customers to address a ... Pierluigi Paganini October 02, 2023 Data Breach NATIONAL LOGISTICS PORTAL (NLP) DATA LEAK: SEAPORTS IN INDIA WERE LEFT VULNERABLE TO TAKEOVER BY HACKERS The National Logistics Portal (NLP), a newly launched platform to manage all port operations in India, left public access to sensitive data, posing the risk of a potential takeover by threat actors. ... Pierluigi Paganini October 02, 2023 APT NORTH KOREA-LINKED LAZARUS TARGETED A SPANISH AEROSPACE COMPANY North Korea-linked APT group Lazarus impersonated Meta's recruiters in an attack against a Spanish company in the Aerospace industry. ESET researchers linked the North Korea-linked Lazarus AP ... Pierluigi Paganini October 02, 2023 Data Breach RANSOMWARE ATTACK ON JOHNSON CONTROLS MAY HAVE EXPOSED SENSITIVE DHS DATA Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multin ... Pierluigi Paganini October 02, 2023 Cyber Crime BLACKCAT GANG CLAIMS THEY STOLE DATA OF 2.5 MILLION PATIENTS OF MCLAREN HEALTH CARE The ALPHV/BlackCat ransomware gang added McLaren Health Care to the list of victims on its Tor leak site. McLaren Health Care is a not-for-profit healthcare system based in Michigan, United States ... Pierluigi Paganini October 01, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 439 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 01, 2023 Cyber Crime ALPHV/BLACKCAT RANSOMWARE GANG HACKED THE HOTEL CHAIN MOTEL ONE The ALPHV/BlackCat ransomware gang added the hotel chain Motel One to the list of victims on its Tor leak site. Motel One is a German hotel chain that offers budget-friendly accommodations primari ... Pierluigi Paganini September 30, 2023 Cyber Crime FBI WARNS OF DUAL RANSOMWARE ATTACKS The U.S. Federal Bureau of Investigation (FBI) warns of dual ransomware attacks aimed at the same victims. The U.S. Federal Bureau of Investigation (FBI) is warning of dual ransomware attacks, a n ... Pierluigi Paganini September 30, 2023 Breaking News PROGRESS SOFTWARE FIXED TWO CRITICAL SEVERITY FLAWS IN WS_FTP SERVER Progress Software has addressed a critical severity vulnerability in its WS_FTP Server software used by thousands of IT teams worldwide. Progress Software warned customers to address a critical se ... Pierluigi Paganini September 30, 2023 Security CHILD ABUSE SITE TAKEN DOWN, ORGANIZED CHILD EXPLOITATION CRIME SUSPECTED – EXCLUSIVE A child abuse site has been taken down following a request to German law enforcement by Cybernews research team. A hacker collective, who wanted to remain anonymous, has been relentlessly hunting ... Pierluigi Paganini September 30, 2023 Hacking A STILL UNPATCHED ZERO-DAY RCE IMPACTS MORE THAN 3.5M EXIM SERVERS Experts warn of a critical zero-day vulnerability, tracked as CVE-2023-42115, in all versions of Exim mail transfer agent (MTA) software. A critical zero-day vulnerability, tracked as CVE-2023-421 ... Pierluigi Paganini September 29, 2023 Hacking CHINESE THREAT ACTORS STOLE AROUND 60,000 EMAILS FROM US STATE DEPARTMENT IN MICROSOFT BREACH China-linked threat actors stole around 60,000 emails from U.S. State Department after breaching Microsoft's Exchange email platform in May. China-linked hackers who breached Microsoft's email pl ... Pierluigi Paganini September 29, 2023 Data Breach MISCONFIGURED WBSC SERVER LEAKS THOUSANDS OF PASSPORTS The World Baseball Softball Confederation (WBSC) left open a data repository exposing nearly 50,000 files, some of which were highly sensitive, the Cybernews research team has discovered. On June ... Pierluigi Paganini September 29, 2023 Security CISA ADDS JBOSS RICHFACES FRAMEWORK FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the ... Pierluigi Paganini September 29, 2023 Hacking CISCO URGES TO PATCH ACTIVELY EXPLOITED IOS ZERO-DAY CVE-2023-20109 Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security ... Pierluigi Paganini September 28, 2023 Cyber Crime DARK ANGELS TEAM RANSOMWARE GROUP HIT JOHNSON CONTROLS Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate wit ... Pierluigi Paganini September 28, 2023 Hacking GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023 Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to addre ... Pierluigi Paganini September 28, 2023 Hacking RUSSIAN ZERO-DAY BROKER IS WILLING TO PAY $20M FOR ZERO-DAY EXPLOITS FOR IPHONES AND ANDROID DEVICES A Russian zero-day broker is willing to pay $20 million for zero-day exploits for iPhones and Android mobile devices. The Russian zero-day broker firm Operation Zero is increasing payouts for top- ... Pierluigi Paganini September 27, 2023 APT CHINA-LINKED APT BLACKTECH WAS SPOTTED HIDING IN CISCO ROUTER FIRMWARE US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. US and Japanese intelligence, law enforcement ... Pierluigi Paganini September 27, 2023 Hacking WATCH OUT! CVE-2023-5129 IN LIBWEBP LIBRARY AFFECTS MILLIONS APPLICATIONS Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier f ... Pierluigi Paganini September 27, 2023 Security DARKBEAM LEAKS BILLIONS OF EMAIL AND PASSWORD COMBINATIONS DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches. The leaked logins present cybercriminals with almost limi ... Pierluigi Paganini September 27, 2023 Data Breach 'RANSOMED.VC' IN THE SPOTLIGHT - WHAT IS KNOWN ABOUT THE RANSOMWARE GROUP TARGETING SONY AND NTT DOCOMO Following the recently announced data leak from Sony, Ransomed.vc group claimed the hack of the Japanese giant NTT Docomo. Following the recently announced data leak from Sony, the notorious ranso ... Pierluigi Paganini September 27, 2023 Security TOP 5 PROBLEMS SOLVED BY DATA LINEAGE Data lineage is the visualization and tracking of data as it moves through various stages of its lifecycle. In an age where data drives decisions and fuels innovation, understanding the journey of ... Pierluigi Paganini September 27, 2023 Data Breach THREAT ACTORS CLAIM THE HACK OF SONY, AND THE COMPANY INVESTIGATES Sony launched an investigation into an alleged data breach after the RansomedVC group claimed the hack of the company. Sony announced it is investigating allegations of a data breach after the Ran ... Pierluigi Paganini September 26, 2023 Data Breach CANADIAN FLAIR AIRLINES LEFT USER DATA LEAKING FOR MONTHS Researchers discovered that Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months Canadian Flair Airlines left credentials to sensitive ... Pierluigi Paganini September 26, 2023 Cyber Crime THE RHYSIDA RANSOMWARE GROUP HIT THE KUWAIT MINISTRY OF FINANCE This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack ... Pierluigi Paganini September 26, 2023 Data Breach BORN ONTARIO DATA BREACH IMPACTED 3.4 MILLION NEWBORNS AND PREGNANCY CARE PATIENTS The Better Outcomes Registry & Network (BORN), the Ontario birth registry disclosed a data breach affecting some 3.4 million people. The Better Outcomes Registry & Network (BORN) is a prog ... Pierluigi Paganini September 26, 2023 Malware XENOMORPH MALWARE IS BACK AFTER MONTHS OF HIATUS AND EXPANDS THE LIST OF TARGETS A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading ... Pierluigi Paganini September 26, 2023 Cyber Crime SMISHING TRIAD STRETCHES ITS TENTACLES INTO THE UNITED ARAB EMIRATES Resecurity research found that the 'Smishing Triad' cybercrime group has expanded its phishing campaign into the United Arab Emirates (UAE). Resecurity research recently found that 'Smishing Triad ... Pierluigi Paganini September 26, 2023 Hacking CROOKS STOLE $200 MILLION WORTH OF ASSETS FROM MIXIN NETWORK Crooks stole $200 million from Mixin Network, a free, lightning fast and decentralized network for transferring digital assets. Mixin Network, the Hong Kong-based crypto firm behind a free, lightn ... Pierluigi Paganini September 25, 2023 Cyber warfare A PHISHING CAMPAIGN TARGETS UKRAINIAN MILITARY ENTITIES WITH DRONE MANUAL LURES A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign u ... Pierluigi Paganini September 25, 2023 Hacking ALERT! PATCH YOUR TEAMCITY INSTANCE TO AVOID SERVER HACK Experts warn of a critical vulnerability in the TeamCity CI/CD server that can be exploited to take over a vulnerable server. JetBrains TeamCity is a popular and highly extensible Continuous Integ ... Pierluigi Paganini September 25, 2023 APT IS GELSEMIUM APT BEHIND A TARGETED ATTACK IN SOUTHEAST ASIAN GOVERNMENT? A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Sout ... Pierluigi Paganini September 25, 2023 Cyber Crime NIGERIAN NATIONAL PLEADS GUILTY TO PARTICIPATING IN A MILLIONAIRE BEC SCHEME A Nigerian national pleaded guilty to wire fraud and money laundering through business email compromise (BEC). The Nigerian national Kosi Goodness Simon-Ebo (29), who is residing in South Africa, ... Pierluigi Paganini September 25, 2023 Malware NEW VARIANT OF BBTOK TROJAN TARGETS USERS OF +40 BANKS IN LATAM A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan ... Pierluigi Paganini September 25, 2023 Malware DEADGLYPH, A VERY SOPHISTICATED AND UNKNOWN BACKDOOR TARGETS THE MIDDLE EAST Researchers discovered a previously undocumented sophisticated backdoor, named Deadglyph, used by the Stealth Falcon group for espionage in the Middle East ESET researchers discovered a very sophi ... Pierluigi Paganini September 24, 2023 Data Breach ALPHV GROUP CLAIMS THE HACK OF CLARION, A GLOBAL MANUFACTURER OF AUDIO AND VIDEO EQUIPMENT FOR CARS The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global ... Pierluigi Paganini September 24, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 438 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 24, 2023 Data Breach NATIONAL STUDENT CLEARINGHOUSE DATA BREACH IMPACTED APPROXIMATELY 900 US SCHOOLS U.S. educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The National Student Clearinghouse (NSC) is a nonprofit o ... Pierluigi Paganini September 24, 2023 Hacking GOVERNMENT OF BERMUDA BLAMES RUSSIAN THREAT ACTORS FOR THE CYBER ATTACK The Government of Bermuda believes that the recent cyberattack against its IT infrastructure was launched by Russian threat actors. This week a cyber attack hit the Government of Bermuda causing t ... Pierluigi Paganini September 23, 2023 Mobile RECENTLY PATCHED APPLE AND CHROME ZERO-DAYS EXPLOITED TO INFECT DEVICES IN EGYPT WITH PREDATOR SPYWARE Citizen Lab and Google's TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Researchers from the Citizen Lab and Google's Threat Analysis Gr ... Pierluigi Paganini September 22, 2023 Hacking CISA ADDS TREND MICRO APEX ONE AND WORRY-FREE BUSINESS SECURITY FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the flaw CVE-2023-41179 in Trend Micro Apex and other security products to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) a ... Pierluigi Paganini September 22, 2023 Data Breach INFORMATION OF AIR CANADA EMPLOYEES EXPOSED IN RECENT CYBERATTACK Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack. Air Canada, the flag carrier ... Pierluigi Paganini September 22, 2023 APT SANDMAN APT TARGETS TELCOS WITH LUADREAM BACKDOOR A previously undocumented APT dubbed Sandman targets telecommunication service providers in the Middle East, Western Europe, and South Asia. A joint research conducted by SentinelLabs and QGroup G ... Pierluigi Paganini September 22, 2023 Hacking APPLE ROLLED OUT EMERGENCY UPDATES TO ADDRESS 3 NEW ACTIVELY EXPLOITED ZERO-DAY FLAWS Apple released emergency security updates to address three new actively exploited zero-day vulnerabilities. Apple released emergency security updates to address three new zero-day vulnerabilities ... Pierluigi Paganini September 21, 2023 Hacking UKRAINIAN HACKERS ARE BEHIND THE FREE DOWNLOAD MANAGER SUPPLY CHAIN ATTACK The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the re ... Pierluigi Paganini September 21, 2023 Data Breach SPACE AND DEFENSE TECH MAKER EXAIL TECHNOLOGIES EXPOSES DATABASE ACCESS Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. Exail, a French hig ... Pierluigi Paganini September 21, 2023 Hacking PRO-RUSSIA HACKER GROUP NONAME LAUNCHED A DDOS ATTACK ON CANADIAN AIRPORTS CAUSING SEVERE DISRUPTIONS Pro-Russia hacker group NoName is suspected to have launched a cyberattack that caused border checkpoint outages at several Canadian airports. A massive DDoS cyber attack, likely carried out by Pr ... Pierluigi Paganini September 21, 2023 Security EXPERTS FOUND CRITICAL FLAWS IN NAGIOS XI NETWORK MONITORING SOFTWARE Researchers discovered multiple vulnerabilities in the Nagios XI network and IT infrastructure monitoring and management solution. Researchers discovered four vulnerabilities (CVE-2023-40931, CVE- ... Pierluigi Paganini September 20, 2023 Deep Web THE DARK WEB DRUG MARKETPLACE PIILOPUOTI WAS DISMANTLED BY FINNISH CUSTOMS Finnish police announced the takedown of the dark web marketplace PIILOPUOTI which focuses on the sale of illegal narcotics. Finnish Customs announced the seizure of the dark web marketplace Piilo ... Pierluigi Paganini September 20, 2023 Hacking INTERNATIONAL CRIMINAL COURT HIT WITH A CYBER ATTACK A cyberattack hit the International Criminal Court (ICC) disclosed a cyberattack this week, its systems were compromised last week. The International Criminal Court (ICC) announced that threat act ... Pierluigi Paganini September 20, 2023 Security GITLAB ADDRESSED CRITICAL VULNERABILITY CVE-2023-5009 GitLab rolled out security patches to address a critical vulnerability, tracked as CVE-2023-5009, that can be exploited to run pipelines as another user. GitLab has released security patches to ad ... Pierluigi Paganini September 20, 2023 Hacking TREND MICRO ADDRESSES ACTIVELY EXPLOITED ZERO-DAY IN APEX ONE AND OTHER SECURITY PRODUCTS Trend Micro addressed a zero-day code execution vulnerability (CVE-2023-41179) in Apex One that has been actively exploited in the wild. Trend Micro has released security updates to patch an activ ... Pierluigi Paganini September 20, 2023 APT SHROUDEDSNOOPER THREAT ACTORS TARGET TELECOM COMPANIES IN THE MIDDLE EAST ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy impl ... Pierluigi Paganini September 19, 2023 Security RECENT CYBER ATTACK IS CAUSING CLOROX PRODUCTS SHORTAGE The cyber attack that hit the cleaning products manufacturer Clorox in August is still affecting the supply of the products to customers. The Clorox Company is a multinational consumer goods compa ... Pierluigi Paganini September 19, 2023 APT EARTH LUSCA EXPANDS ITS ARSENAL WITH SPRYSOCKS LINUX MALWARE China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. Researchers from Trend Micro, while monitoring the activity of the China-linke ... Pierluigi Paganini September 19, 2023 Data Breach MICROSOFT AI RESEARCH DIVISION ACCIDENTALLY EXPOSED 38TB OF SENSITIVE DATA Microsoft AI researchers accidentally exposed 38TB of sensitive data via a public GitHub repository since July 2020. Cybersecurity firm Wiz discovered that the Microsoft AI research division accid ... Pierluigi Paganini September 18, 2023 Hacking GERMAN INTELLIGENCE WARNS CYBERATTACKS COULD TARGET LIQUEFIED NATURAL GAS (LNG) TERMINALS The head of Germany’s foreign intelligence service warns of state-sponsored attacks aimed at liquefied natural gas (LNG) terminals in the country. Bruno Kahl, the President of the Bundesnachrich ... Pierluigi Paganini September 18, 2023 Hacking DEEPFAKE AND SMISHING. HOW HACKERS COMPROMISED THE ACCOUNTS OF 27 RETOOL CUSTOMERS IN THE CRYPTO INDUSTRY Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 ... Pierluigi Paganini September 18, 2023 Data Breach FBI HACKER USDOD LEAKS HIGHLY SENSITIVE TRANSUNION DATA Researchers from vx-underground reported that FBI hacker 'USDoD' leaked sensitive data from consumer credit reporting agency TransUnion. TransUnion is an American consumer credit reporti ... Pierluigi Paganini September 18, 2023 APT NORTH KOREA'S LAZARUS APT STOLE ALMOST $240 MILLION IN CRYPTO ASSETS SINCE JUNE The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. According to a report published by blockchain cyber security f ... Pierluigi Paganini September 18, 2023 Cyber Crime CLOP GANG STOLEN DATA FROM MAJOR NORTH CAROLINA HOSPITALS Researchers at healthcare technology firm Nuance blame the Clop gang for a series of cyber thefts at major North Carolina hospitals. The Microsoft-owned healthcare technology firm N ... Pierluigi Paganini September 17, 2023 Data Breach CARDX RELEASED A DATA LEAK NOTIFICATION IMPACTING THEIR CUSTOMERS IN THAILAND One of Thailand's major digital financial platforms, CardX, recently disclosed a data leak that affected their customers. According to the statement published on the CardX official website on Sep ... Pierluigi Paganini September 17, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 437 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 17, 2023 Breaking News TIKTOK FINED €345M BY IRISH DPC FOR VIOLATING CHILDREN’S PRIVACY The Irish Data Protection Commission (DPC) fined TikTok €345 million ($368 million) for violating the privacy of children. The Irish Data Protection Commission (DPC) fined TikTok €345 million ... Pierluigi Paganini September 16, 2023 Cyber Crime DARIY PANKOV, THE NLBRUTE MALWARE AUTHOR, PLEADS GUILTY The Russian national Dariy Pankov, aka dpxaker, has pleaded guilty to conspiracy to commit wire and computer fraud. The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrut ... Pierluigi Paganini September 15, 2023 Security DANGEROUS PERMISSIONS DETECTED IN TOP ANDROID HEALTH APPS Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Cybernews has the story. The Android challenge In the digital ... Pierluigi Paganini September 15, 2023 Cyber Crime CAESARS ENTERTAINMENT PAID A RANSOM TO AVOID STOLEN DATA LEAKS Caesars Entertainment announced it has paid a ransom to avoid the leak of customer data stolen in a recent intrusion. Caesars Entertainment is the world's most geographically diversified casino-en ... Pierluigi Paganini September 15, 2023 Malware FREE DOWNLOAD MANAGER BACKDOORED TO SERVE LINUX MALWARE FOR MORE THAN 3 YEARS Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manag ... Pierluigi Paganini September 15, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG HIT THE CARTHAGE AREA HOSPITAL AND THE CLAYTON-HEPBURN MEDICAL CENTER IN NEW YORK LockBit ransomware group breached two hospitals, the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York. The Lockbit ransomware group claims to have hacked two major hospita ... Pierluigi Paganini September 14, 2023 Data Breach UK GREATER MANCHESTER POLICE DISCLOSED A DATA BREACH UK Greater Manchester Police (GMP) disclosed a data breach, threat actors had access to some of its employees' personal information. UK Greater Manchester Police (GMP) announced that threat actors ... Pierluigi Paganini September 14, 2023 Intelligence THE IPHONE OF A RUSSIAN JOURNALIST WAS INFECTED WITH THE PEGASUS SPYWARE The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group's Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with ... Pierluigi Paganini September 14, 2023 Hacking KUBERNETES FLAWS COULD LEAD TO REMOTE CODE EXECUTION ON WINDOWS ENDPOINTS Researchers discovered three security flaws in Kubernetes that can lead to remote code execution on Windows endpoints. Akamai researchers recently discovered a high-severity vulnerability in Kub ... Pierluigi Paganini September 14, 2023 Data Breach THREAT ACTOR LEAKS SENSITIVE DATA BELONGING TO AIRBUS The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company. The multinational aerospace corporation Airb ... Pierluigi Paganini September 14, 2023 Malware A NEW RANSOMWARE FAMILY CALLED 3AM APPEARS IN THE THREAT LANDSCAPE 3AM is a new strain of ransomware that was spotted in a single incident in which the threat actors failed to deploy the LockBit ransomware in the target infrastructure. Symantec’s Threat Hunte ... Pierluigi Paganini September 13, 2023 Hacking REDFLY GROUP INFILTRATED AN ASIAN NATIONAL GRID AS LONG AS SIX MONTHS A threat actor tracked as Redfly had infected the systems at a national grid located in an unnamed Asian country for six months starting in January. Symantec’s Threat Hunter Team discovered th ... Pierluigi Paganini September 13, 2023 Hacking MOZILLA FIXED A CRITICAL ZERO-DAY IN FIREFOX AND THUNDERBIRD Mozilla addressed a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in attacks in the wild. Mozilla rolled out security updates to address a critical ze ... Pierluigi Paganini September 13, 2023 Security MICROSOFT SEPTEMBER 2023 PATCH TUESDAY FIXED 2 ACTIVELY EXPLOITED ZERO-DAY FLAWS Microsoft September 2023 Patch Tuesday addressed 59 new flaws, including two vulnerabilities under active attack. Microsoft September 2023 Patch Tuesday security updates addressed 59 vulnerabiliti ... Pierluigi Paganini September 13, 2023 Cyber Crime SAVE THE CHILDREN CONFIRMS IT WAS HIT BY CYBER ATTACK The international non-governmental organization (NGO) Save the Children International was recently hit with a cyberattack. The charity organization Save the Children International revealed that it ... Pierluigi Paganini September 12, 2023 Security ADOBE FIXED ACTIVELY EXPLOITED ZERO-DAY IN ACROBAT AND READER Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild. Adobe Patch Tuesday security updates (APSB23-34) addresse ... Pierluigi Paganini September 12, 2023 Hacking A NEW REPOJACKING ATTACK EXPOSED OVER 4,000 GITHUB REPOSITORIES TO HACK A critical vulnerability in GitHub could have exposed more than 4,000 code packages to Repojacking attack. Checkmarx researchers discovered a new vulnerability in GitHub could have exposed over 4, ... Pierluigi Paganini September 12, 2023 Hacking MGM RESORTS HIT BY A CYBER ATTACK Hospitality and entertainment company MGM Resorts was hit by a cyber attack that shut down its systems at MGM Hotels and Casinos. Hospitality and entertainment company MGM Resorts was the victim o ... Pierluigi Paganini September 12, 2023 Hacking ANONYMOUS SUDAN LAUNCHED A DDOS ATTACK AGAINST TELEGRAM Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group. The hacker collective Anonymous Sudan (aka Storm-1359) has launched a distributed deni ... Pierluigi Paganini September 12, 2023 APT IRANIAN CHARMING KITTEN APT TARGETS VARIOUS ENTITIES IN BRAZIL, ISRAEL, AND THE U.A.E. USING A NEW BACKDOOR Iran-linked APT group Charming Kitten used a previously undocumented backdoor named Sponsor in attacks against entities in Brazil, Israel, and the U.A.E. ESET researchers observed a series of a ... Pierluigi Paganini September 12, 2023 Hacking GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023 Google rolled out emergency security updates to address a new Chrome zero-day (CVE-2023-4863) actively exploited in the wild. Google rolled out emergency security updates to address a zero-day vul ... Pierluigi Paganini September 11, 2023 Security CISA ADDS RECENTLY DISCOVERED APPLE ZERO-DAYS TO KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. CISA adds vulnerabilities in Apple devices exploited to install NSO Group's Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security ... Pierluigi Paganini September 11, 2023 Cyber Crime UK AND US SANCTIONED 11 MEMBERS OF THE RUSSIA-BASED TRICKBOT GANG The U.K. and U.S. governments sanctioned 11 more individuals who were alleged members of the Russia-based TrickBot cybercrime gang. The United States, in coordination with the United Kingdom, sanc ... Pierluigi Paganini September 11, 2023 Cyber Crime NEW HIJACKLOADER MALWARE IS RAPIDLY GROWING IN POPULARITY IN THE CYBERCRIME COMMUNITY Zscaler ThreatLabz detailed a new malware loader, named HijackLoader, which has grown in popularity over the past few months HijackLoader is a loader that is gaining popularity among the cybercrim ... Pierluigi Paganini September 11, 2023 Security SOME OF TOP UNIVERSITIES WOULDN’T PASS CYBERSECURITY EXAM: LEFT WEBSITES VULNERABLE CyberNews researchers discovered that many universities worldwide are leaking sensitive information and are even open to full takeover. Many universities worldwide, including some of the most pres ... Pierluigi Paganini September 11, 2023 Malware EVIL TELEGRAM CAMPAIGN: TROJANIZED TELEGRAM APPS FOUND ON GOOGLE PLAY Evil Telegram: a Trojanized version of the Telegram app was spotted on the Google Play Store, Kaspersky researchers reported. Researchers from Kaspersky discovered several Telegram mods on the Goo ... Pierluigi Paganini September 11, 2023 Cyber Crime RHYSIDA RANSOMWARE GANG CLAIMS TO HAVE HACKED THREE MORE US HOSPITALS Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines becau ... Pierluigi Paganini September 10, 2023 Cyber Crime AKAMAI PREVENTED THE LARGEST DDOS ATTACK ON A US FINANCIAL COMPANY Akamai announced it has mitigated the largest distributed denial-of-service (DDoS) attack on a U.S. financial company. Cybersecurity firm Akamai successfully identified and prevented a massive d ... Pierluigi Paganini September 10, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 436 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 10, 2023 Hacking US CISA ADDED CRITICAL APACHE ROCKETMQ FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added critical vulnerability CVE-2023-33246 in Apache RocketMQ to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical ... Pierluigi Paganini September 09, 2023 Hacking RAGNAR LOCKER GANG LEAKS DATA STOLEN FROM THE ISRAEL'S MAYANEI HAYESHUA HOSPITAL The Ragnar Locker ransomware gang added Israel's Mayanei Hayeshua hospital to the list of victims on its Tor leak site The Ragnar Locker ransomware gang claimed responsibility for an attack on Isr ... Pierluigi Paganini September 09, 2023 Intelligence NORTH KOREA-LINKED THREAT ACTORS TARGET CYBERSECURITY EXPERTS WITH A ZERO-DAY North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-da ... Pierluigi Paganini September 08, 2023 Hacking ZERO-DAY IN CISCO ASA AND FTD IS ACTIVELY EXPLOITED IN RANSOMWARE ATTACKS A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adapti ... Pierluigi Paganini September 08, 2023 Security ZERO-DAYS FIXED BY APPLE WERE USED TO DELIVER NSO GROUP’S PEGASUS SPYWARE Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws ( ... Pierluigi Paganini September 08, 2023 Hacking APPLE DISCLOSES 2 NEW ACTIVELY EXPLOITED ZERO-DAY FLAWS IN IPHONES, MACS Apple rolled out emergency security updates to address two new actively exploited zero-day vulnerabilities impacting iPhones and Macs. The two Apple zero-day vulnerabilities, tracked as CVE-2023-4 ... Pierluigi Paganini September 07, 2023 Malware A MALVERTISING CAMPAIGN IS DELIVERING A NEW VERSION OF THE MACOS ATOMIC STEALER Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer. Malwarebytes researchers have observed a new malvertising campaign distr ... Pierluigi Paganini September 07, 2023 Hacking TWO FLAWS IN APACHE SUPERSET ALLOW TO REMOTELY HACK SERVERS A couple of security vulnerabilities in Apache SuperSet could be exploited by an attacker to gain remote code execution on vulnerable systems. Apache Superset is an open-source Data Visualizatio ... Pierluigi Paganini September 07, 2023 Hacking CHINESE CYBERSPIES OBTAINED MICROSOFT SIGNING KEY FROM WINDOWS CRASH DUMP DUE TO A MISTAKE Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. In July, Microsoft announced it had mitigated an attack ... Pierluigi Paganini September 07, 2023 Hacking GOOGLE ADDRESSED AN ACTIVELY EXPLOITED ZERO-DAY IN ANDROID Google released September 2023 Android security updates to address multiple flaws, including an actively exploited zero-day. Google released September 2023 Android security updates that address te ... Pierluigi Paganini September 06, 2023 Hacking A ZERO-DAY IN ATLAS VPN LINUX CLIENT LEAKS USERS' IP ADDRESS Experts warn of an Atlas VPN zero-day flaw impacting the Linux client that can reveal the user's IP address by visiting a website. A Reddit user with the handle 'Educational-Map-8145' published a ... Pierluigi Paganini September 06, 2023 Hacking MITRE AND CISA RELEASE CALDERA FOR OT ATTACK EMULATION MITRE and CISA released a Caldera extension for OT that allows the emulation of attacks on operational technology systems. MITRE Caldera is an open-source adversary emulation platform that helps c ... Pierluigi Paganini September 06, 2023 Internet of Things ASUS ROUTERS ARE AFFECTED BY THREE CRITICAL REMOTE CODE EXECUTION FLAWS Three critical remote code execution vulnerabilities in ASUS routers potentially allow attackers to hijack the network devices. ASUS routers RT-AX55, RT-AX56U_V2, and RT-AC86U are affected by thre ... Pierluigi Paganini September 06, 2023 Hacking HACKERS STOLE $41M WORTH OF CRYPTO ASSETS FROM CRYPTO GAMBLING FIRM STAKE Crypto gambling site Stake suffered a security breach, and threat actors withdrew $41M of funds stolen including Tether and Ether. Researchers reported abnormally large withdrawals made from the c ... Pierluigi Paganini September 05, 2023 Security FREECYCLE DATA BREACH IMPACTED 7 MILLION USERS The nonprofit organization Freecycle Network (Freecycle.org) confirmed that it has suffered a data breach that impacted more than 7 million users. The Freecycle Network (TFN,) is a private, nonpro ... Pierluigi Paganini September 05, 2023 Social Networks META DISRUPTED TWO INFLUENCE CAMPAIGNS FROM CHINA AND RUSSIA Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages. Meta announced it has taken down two of the largest known covert influ ... Pierluigi Paganini September 05, 2023 Hacking A MASSIVE DDOS ATTACK TOOK DOWN THE SITE OF THE GERMAN FINANCIAL AGENCY BAFIN A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down. A distributed denial-of-service (DDoS) attack took the site of the G ... Pierluigi Paganini September 05, 2023 Cyber Crime "SMISHING TRIAD" TARGETED USPS AND US CITIZENS FOR DATA THEFT Resecurity has identified a large-scale smishing campaign, tracked as Smishing Triad, targeting the US Citizens. Earlier episodes have revealed victims from the U.K., Poland, Sweden, Italy, Indon ... Pierluigi Paganini September 04, 2023 Hacking UNIVERSITY OF SYDNEY SUFFERED A SECURITY BREACH CAUSED BY A THIRD-PARTY SERVICE PROVIDER The University of Sydney (USYD) suffered a security breach caused by a third-party service provider that exposed personal information of recent applicants. The University of Sydney (USYD) announce ... Pierluigi Paganini September 04, 2023 Cyber Crime CYBERCRIME WILL COST GERMANY $224 BILLION IN 2023 Cybercrime will cost Germany 206 billion euros ($224 billion) in 2023, German digital association Bitkom told Reuters. According to the German digital association Bitkom, cybercrime will have a wo ... Pierluigi Paganini September 04, 2023 Hacking POC EXPLOIT CODE RELEASED FOR CVE-2023-34039 BUG IN VMWARE ARIA OPERATIONS FOR NETWORKS Researcher released PoC exploit code for a recent critical flaw (CVE-2023-34039) in VMware Aria Operations for Networks. At the end of August, VMware released security updates to address two vulne ... Pierluigi Paganini September 03, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 435 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 03, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG HIT THE COMMISSION DES SERVICES ELECTRIQUES DE MONTRÉAL (CSEM) The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM). The LockBit ransomware group continues to be one of the most active extortion gangs ... Pierluigi Paganini September 03, 2023 Hacking UNRAVELING ETERNALBLUE: INSIDE THE WANNACRY’S ENABLER WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you s ... Pierluigi Paganini September 01, 2023 Malware RESEARCHERS RELEASED A FREE DECRYPTOR FOR THE KEY GROUP RANSOMWARE Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption ... Pierluigi Paganini September 01, 2023 Data Breach FASHION RETAILER FOREVER 21 DATA BREACH IMPACTED +500,000 INDIVIDUALS Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cybe ... Pierluigi Paganini August 31, 2023 Cyber warfare RUSSIA-LINKED HACKERS TARGET UKRAINIAN MILITARY WITH INFAMOUS CHISEL ANDROID MALWARE Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. GCHQ’s National Cyber Security Centre and international partn ... Pierluigi Paganini August 31, 2023 Cyber Crime AKIRA RANSOMWARE GANG TARGETS CISCO ASA WITHOUT MULTI-FACTOR AUTHENTICATION Experts warn of ongoing credential stuffing and brute-force attacks targeting Cisco ASA (Adaptive Security Appliance) SSL VPNs. Cisco is aware of attacks conducted by Akira ransomware threat actor ... Pierluigi Paganini August 31, 2023 Data Breach PARAMOUNT GLOBAL DISCLOSED A DATA BREACH Multinational mass media conglomerate Paramount Global suffered a data breach after an unauthorized party accessed files from certain of its systems. Multinational mass media conglomerate Paramoun ... Pierluigi Paganini August 31, 2023 Security NATIONAL SAFETY COUNCIL DATA LEAK: CREDENTIALS OF NASA, TESLA, DOJ, VERIZON, AND 2K OTHERS LEAKED BY WORKPLACE SAFETY ORGANIZATION The National Safety Council leaked thousands of emails and passwords of their members, including companies such as NASA and Tesla. The National Safety Council has leaked nearly 10,000 emails and p ... Pierluigi Paganini August 31, 2023 Hacking ABUSING WINDOWS CONTAINER ISOLATION FRAMEWORK TO AVOID DETECTION BY SECURITY PRODUCTS Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conferen ... Pierluigi Paganini August 31, 2023 Security CRITICAL RCE FLAW IMPACTS VMWARE ARIA OPERATIONS NETWORKS VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution. VMware has released security updates to address two ... Pierluigi Paganini August 30, 2023 APT UNC4841 THREAT ACTORS HACKED US GOVERNMENT EMAIL SERVERS EXPLOITING BARRACUDA ESG FLAW China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. In June, Mandiant researchers linked the threat actor UNC4841 to the attacks ... Pierluigi Paganini August 29, 2023 Intelligence HACKERS INFILTRATED JAPAN’S NATIONAL CENTER OF INCIDENT READINESS AND STRATEGY FOR CYBERSECURITY (NISC) FOR MONTHS Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has been infiltrated for months. Threat actors have infiltrated Japan’s National Center of Incident Readines ... Pierluigi Paganini August 29, 2023 Hacking FIN8-LINKED ACTOR TARGETS CITRIX NETSCALER SYSTEMS A financially motivated actor linked to the FIN8 group exploits the CVE-2023-3519 RCE in attacks on Citrix NetScaler systems in massive attacks. Sophos X-Ops is tracking an ongoing campaign, which ... Pierluigi Paganini August 29, 2023 Hacking JAPAN'S JPCERT WARNS OF NEW 'MALDOC IN PDF' ATTACK TECHNIQUE Japan's JPCERT warns of a new recently detected 'MalDoc in PDF' attack that embeds malicious Word files into PDFs. Japan's computer emergency response team (JPCERT) has recently observed a new att ... Pierluigi Paganini August 29, 2023 Hacking ATTACKERS CAN DISCOVER IP ADDRESS BY SENDING A LINK OVER THE SKYPE MOBILE APP A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a targ ... Pierluigi Paganini August 28, 2023 Security CISCO FIXES 3 HIGH-SEVERITY DOS FLAWS IN NX-OS AND FXOS SOFTWARE Cisco addressed three high-severity flaws in NX-OS and FXOS software that could cause denial-of-service (DoS) conditions. Cisco this week addressed multiple flaws in its products, including three ... Pierluigi Paganini August 27, 2023 Hacking CLOUD AND HOSTING PROVIDER LEASEWEB TOOK DOWN CRITICAL SYSTEMS AFTER A CYBER ATTACK The cloud and hosting provider Leaseweb suffered a security breach that impacted some "critical" systems of the company. Global hosting and cloud services provider Leaseweb has disabled some "crit ... Pierluigi Paganini August 26, 2023 Cyber Crime CRYPTO INVESTOR DATA EXPOSED BY A SIM SWAPPING ATTACK AGAINST A KROLL EMPLOYEE Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees. Security consulting firm Kroll revealed that a SIM-swappin ... Pierluigi Paganini August 26, 2023 APT CHINA-LINKED FLAX TYPHOON APT TARGETS TAIWAN China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cy ... Pierluigi Paganini August 25, 2023 Breaking News RESEARCHERS RELEASED POC EXPLOIT FOR IVANTI SENTRY FLAW CVE-2023-38035 Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti ... Pierluigi Paganini August 24, 2023 Security RESECURITY IDENTIFIED A ZERO-DAY VULNERABILITY IN SCHNEIDER ELECTRIC ACCUTECH MANAGER Resecurity researchers identified a zero-day Buffer Overflow vulnerability in the Schneider Electric Accutech Manager product. Resecurity identified a zero-day vulnerability in the Schneider Elec ... Pierluigi Paganini July 11, 2023 Security CISCO FIXED HIGH-SEVERITY ELEVATION OF PRIVILEGE AND DOS BUGS Cisco this week addressed high-severity elevation of privilege and denial-of-service (DoS) vulnerabilities in IOS RX software. Cisco addressed multiple vulnerabilities in IOS RX software, includin ... Pierluigi Paganini March 14, 2024 Malware RECENT DARKGATE CAMPAIGN EXPLOITED MICROSOFT WINDOWS ZERO-DAY Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGat ... Pierluigi Paganini March 14, 2024 Data Breach NISSAN OCEANIA DATA BREACH IMPACTED ROUGHLY 100,000 PEOPLE The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced i ... Pierluigi Paganini March 14, 2024 Hacking RESEARCHERS FOUND MULTIPLE FLAWS IN CHATGPT PLUGINS Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of ... Pierluigi Paganini March 14, 2024 Security FORTINET FIXES CRITICAL BUGS IN FORTIOS, FORTIPROXY, AND FORTICLIENTEMS Fortinet released security updates to address critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. Fortinet this week has released security updates to fix critical c ... Pierluigi Paganini March 13, 2024 Data Breach ACER PHILIPPINES DISCLOSED A DATA BREACH AFTER A THIRD-PARTY VENDOR HACK Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. Acer Philippines confirmed that employee data was compromised in an attack targeting a ... Pierluigi Paganini March 13, 2024 Cyber Crime STANFORD UNIVERSITY ANNOUNCED THAT 27,000 INDIVIDUALS WERE IMPACTED IN THE 2023 RANSOMWARE ATTACK Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomwa ... Pierluigi Paganini March 13, 2024 Security MICROSOFT PATCH TUESDAY SECURITY UPDATES FOR MARCH 2024 FIXED 59 FLAWS Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 ... Pierluigi Paganini March 12, 2024 Intelligence RUSSIA'S FOREIGN INTELLIGENCE SERVICE (SVR) ALLEGES US IS PLOTTING TO INTERFERE IN PRESIDENTIAL ELECTION Russia’s Foreign Intelligence Service (SVR) claims that the US intelligence plans to interfere with its presidential election. Russia's Foreign Intelligence Service (SVR) alleges that the US is ... Pierluigi Paganini March 12, 2024 Breaking News FIRST-EVER SOUTH KOREAN NATIONAL DETAINED FOR ESPIONAGE IN RUSSIA Russian authorities have detained a South Korean national on cyber espionage charges, it is the first time for a Korean citizen. Russian authorities have arrested a South Korean citizen on charges ... Pierluigi Paganini March 12, 2024 Cyber Crime INSURANCE SCAMS VIA QR CODES: HOW TO RECOGNISE AND DEFEND YOURSELF Threat actors can abuse QR codes to carry out sophisticated scams, as reported by the Italian Postal Police in its recent alert. As is well known, QR codes are two-dimensional barcodes that can be ... Pierluigi Paganini March 12, 2024 Hacking MASSIVE CYBERATTACKS HIT FRENCH GOVERNMENT AGENCIES A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. "Several "intense" cyberattacks targeted multiple French government agencies ... Pierluigi Paganini March 11, 2024 Hacking BIANLIAN GROUP EXPLOITS JETBRAINS TEAMCITY BUGS IN RANSOMWARE ATTACKS BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack ... Pierluigi Paganini March 11, 2024 Hacking EXPERTS RELEASED POC EXPLOIT FOR CRITICAL PROGRESS SOFTWARE OPENEDGE BUG Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have pub ... Pierluigi Paganini March 11, 2024 Cyber Crime MAGNET GOBLIN GROUP USED A NEW LINUX VARIANT OF NERBIANRAT MALWARE The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. A financially motivated threat actor named Magnet Goblin made ... Pierluigi Paganini March 11, 2024 Hacking HACKERS EXPLOITED WORDPRESS POPUP BUILDER PLUGIN FLAW TO COMPROMISE 3,300 SITES Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada ... Pierluigi Paganini March 11, 2024 Intelligence LITHUANIA SECURITY SERVICES WARN OF CHINA'S ESPIONAGE AGAINST THE COUNTRY A report published by Lithuanian security services warned that China has escalated its espionage operations against Lithuania. A report released by Lithuanian security services has cautioned that ... Pierluigi Paganini March 10, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 462 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini March 10, 2024 Hacking THREAT ACTORS BREACHED TWO CRUCIAL SYSTEMS OF THE US CISA Threat actors hacked the systems of the Cybersecurity and Infrastructure Security Agency (CISA) by exploiting Ivanti flaws. The US Cybersecurity and Infrastructure Security Agency (CISA) agency wa ... Pierluigi Paganini March 09, 2024 Security CISA ADDS JETBRAINS TEAMCITY BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a JetBrains TeamCity vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ... Pierluigi Paganini March 09, 2024 Hacking CRITICAL FORTINET FORTIOS BUG CVE-2024-21762 POTENTIALLY IMPACTS 150,000 INTERNET-FACING DEVICES Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices. In February, Fortinet warned that the critical remot ... Pierluigi Paganini March 09, 2024 Internet of Things QNAP FIXED THREE FLAWS IN ITS NAS DEVICES, INCLUDING AN AUTHENTICATION BYPASS QNAP addressed three vulnerabilities in its NAS products that can be exploited to access devices. QNAP addressed three vulnerabilities in Network Attached Storage (NAS) devices that can be exploit ... Pierluigi Paganini March 08, 2024 Hacking RUSSIA-LINKED MIDNIGHT BLIZZARD BREACHED MICROSOFT SYSTEMS AGAIN Microsoft revealed that Russia-linked APT group Midnight Blizzard recently breached its internal systems and source code repositories. Microsoft published an update on the attack that hit the comp ... Pierluigi Paganini March 08, 2024 Security CISCO ADDRESSED SEVERE FLAWS IN ITS SECURE CLIENT Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two hig ... Pierluigi Paganini March 08, 2024 Data Breach PLAY RANSOMWARE ATTACK ON XPLAIN EXPOSED 65,000 FILES CONTAINING DATA RELEVANT TO THE SWISS FEDERAL ADMINISTRATION. The ransomware attack on Xplain impacted tens of thousands Federal government files, said the National Cyber Security Centre (NCSC) of Switzerland. The National Cyber Security Centre (NCSC) publis ... Pierluigi Paganini March 08, 2024 Cyber Crime 2023 FBI INTERNET CRIME REPORT REPORTED CYBERCRIME LOSSES REACHED $12.5 BILLION IN 2023 The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI's Internet Crime Co ... Pierluigi Paganini March 07, 2024 Cyber warfare NATIONAL INTELLIGENCE AGENCY OF MOLDOVA WARNS OF RUSSIA ATTACKS AHEAD OF THE PRESIDENTIAL ELECTION The national intelligence agency of Moldova warns of hybrid attacks from Russia ahead of the upcoming elections. The Moldovan national intelligence agency warns of hybrid attacks from Russia ahead ... Pierluigi Paganini March 07, 2024 Security CISA ADDS APPLE IOS AND IPADOS MEMORY CORRUPTION BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS memory corruption vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and ... Pierluigi Paganini March 07, 2024 Hacking LINUX MALWARE TARGETS MISCONFIGURED MISCONFIGURED APACHE HADOOP, CONFLUENCE, DOCKER, AND REDIS SERVERS A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign target ... Pierluigi Paganini March 07, 2024 Breaking News CISA ADDS ANDROID PIXEL AND SUNHILLO SURELINE BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel and Sunhillo SureLine vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Inf ... Pierluigi Paganini March 06, 2024 Cyber Crime WATCH OUT, GHOSTSEC AND STOURMOUS GROUPS JOINTLY CONDUCTING RANSOMWARE ATTACKS Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The GhostSec and Stormous ransomware gang are jointly conducting a ransomware cam ... Pierluigi Paganini March 06, 2024 Cyber Crime LOCKBIT 3.0’S BUNGLED COMEBACK HIGHLIGHTS THE UNDYING RISK OF TORRENT-BASED (P2P) DATA LEAKAGE The wide torrent-based accessibility of these leaked victim files ensures the longevity of LockBit 3.0’s harmful impact. While embattled ransomware gang LockBit 3.0 fights for its survival follo ... Pierluigi Paganini March 06, 2024 Hacking APPLE EMERGENCY SECURITY UPDATES FIX TWO NEW IOS ZERO-DAYS Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address ... Pierluigi Paganini March 05, 2024 Security VMWARE URGENT UPDATES ADDRESSED CRITICAL ESXI SANDBOX ESCAPE BUGS VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent up ... Pierluigi Paganini March 05, 2024 Laws and regulations US GOV SANCTIONED INTELLEXA CONSORTIUM INDIVIDUALS AND ENTITIES BEHIND PREDATOR SPYWARE ATTACKS The U.S. government sanctioned two individuals and five entities linked to the development and distribution of the Predator spyware used to target Americans. Today, the Department of the Treasury� ... Pierluigi Paganini March 05, 2024 Hacking CISA ADDS MICROSOFT WINDOWS KERNEL BUG USED BY LAZARUS APT TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ... Pierluigi Paganini March 05, 2024 Security EXPERTS DISCLOSED TWO SEVERE FLAWS IN JETBRAINS TEAMCITY ON-PREMISES SOFTWARE Two new security flaws in JetBrains TeamCity On-Premises software can allow attackers to take over affected systems. Rapid7 researchers disclosed two new critical security vulnerabilities, tracked ... Pierluigi Paganini March 05, 2024 Cyber warfare UKRAINE'S GUR HACKED THE RUSSIAN MINISTRY OF DEFENSE The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Def ... Pierluigi Paganini March 05, 2024 Data Breach SOME AMERICAN EXPRESS CUSTOMERS' DATA EXPOSED IN A THIRD-PARTY DATA BREACH American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that thei ... Pierluigi Paganini March 04, 2024 Social Networks META HIT WITH PRIVACY COMPLAINTS BY EU CONSUMER GROUPS This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanctio ... Pierluigi Paganini March 04, 2024 Hacking NEW GTPDOOR BACKDOOR IS DESIGNED TO TARGET TELECOM CARRIER NETWORKS Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux ... Pierluigi Paganini March 04, 2024 Data Breach THREAT ACTORS HACKED TAIWAN-BASED CHUNGHWA TELECOM Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company, Ltd. (literally Chinese Te ... Pierluigi Paganini March 04, 2024 Malware NEW LINUX VARIANT OF BIFROSE RAT USES DECEPTIVE DOMAIN STRATEGIES A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifro ... Pierluigi Paganini March 04, 2024 Hacking EKEN CAMERA DOORBELLS ALLOW ILL-INTENTIONED INDIVIDUALS TO SPY ON YOU Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe ... Pierluigi Paganini March 03, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 461 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini March 03, 2024 Security U.S. JUDGE ORDERED NSO GROUP TO HAND OVER THE PEGASUS SPYWARE CODE TO WHATSAPP A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO G ... Pierluigi Paganini March 03, 2024 Hacking U.S. AUTHORITIES CHARGED AN IRANIAN NATIONAL FOR LONG-RUNNING HACKING CAMPAIGN The U.S. DoJ charged Iranian national Alireza Shafie Nasab for his role in attacks targeting U.S. government and defense entities. The U.S. Department of Justice (DoJ) charged Iranian national Ali ... Pierluigi Paganini March 02, 2024 Cyber Crime US CYBER AND LAW ENFORCEMENT AGENCIES WARN OF PHOBOS RANSOMWARE ATTACKS US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber se ... Pierluigi Paganini March 02, 2024 Cyber Crime POLICE SEIZED CRIMEMARKET, THE LARGEST GERMAN-SPEAKING CYBERCRIME MARKETPLACE German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforc ... Pierluigi Paganini March 01, 2024 Hacking FIVE EYES ALLIANCE WARNS OF ATTACKS EXPLOITING KNOWN IVANTI GATEWAY FLAWS The Five Eyes alliance warns of threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. The Five Eyes intelligence alliance issued a joint cyberse ... Pierluigi Paganini March 01, 2024 Cyber Crime CROOKS STOLE €15 MILLION FROM EUROPEAN RETAIL COMPANY PEPCO Crooks stole €15.5 million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been t ... Pierluigi Paganini March 01, 2024 Security CISA ADDS MICROSOFT STREAMING SERVICE BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastruct ... Pierluigi Paganini March 01, 2024 Hacking RESEARCHERS FOUND A ZERO-CLICK FACEBOOK ACCOUNT TAKEOVER A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed att ... Pierluigi Paganini February 29, 2024 APT NEW SPIKEDWINE APT GROUP IS TARGETING OFFICIALS IN EUROPE A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously un ... Pierluigi Paganini February 29, 2024 Cyber Crime IS THE LOCKBIT GANG RESUMING ITS OPERATION? Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully r ... Pierluigi Paganini February 29, 2024 APT LAZARUS APT EXPLOITED ZERO-DAY IN WINDOWS DRIVER TO GAIN KERNEL PRIVILEGES North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked La ... Pierluigi Paganini February 29, 2024 Data Breach PHARMACEUTICAL GIANT CENCORA DISCLOSES A DATA BREACH Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberat ... Pierluigi Paganini February 28, 2024 Hacking UNMASKING 2024'S EMAIL SECURITY LANDSCAPE Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming ... Pierluigi Paganini February 28, 2024 Cyber Crime FBI, CISA, HHS WARN OF TARGETED ALPHV/BLACKCAT RANSOMWARE ATTACKS AGAINST THE HEALTHCARE SECTOR The FBI, CISA, and the Department of HHS warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. A cybersecurity alert published by the FBI, CISA, and the Department of ... Pierluigi Paganini February 28, 2024 Breaking News RUSSIA-LINKED APT28 COMPROMISED UBIQUITI EDGEROUTERS TO FACILITATE CYBER OPERATIONS Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (N ... Pierluigi Paganini February 28, 2024 Cyber Crime BLACK BASTA AND BL00DY RANSOMWARE GANGS EXPLOIT RECENT CONNECTWISE SCREENCONNECT BUGS New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recen ... Pierluigi Paganini February 27, 2024 Hacking XSS FLAW IN LITESPEED CACHE PLUGIN EXPOSES MILLIONS OF WORDPRESS SITES AT RISK Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerabilit ... Pierluigi Paganini February 27, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 460 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 25, 2024 Cyber Crime US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES U.S. government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. The U.S. Department of Stat ... Pierluigi Paganini February 21, 2024 Malware NEW REDIS MINER MIGO USES NOVEL SYSTEM WEAKENING TECHNIQUES A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis serve ... Pierluigi Paganini February 21, 2024 Security CRITICAL FLAW FOUND IN DEPRECATED VMWARE EAP. UNINSTALL IT IMMEDIATELY VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated E ... Pierluigi Paganini February 21, 2024 Hacking MICROSOFT EXCHANGE FLAW CVE-2024-21410 COULD IMPACT UP TO 97,000 SERVERS Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The vulnerability CVE-2024-21410 is a bypass vulnerabili ... Pierluigi Paganini February 21, 2024 Security CONNECTWISE FIXED CRITICAL FLAWS IN SCREENCONNECT REMOTE ACCESS TOOL ConnectWise addressed two critical vulnerabilities in its ScreenConnect remote desktop access product and urges customers to install the patches asap. ConnectWise warns of the following two critic ... Pierluigi Paganini February 20, 2024 Cyber Crime MORE DETAILS ABOUT OPERATION CRONOS THAT DISRUPTED LOCKBIT OPERATION Law enforcement provided additional details about the international Operation Cronos that led to the disruption of the Lockbit ransomware operation. Yesterday, a joint law enforcement action, code ... Pierluigi Paganini February 20, 2024 Hacking CACTUS RANSOMWARE GANG CLAIMS THE THEFT OF 1.5TB OF DATA FROM ENERGY MANAGEMENT AND INDUSTRIAL AUTOMATION FIRM SCHNEIDER ELECTRIC The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pil ... Pierluigi Paganini February 20, 2024 Cyber Crime OPERATION CRONOS: LAW ENFORCEMENT DISRUPTED THE LOCKBIT OPERATION An international law enforcement operation codenamed 'Operation Cronos' led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, con ... Pierluigi Paganini February 19, 2024 Cyber Crime A UKRAINIAN RACCOON INFOSTEALER OPERATOR IS AWAITING TRIAL IN THE US The Raccoon Infostealer operator, Mark Sokolovsky, was extradited to the US from the Netherlands to appear in a US court. In October 2020, the US Justice Department charged a Ukrainian national, M ... Pierluigi Paganini February 19, 2024 APT RUSSIA-LINKED APT TAG-70 TARGETS EUROPEAN GOVERNMENT AND MILITARY MAIL SERVERS EXPLOITING ROUNDCUBE XSS An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group id ... Pierluigi Paganini February 19, 2024 Cyber Crime HOW BRICS GOT "RUG PULLED" – CRYPTOCURRENCY COUNTERFEITING IS ON THE RISE Resecurity has identified an increasing trend of cryptocurrency counterfeiting, the experts found several tokens impersonating major brands, government organizations and national fiat currencies. ... Pierluigi Paganini February 19, 2024 Security SOLARWINDS ADDRESSED CRITICAL RCES IN ACCESS RIGHTS MANAGER (ARM) SolarWinds addressed three critical vulnerabilities in its Access Rights Manager (ARM) solution, including two RCE bugs. SolarWinds has fixed several Remote Code Execution (RCE) vulnerabilities in ... Pierluigi Paganini February 19, 2024 Breaking News ESET FIXED HIGH-SEVERITY LOCAL PRIVILEGE ESCALATION BUG IN WINDOWS PRODUCTS Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution. ESET addressed a high-severity vulnerability, tracked as CVE-2024-0353 ... Pierluigi Paganini February 18, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 459 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 18, 2024 Cyber Crime UKRAINIAN NATIONAL FACES UP TO 20 YEARS IN PRISON FOR HIS ROLE IN ZEUS, ICEDID MALWARE SCHEMES A Ukrainian national pleaded guilty to his role in the Zeus and IcedID operations, which caused tens of millions of dollars in losses. Ukrainian national Vyacheslav Igorevich Penchukov has pleaded ... Pierluigi Paganini February 17, 2024 Cyber Crime CISA: CISCO ASA/FTD BUG CVE-2020-3259 EXPLOITED IN RANSOMWARE ATTACKS CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) in attacks in the wild. This week the U.S. Cybersecurity and Infrastructure ... Pierluigi Paganini February 17, 2024 Security CISA ADDS MICROSOFT EXCHANGE AND CISCO ASA AND FTD BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastru ... Pierluigi Paganini February 16, 2024 Cyber Crime US GOV OFFERS A REWARD OF UP TO $10M FOR INFO ON ALPHV/BLACKCAT GANG LEADERS The U.S. government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. The U.S. Department of State is ... Pierluigi Paganini February 16, 2024 Hacking U.S. CISA: HACKERS BREACHED A STATE GOVERNMENT ORGANIZATION U.S. CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The U.S. Cybersecurity and Infrastructure Secur ... Pierluigi Paganini February 16, 2024 APT RUSSIA-LINKED TURLA APT USES NEW TINYTURLA-NG BACKDOOR TO SPY ON POLISH NGOS Russia-linked APT group Turla has been spotted targeting Polish non-governmental organizations (NGO) with a new backdoor dubbed TinyTurla-NG. Russia-linked cyberespionage group Turla has been spo ... Pierluigi Paganini February 16, 2024 Cyber Crime US GOV DISMANTLED THE MOOBOT BOTNET CONTROLLED BY RUSSIA-LINKED APT28 The US authorities dismantled the Moobot botnet, which was controlled by the Russia-linked cyberespionage group APT28. A court order allowed US authorities to neutralize the Moobot botnet, a netwo ... Pierluigi Paganini February 15, 2024 Hacking A CYBERATTACK HALTED OPERATIONS AT VARTA PRODUCTION PLANTS On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber atta ... Pierluigi Paganini February 15, 2024 APT NORTH KOREA-LINKED ACTORS BREACHED THE EMAILS OF A PRESIDENTIAL OFFICE MEMBER The office of South Korean President Yoon Suk Yeol said that North Korea-linked actors breached the personal emails of one of his staff members. The office of South Korean President Yoon Suk Yeol ... Pierluigi Paganini February 15, 2024 Hacking CISA ADDS MICROSOFT WINDOWS BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds 2 Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ... Pierluigi Paganini February 15, 2024 APT NATION-STATE ACTORS ARE USING AI SERVICES AND LLMS FOR CYBERATTACKS Microsoft and OpenAI warn that nation-state actors are using ChatGPT to automate some phases of their attack chains, including target reconnaissance and social engineering attacks. Multiple nation ... Pierluigi Paganini February 15, 2024 Security ABUSING THE UBUNTU 'COMMAND-NOT-FOUND' UTILITY TO INSTALL MALICIOUS PACKAGES Researchers reported that attackers can exploit the 'command-not-found' utility to trick users into installing rogue packages on Ubuntu systems. Cybersecurity researchers from cloud security firm ... Pierluigi Paganini February 14, 2024 Security ZOOM FIXED CRITICAL FLAW CVE-2024-24691 IN WINDOWS SOFTWARE Zoom addressed seven vulnerabilities in its desktop and mobile applications, including a critical flaw (CVE-2024-24691) affecting the Windows software. The popular Video messaging giant Zoom relea ... Pierluigi Paganini February 14, 2024 Security ADOBE PATCH TUESDAY FIXED CRITICAL VULNERABILITIES IN MAGENTO, ACROBAT AND READER Adobe Patch Tuesday security updates for February 2024 addressed more than 30 vulnerabilities in multiple products, including critical issues. Adobe Patch Tuesday security updates released by Adob ... Pierluigi Paganini February 14, 2024 Security MICROSOFT PATCH TUESDAY FOR FEBRUARY 2024 FIXED 2 ACTIVELY EXPLOITED 0-DAYS Microsoft Patch Tuesday security updates for February 2024 addressed 72 flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 2024 resolved ... Pierluigi Paganini February 14, 2024 Cyber Crime A RANSOMWARE ATTACK TOOK 100 ROMANIAN HOSPITALS DOWN Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that target ... Pierluigi Paganini February 13, 2024 Data Breach BANK OF AMERICA CUSTOMER DATA COMPROMISED AFTER A THIRD-PARTY SERVICES PROVIDER DATA BREACH Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers follo ... Pierluigi Paganini February 13, 2024 Reports RANSOMFEED - THIRD QUARTER REPORT 2023 IS OUT! Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. A comprehensive report delving into the intricate landscape ... Pierluigi Paganini February 13, 2024 Hacking GLOBAL MALICIOUS ACTIVITY TARGETING ELECTIONS IS SKYROCKETING Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally With more voters than ever in history heading to the polls in 2024, Resecurity has iden ... Pierluigi Paganini February 13, 2024 Cyber Crime RESEARCHERS RELEASED A FREE DECRYPTION TOOL FOR THE RHYSIDA RANSOMWARE Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Interne ... Pierluigi Paganini February 12, 2024 Security RESIDENTIAL PROXIES VS. DATACENTER PROXIES: CHOOSING THE RIGHT OPTION Residential Proxies vs. Datacenter Proxies: this blog post examines the contours of each type and provides info on how to choose the perfect proxy option In the robust landscape of the digital era ... Pierluigi Paganini February 12, 2024 Hacking CISA ADDS ROUNDCUBE WEBMAIL PERSISTENT XSS BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cyb ... Pierluigi Paganini February 12, 2024 Security CANADA GOV PLANS TO BAN THE FLIPPER ZERO TO CURB CAR THEFTS The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipp ... Pierluigi Paganini February 12, 2024 Security 9 POSSIBLE WAYS HACKERS CAN USE PUBLIC WI-FI TO STEAL YOUR SENSITIVE DATA Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We've all used public Wi-Fi: it's convenient, saves our data, and sp ... Pierluigi Paganini February 12, 2024 Cyber Crime US FEDS ARRESTED TWO MEN INVOLVED IN THE WARZONE RAT OPERATION The U.S. Justice Department (DoJ) seized the infrastructure that was used to sell the remote access trojan (RAT) Warzone RAT. The Justice Department announced the seizure of internet domains used ... Pierluigi Paganini February 12, 2024 Malware RASPBERRY ROBIN SPOTTED USING TWO NEW 1-DAY LPE EXPLOITS Raspberry Robin continues to evolve, it was spotted using two new one-day exploits for vulnerabilities either Discord to host samples. Raspberry Robin is a Windows worm discovered by cybers ... Pierluigi Paganini February 11, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 458 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 11, 2024 Hacking CISA ADDS FORTINET FORTIOS BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CI ... Pierluigi Paganini February 10, 2024 Malware MACOS BACKDOOR RUSTDOOR LIKELY LINKED TO ALPHV/BLACKCAT RANSOMWARE OPERATIONS Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubb ... Pierluigi Paganini February 10, 2024 Hacking EXPLOITING A VULNERABLE MINIFILTER DRIVER TO CREATE A PROCESS KILLER Researcher demonstrated how to exploit a signed Minifilter Driver in a BYOVD attack to terminate a specific process from the kernel. Exploiting a signed Minifilter Driver that can be used to used ... Pierluigi Paganini February 09, 2024 Data Breach BLACK BASTA RANSOMWARE GANG HACKED HYUNDAI MOTOR EUROPE Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe ... Pierluigi Paganini February 09, 2024 Hacking FORTINET WARNS OF A NEW ACTIVELY EXPLOITED RCE FLAW IN FORTIOS SSL VPN Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. Fortinet is warning that the recently disc ... Pierluigi Paganini February 09, 2024 Security IVANTI WARNS OF A NEW AUTH BYPASS FLAW IN ITS CONNECT SECURE, POLICY SECURE, AND ZTA GATEWAY DEVICES Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. Ivanti has warned customers of a new high-severity security vulne ... Pierluigi Paganini February 09, 2024 Security 26 CYBER SECURITY STATS EVERY USER SHOULD BE AWARE OF IN 2024 26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technology. Cyber Crime Surge: During COVID-19, cyber crimes shot up by 600%, s ... Pierluigi Paganini February 09, 2024 Cyber Crime US OFFERS $10 MILLION REWARD FOR INFO ON HIVE RANSOMWARE GROUP LEADERS U.S. Government offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware group. The US Department of State announced rewards u ... Pierluigi Paganini February 08, 2024 Internet of Things UNRAVELING THE TRUTH BEHIND THE DDOS ATTACK FROM ELECTRIC TOOTHBRUSHES Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. Is it true? The Swiss newspaper Aargauer Zeitung first published the news of a DD ... Pierluigi Paganini February 08, 2024 APT CHINA-LINKED APT VOLT TYPHOON REMAINED UNDETECTED FOR YEARS IN US INFRASTRUCTURE China-linked APT Volt Typhoon infiltrated a critical infrastructure network in the US and remained undetected for at least five years. US CISA, the NSA, the FBI, along with partner Five Eyes agenc ... Pierluigi Paganini February 08, 2024 Security CISCO FIXES CRITICAL EXPRESSWAY SERIES CSRF VULNERABILITIES CISCO fixed two critical flaws in Expressway Series collaboration gateways exposing vulnerable devices to cross-site request forgery (CSRF) attacks. Cisco addressed several vulnerabilities in its ... Pierluigi Paganini February 08, 2024 Security CISA ADDS GOOGLE CHROMIUM V8 TYPE CONFUSION BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 Type Confusion bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ... Pierluigi Paganini February 07, 2024 Security FORTINET ADDRESSED TWO CRITICAL FORTISIEM VULNERABILITIES Fortinet warns of two critical OS command injection vulnerabilities in FortiSIEM that could allow remote attackers to execute arbitrary code Cybersecurity vendor Fortinet warned of two critical vu ... Pierluigi Paganini February 07, 2024 Hacking EXPERTS WARN OF A CRITICAL BUG IN JETBRAINS TEAMCITY ON-PREMISES A new vulnerability in JetBrains TeamCity On-Premises can be exploited by threat actors to take over vulnerable instances. JetBrains addressed a critical security vulnerability, tracked as CVE-202 ... Pierluigi Paganini February 07, 2024 Hacking CRITICAL SHIM BUG IMPACTS EVERY LINUX BOOT LOADER SIGNED IN THE PAST DECADE The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of 'shim' addressed six vulnerabilities with ... Pierluigi Paganini February 07, 2024 APT CHINA-LINKED APT DEPLOYED MALWARE IN A NETWORK OF THE DUTCH MINISTRY OF DEFENCE China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence and Security Service (MIVD) and the General Int ... Pierluigi Paganini February 07, 2024 Hacking COMMERCIAL SPYWARE VENDORS ARE BEHIND MOST ZERO-DAY EXPLOITS DISCOVERED BY GOOGLE TAG Google's TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. The latest report published by Google Threat Analysis Group (TAG), ... Pierluigi Paganini February 06, 2024 Mobile GOOGLE FIXED AN ANDROID CRITICAL REMOTE CODE EXECUTION FLAW Google released Android ’s February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution issue. Google released Android February 2024 security patches ... Pierluigi Paganini February 06, 2024 Cyber Crime A MAN FACES UP TO 25 YEARS IN PRISON FOR HIS ROLE IN OPERATING UNLICENSED CRYPTO EXCHANGE BTC-E A Belarusian and Cypriot national linked with the cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison. Aliaksandr Klimenka, a Belarusian and Cypriot ... Pierluigi Paganini February 06, 2024 Laws and regulations U.S. GOV IMPOSES VISA RESTRICTIONS ON INDIVIDUALS MISUSING COMMERCIAL SPYWARE The U.S. government imposes visa restrictions on individuals who are involved in the illegal use of commercial spyware. The U.S. State Department announced it is implementing a new policy to impo ... Pierluigi Paganini February 06, 2024 Cyber Crime HPE IS INVESTIGATING CLAIMS OF A NEW SECURITY BREACH Hewlett Packard Enterprise (HPE) is investigating a new data breach after a threat actor claimed to have stolen data on a hacking forum. Hewlett Packard Enterprise (HPE) is investigating a new dat ... Pierluigi Paganini February 06, 2024 Hacking EXPERTS WARN OF A SURGE OF ATTACKS TARGETING IVANTI SSRF FLAW The Ivanti SSRF vulnerability tracked as CVE-2024-21893 is actively exploited in attacks in the wild by multiple threat actors. The Ivanti Server-Side Request Forgery (SSRF) vulnerability, identi ... Pierluigi Paganini February 05, 2024 Hacking HOW TO HACK THE AIRBUS NAVBLUE FLYSMART+ MANAGER Airbus Navblue Flysmart+ Manager allowed attackers to tamper with the engine performance calculations and intercept data. Flysmart+ is a suite of apps for pilot EFBs, helping deliver efficient and ... Pierluigi Paganini February 05, 2024 Cyber Crime CROOKS STOLE $25.5 MILLION FROM A MULTINATIONAL FIRM USING A 'DEEPFAKE' VIDEO CALL Scammers stole HK$200 million (roughly $25,5 million) from a multi-national company using a deepfake conf call to trick an employee into transferring the funds. Scammers successfully stole HK$200 ... Pierluigi Paganini February 05, 2024 Hacking SOFTWARE FIRM ANYDESK DISCLOSED A SECURITY BREACH Remote desktop software company AnyDesk announced that threat actors compromised its production environment. Remote desktop software company AnyDesk announced on Friday that threat actors had acce ... Pierluigi Paganini February 05, 2024 Data Breach THE 'MOTHER OF ALL BREACHES': NAVIGATING THE AFTERMATH AND FORTIFYING YOUR DATA WITH DSPM What is Data Security Posture Management (DSPM) and how you can mitigate the risks of data leaks such as the 'Mother of All Breaches' Cybersecurity researchers recently uncovered what is now being ... Pierluigi Paganini February 04, 2024 Cyber warfare US GOVERNMENT IMPOSED SANCTIONS ON SIX IRANIAN INTEL OFFICIALS The US government issued sanctions against six Iranian government officials linked to cyberattacks against critical infrastructure organizations. The U.S. Treasury Department's Office of Foreign ... Pierluigi Paganini February 04, 2024 Cyber Crime A CYBERATTACK IMPACTED OPERATIONS AT LURIE CHILDREN'S HOSPITAL A cyber attack forced Lurie Children's Hospital in Chicago to take IT systems offline with a severe impact on its operations. The Lurie Children's Hospital in Chicago took IT systems offline after ... Pierluigi Paganini February 04, 2024 Cyber Crime ANYDESK INCIDENT: CUSTOMER CREDENTIALS LEAKED AND PUBLISHED FOR SALE ON THE DARK WEB Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web. Such information being available for cybercriminals could act as a catalys ... Pierluigi Paganini February 04, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 457 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini February 04, 2024 Security CLOROX ESTIMATES THE COSTS OF THE AUGUST CYBERATTACK WILL EXCEED $49 MILLION Cleaning products giant Clorox estimates the economic impact of the cyber attack that hit the company in August 2023 at $49 million. The Clorox Company is a multinational consumer goods company th ... Pierluigi Paganini February 03, 2024 Hacking MASTODON FIXED A FLAW THAT CAN ALLOW THE TAKEOVER OF ANY ACCOUNT A vulnerability impacting the decentralized social network Mastodon can be exploited by threat actors to impersonate and take over any account. A security flaw, tracked as CVE-2024-23832 (CVSS sco ... Pierluigi Paganini February 03, 2024 Hacking IRANIAN HACKERS BREACHED ALBANIA’S INSTITUTE OF STATISTICS (INSTAT) Albania’s Institute of Statistics (INSTAT) announced that it was targeted by a sophisticated cyberattack that affected some of its systems. A sophisticated cyberattack on Wednesday hit Albania� ... Pierluigi Paganini February 02, 2024 Cyber Crime OPERATION SYNERGIA LED TO THE ARREST OF 31 INDIVIDUALS An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Operation Synergia was led by Interpo ... Pierluigi Paganini February 02, 2024 Intelligence EX CIA EMPLOYEE JOSHUA ADAM SCHULTE SENTENCED TO 40 YEARS IN PRISON A former software engineer with the U.S. CIA has been sentenced to 40 years in prison for leaking classified documents. Former CIA employee Joshua Adam Schulte has been sentenced to 40 years in p ... Pierluigi Paganini February 02, 2024 Hacking CLOUDFLARE BREACHED ON THANKSGIVING DAY, BUT THE ATTACK WAS PROMPTLY CONTAINED Cloudflare revealed that a nation-state actor breached its internal Atlassian server, gaining access to the internal wiki and its bug database (Atlassian Jira). The incident took place on Thanksg ... Pierluigi Paganini February 02, 2024 Malware PURPLEFOX MALWARE INFECTED AT LEAST 2,000 COMPUTERS IN UKRAINE The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. The Computer Emergency Response T ... Pierluigi Paganini February 02, 2024 Cyber Crime MAN SENTENCED TO SIX YEARS IN PRISON FOR STEALING MILLIONS IN CRYPTOCURRENCY VIA SIM SWAPPING A US man has been sentenced to federal prison for his role in a fraudulent scheme that resulted in the theft of millions of dollars through SIM swapping. Daniel James Junk (22) of Portland was sen ... Pierluigi Paganini February 01, 2024 Security CISA ORDERS FEDERAL AGENCIES TO DISCONNECT IVANTI VPN INSTANCES BY FEBRUARY 2 CISA is ordering federal agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. For the first time since its establishment, CISA is ordering federal agenci ... Pierluigi Paganini February 01, 2024 APT MULTIPLE MALWARE USED IN ATTACKS EXPLOITING IVANTI VPN FLAWS Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a Ch ... Pierluigi Paganini February 01, 2024 Cyber Crime POLICE SEIZED 50,000 BITCOIN FROM OPERATOR OF THE NOW-DEFUNCT PIRACY SITE MOVIE2K German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to. The police in Saxony, Germany, have seized 50,000 Bitcoin (more than $2.1 billion at the ... Pierluigi Paganini February 01, 2024 Cyber Crime CROOKS STOLE AROUND $112 MILLION WORTH OF XRP FROM RIPPLE’S CO-FOUNDER Crooks stole around $112 million worth of Ripple XRP from the crypto wallet of Ripple’s co-founder Chris Larsen. This week, crooks stole around $112 million worth of the Ripple-focused cryptocur ... Pierluigi Paganini January 31, 2024 Security CISA ADDS APPLE IMPROPER AUTHENTICATION BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securi ... Pierluigi Paganini January 31, 2024 Hacking IVANTI WARNS OF A NEW ACTIVELY EXPLOITED ZERO-DAY Ivanti warns of two new vulnerabilities in its Connect Secure and Policy Secure products, one of which is actively exploited in the wild. Ivanti is warning of two new high-severity vulnerabilities ... Pierluigi Paganini January 31, 2024 Malware THREAT ACTORS EXPLOIT IVANTI VPN BUGS TO DEPLOY KRUSTYLOADER MALWARE Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early January 2024, software firm Ivanti reported that threat ... Pierluigi Paganini January 31, 2024 Security DATA LEAK AT FINTECH GIANT DIRECT TRADING TECHNOLOGIES Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading Technologies, an international fintech company, jeo ... Pierluigi Paganini January 31, 2024 Breaking News ROOT ACCESS VULNERABILITY IN GNU LIBRARY C (GLIBC) IMPACTS MANY LINUX DISTROS Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The Qualys Threat Research Unit discovered four securit ... Pierluigi Paganini January 30, 2024 Laws and regulations ITALIAN DATA PROTECTION AUTHORITY SAID THAT CHATGPT VIOLATED EU PRIVACY LAWS Italian data protection authority regulator authority Garante said that ChatGPT violated European Union data privacy regulations. The Italian data protection authority regulator authority, known a ... Pierluigi Paganini January 30, 2024 Data Breach 750 MILLION INDIAN MOBILE SUBSCRIBERS' DATA OFFERED FOR SALE ON DARK WEB Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian m ... Pierluigi Paganini January 30, 2024 Security JUNIPER NETWORKS RELEASED OUT-OF-BAND UPDATES TO FIX HIGH-SEVERITY FLAWS Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take over unpatched systems. Juniper Networks has released out-of ... Pierluigi Paganini January 30, 2024 Cyber Crime HUNDREDS OF NETWORK OPERATORS’ CREDENTIALS FOUND CIRCULATING IN DARK WEB Hundreds of compromised credentials of customers of RIPE, APNIC, AFRINIC, and LACNIC are available on the dark web, Resecurity warns. Resecurity conducted a thorough scan of the Dark Web and ident ... Pierluigi Paganini January 30, 2024 Data Breach CACTUS RANSOMWARE GANG CLAIMS THE SCHNEIDER ELECTRIC HACK Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energ ... Pierluigi Paganini January 30, 2024 Data Breach MERCEDES-BENZ ACCIDENTALLY EXPOSED SENSITIVE DATA, INCLUDING SOURCE CODE Researchers discovered that Mercedes-Benz accidentally left a private key online exposing internal data, including the company’s source code. RedHunt Labs researchers discovered that Mercedes-Be ... Pierluigi Paganini January 29, 2024 Hacking EXPERTS DETAILED MICROSOFT OUTLOOK FLAW THAT CAN LEAK NTLM V2 HASHED PASSWORDS A flaw in Microsoft Outlook can be exploited to access NTLM v2 hashed passwords by tricking users into opening a specially crafted file. The vulnerability CVE-2023-35636 impacting Microsoft Outloo ... Pierluigi Paganini January 29, 2024 Intelligence NSA BUYS INTERNET BROWSING RECORDS FROM DATA BROKERS WITHOUT A WARRANT The U.S. National Security Agency (NSA) admitted to buying internet browsing records from data brokers to monitor Americans' activity online without a court order. U.S. Senator Ron Wyden, D-Ore., ... Pierluigi Paganini January 29, 2024 Intelligence UKRAINE’S SBU ARRESTED A MEMBER OF PRO-RUSSIA HACKERS GROUP 'CYBER ARMY OF RUSSIA' Ukraine's security service (SBU) detained an alleged member of the pro-Russia hacker group "the Cyber Army of Russia." Ukraine's security service, the SBU, announced that it has identified and de ... Pierluigi Paganini January 29, 2024 Hacking MULTIPLE POC EXPLOITS RELEASED FOR JENKINS FLAW CVE-2024-23897 Multiple proof-of-concept (PoC) exploits for recently disclosed critical Jenkins vulnerability CVE-2024-23897 have been released. Researchers warn that several proof-of-concept (PoC) exploits targ ... Pierluigi Paganini January 28, 2024 Cyber Crime MEDUSA RANSOMWARE ATTACK HIT KANSAS CITY AREA TRANSPORTATION AUTHORITY Medusa ransomware gang claimed responsibility for the attack against the Kansas City Area Transportation Authority (KCATA). On January 23, 2023, the Kansas City Area Transportation Authority (KCAT ... Pierluigi Paganini January 28, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 456 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 28, 2024 Hacktivism PRO-UKRAINE HACKERS WIPED 2 PETABYTES OF DATA FROM RUSSIAN RESEARCH CENTER The Main Intelligence Directorate of Ukraine's Ministry of Defense states that pro-Ukraine hackers wiped 2 petabytes of data from a Russian research center. The Main Directorate of Intelligence of ... Pierluigi Paganini January 27, 2024 Hacking PARTICIPANTS EARNED MORE THAN $1.3M AT THE PWN2OWN AUTOMOTIVE COMPETITION Bug bounty hunters earned more than $1.3 million for hacking Teslas, infotainment systems, and electric vehicle chargers at the Pwn2Own Automotive competition. The Zero Day Initiative’s Pwn2Own ... Pierluigi Paganini January 27, 2024 Cyber Crime A TRICKBOT MALWARE DEVELOPER SENTENCED TO 64 MONTHS IN PRISON The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sente ... Pierluigi Paganini January 26, 2024 APT RUSSIAN MIDNIGHT BLIZZARD APT IS TARGETING ORGS WORLDWIDE, MICROSOFT WARNS Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign. Microsoft announced that the Russia-linked APT Midnight Blizzar ... Pierluigi Paganini January 26, 2024 Security WATCH OUT, EXPERTS WARN OF A CRITICAL FLAW IN JENKINS Jenkins maintainers addressed several security vulnerabilities, including a critical remote code execution (RCE) flaw. Jenkins is the most popular open source automation server, it is maintai ... Pierluigi Paganini January 26, 2024 Hacking PWN2OWN AUTOMOTIVE 2024 DAY 2 - TESLA HACKED AGAIN Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team (@Synacktiv) compromised ... Pierluigi Paganini January 26, 2024 Reports YEARLY INTEL TREND REVIEW: THE 2023 REDSENSE REPORT The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and disco ... Pierluigi Paganini January 25, 2024 Security CISCO WARNS OF A CRITICAL BUG IN UNIFIED COMMUNICATIONS PRODUCTS, PATCH IT NOW! Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. Cisco released security patches to address a critical ... Pierluigi Paganini January 25, 2024 Security RUSSIA-LINKED APT GROUP MIDNIGHT BLIZZARD HACKED HEWLETT PACKARD ENTERPRISE (HPE) Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight Blizzard gained access to its Microsoft Office 365 email system. Hewlett Packard Enterprise (HPE) revealed that alle ... Pierluigi Paganini January 25, 2024 Hacking CISA ADDS ATLASSIAN CONFLUENCE DATA CENTER BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cyber ... Pierluigi Paganini January 25, 2024 Hacking 5379 GITLAB SERVERS VULNERABLE TO ZERO-CLICK ACCOUNT TAKEOVER ATTACKS Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabi ... Pierluigi Paganini January 24, 2024 Hacking EXPERTS RELEASED POC EXPLOIT FOR FORTRA GOANYWHERE MFT FLAW CVE-2024-0204 Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra's GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3' ... Pierluigi Paganini January 24, 2024 Security SPLUNK FIXED HIGH-SEVERITY FLAW IMPACTING WINDOWS VERSIONS Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw impacting Windows installs. Splunk addressed multiple vulnerabilities in Splunk Enterprise, including ... Pierluigi Paganini January 24, 2024 Hacking WATCH OUT, A NEW CRITICAL FLAW AFFECTS FORTRA GOANYWHERE MFT Fortra addressed a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) product. Fortra warns customers of a new authentication bypass vulnerability tracked as� ... Pierluigi Paganini January 23, 2024 Hacking AUSTRALIAN GOVERNMENT ANNOUNCED SANCTIONS FOR MEDIBANK HACKER The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Ge ... Pierluigi Paganini January 23, 2024 Hacking LOANDEPOT DATA BREACH IMPACTED ROUGHLY 16.6 INDIVIDUALS Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 million individuals. LoanDepot is a financial services company that primarily operates as a mortgage lender. ... Pierluigi Paganini January 23, 2024 Cyber Crime BLACK BASTA GANG CLAIMS THE HACK OF THE UK WATER UTILITY SOUTHERN WATER The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. Southern Water is a private utility company responsible for col ... Pierluigi Paganini January 23, 2024 Security CISA ADDS VMWARE VCENTER SERVER BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds VMware vCenter Server Out-of-Bounds Write bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastr ... Pierluigi Paganini January 23, 2024 Breaking News MOTHER OF ALL BREACHES - A HISTORIC DATA LEAK REVEALS 26 BILLION RECORDS: CHECK WHAT'S EXPOSED Cybersecurity researcher Bob Dyachenko and CyberNews researchers discovered the largest data leak ever discovered. The supermassive leak contains data from numerous previous breaches, comprising a ... Pierluigi Paganini January 22, 2024 Security APPLE FIXED ACTIVELY EXPLOITED ZERO-DAY CVE-2024-23222 Apple addressed the first zero-day vulnerability that impacts iPhones, Macs, and Apple TVs. The issue is actively exploited in the wild. Apple released security updates to address a zero-day vulne ... Pierluigi Paganini January 22, 2024 Cyber Crime “MY SLICE”, AN ITALIAN ADAPTIVE PHISHING CAMPAIGN Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing t ... Pierluigi Paganini January 22, 2024 Malware THREAT ACTORS EXPLOIT APACHE ACTIVEMQ FLAW TO DELIVER THE GODZILLA WEB SHELL Researchers warn of a spike in attacks exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell. Trustwave researchers observed a surge in attacks exploiting a now-patche ... Pierluigi Paganini January 22, 2024 Data Breach CYBERCRIMINALS LEAKED MASSIVE VOLUMES OF STOLEN PII DATA FROM THAILAND IN DARK WEB Resecurity researchers warn of massive leak of stolen Thai personally identifiable information (PII) on the dark web by cybercriminals. Resecurity has detected a noticeable increase in data leaks ... Pierluigi Paganini January 22, 2024 Malware BACKDOORED PIRATED APPLICATIONS TARGETS APPLE MACOS USERS Researchers warned that pirated applications have been employed to deliver a backdoor to Apple macOS users. Jamf Threat Labs researchers warned that pirated applications have been utilized to dist ... Pierluigi Paganini January 22, 2024 Cyber Crime LOCKBIT RANSOMWARE GANG CLAIMS THE ATTACK ON THE SANDWICH CHAIN SUBWAY The LockBit ransomware gang claimed to have hacked Subway, the American multinational fast food restaurant franchise. Subway IP LLC is an American multinational fast-food restauran ... Pierluigi Paganini January 21, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 455 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 21, 2024 Cyber Crime ADMIN OF THE BREACHFORUMS HACKING FORUM SENTENCED TO 20 YEARS SUPERVISED RELEASE Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, has been sentenced to 20 years supervised release. Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, was s ... Pierluigi Paganini January 20, 2024 Data Breach VF CORP DECEMBER DATA BREACH IMPACTS 35 MILLION CUSTOMERS American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 million customers. VF Corporation is an American global apparel and footwear company ... Pierluigi Paganini January 19, 2024 APT CHINA-LINKED APT UNC3886 EXPLOITS VMWARE ZERO-DAY SINCE 2021 China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has ... Pierluigi Paganini January 19, 2024 Reports RANSOMWARE ATTACKS BREAK RECORDS IN 2023: THE NUMBER OF VICTIMS ROSE BY 128% Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased ... Pierluigi Paganini January 19, 2024 Hacking U.S. CISA WARNS OF ACTIVELY EXPLOITED IVANTI EPMM FLAW CVE-2023-35082 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM flaw CVE-2023-35082 to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Securit ... Pierluigi Paganini January 19, 2024 Security THE QUANTUM COMPUTING CRYPTOPOCALYPSE – I’LL KNOW IT WHEN I SEE IT Can quantum computing break cryptography? Can it do it within a person’s lifetime? Will it be a cryptopocalypse, as some experts suggest? Can quantum computing break cryptography? Sure, it can. ... Pierluigi Paganini January 19, 2024 Security KANSAS STATE UNIVERSITY SUFFERED A SERIOUS CYBERSECURITY INCIDENT Kansas State University (K-State) suffered a cybersecurity incident that has disrupted part of its network and services. Kansas State University (K-State) suffered a cybersecurity incident that im ... Pierluigi Paganini January 19, 2024 Hacking CISA ADDS CHROME AND CITRIX NETSCALER TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency ... Pierluigi Paganini January 18, 2024 APT GOOGLE TAG WARNS THAT RUSSIAN COLDRIVER APT IS USING A CUSTOM BACKDOOR Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT (aka “Seaborgium“, "Callisto", “Star Blizzard”, “TA ... Pierluigi Paganini January 18, 2024 Hacking PIXIEFAIL: NINE FLAWS IN UEFI OPEN-SOURCE REFERENCE IMPLEMENTATION COULD HAVE SEVERE IMPACTS Experts found multiple flaws, collectively named PixieFail, in the network protocol stack of an open-source reference implementation of the UEFI. Quarkslab researchers discovered nine vulnerabili ... Pierluigi Paganini January 18, 2024 Malware ISHUTDOWN LIGHTWEIGHT METHOD ALLOWS TO DISCOVER SPYWARE INFECTIONS ON IPHONES Researchers devised a "lightweight method," called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a " ... Pierluigi Paganini January 18, 2024 Hacking PRO-RUSSIA GROUP HIT SWISS GOVT SITES AFTER ZELENSKY VISIT IN DAVOS Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Switzerland believes that the cyberatta ... Pierluigi Paganini January 17, 2024 Security GITHUB ROTATED CREDENTIALS AFTER THE DISCOVERY OF A VULNERABILITY GitHub rotated some credentials after the discovery of a flaw that allowed access to the environment variables of a production container. After GitHub became aware of a vulnerability through its b ... Pierluigi Paganini January 17, 2024 Cyber Crime FBI, CISA WARN OF ANDROXGH0ST BOTNET FOR VICTIM IDENTIFICATION AND EXPLOITATION U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) r ... Pierluigi Paganini January 17, 2024 Hacking CITRIX WARNS ADMINS TO IMMEDIATELY PATCH NETSCALER FOR ACTIVELY EXPLOITED ZERO-DAYS Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited ze ... Pierluigi Paganini January 17, 2024 Security GOOGLE FIXED THE FIRST ACTIVELY EXPLOITED CHROME ZERO-DAY OF 2024 Google has addressed the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. Google has released security updates to address the first Chrome zero-day vul ... Pierluigi Paganini January 16, 2024 Breaking News ATLASSIAN FIXED CRITICAL RCE IN OLDER CONFLUENCE VERSIONS Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerabi ... Pierluigi Paganini January 16, 2024 Security VMWARE FIXED A CRITICAL FLAW IN ARIA AUTOMATION. PATCH IT NOW! VMware warns customers of a critical vulnerability impacting its Aria Automation multi-cloud infrastructure automation platform. VMware Aria Automation (formerly vRealize Automation) is a modern c ... Pierluigi Paganini January 16, 2024 Hacking EXPERTS WARN OF MASS EXPLOITATION OF IVANTI CONNECT SECURE VPN FLAWS Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors ar ... Pierluigi Paganini January 16, 2024 Security EXPERTS WARN OF A VULNERABILITY AFFECTING BOSCH BCC100 THERMOSTAT Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The ... Pierluigi Paganini January 16, 2024 Hacking OVER 178,000 SONICWALL NEXT-GENERATION FIREWALLS (NGFW) ONLINE EXPOSED TO HACK Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two ... Pierluigi Paganini January 15, 2024 Hacking PHEMEDRONE INFO STEALER CAMPAIGN EXPLOITS WINDOWS SMARTSCREEN BYPASS Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver the Phemedrone info stealer. Trend Micro researchers uncovered a malware campaign exploiting the vulnerabil ... Pierluigi Paganini January 15, 2024 Malware BALADA INJECTOR CONTINUES TO INFECT THOUSANDS OF WORDPRESS SITES Balada Injector malware infected more than 7100 WordPress sites using a vulnerable version of the Popup Builder plugin. In September, Sucuri researchers reported that more than 17,000 WordPress we ... Pierluigi Paganini January 15, 2024 Hacking ATTACKERS TARGET APACHE HADOOP AND FLINK TO DELIVER CRYPTOMINERS Researchers devised a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners. Cybersecurity researchers from cyber security firm Aqua have uncovered ... Pierluigi Paganini January 15, 2024 Hacking APPLE FIXED A BUG IN MAGIC KEYBOARD THAT ALLOWS TO MONITOR BLUETOOTH TRAFFIC Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recen ... Pierluigi Paganini January 15, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 454 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 13, 2024 Security GITLAB FIXED A CRITICAL ZERO-CLICK ACCOUNT HIJACKING FLAW GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to add ... Pierluigi Paganini January 13, 2024 Security JUNIPER NETWORKS FIXED A CRITICAL RCE BUG IN ITS FIREWALLS AND SWITCHES Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Juniper Networks released security updat ... Pierluigi Paganini January 12, 2024 Deep Web VAST VOTER DATA LEAKS CAST SHADOW OVER INDONESIA ’S 2024 PRESIDENTIAL ELECTION Investigators from Resecurity’s HUNTER (HUMINT) warn that Indonesia is increasingly being targeted by cyber-threat actors. Investigators from Resecurity’s HUNTER (HUMINT) have found that Indon ... Pierluigi Paganini January 12, 2024 Hacking RESEARCHERS CREATED A POC FOR APACHE OFBIZ FLAW CVE-2023-51467 Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a pro ... Pierluigi Paganini January 12, 2024 Security TEAM LIQUID’S WIKI LEAK EXPOSES 118K USERS Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing its users’ email addresses and other details. Users of the e-sports knowledge base were exposed via a pub ... Pierluigi Paganini January 12, 2024 Security CISA ADDS IVANTI AND MICROSOFT SHAREPOINT BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and In ... Pierluigi Paganini January 11, 2024 Hacking TWO ZERO-DAY BUGS IN IVANTI CONNECT SECURE ACTIVELY EXPLOITED Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure. Software firm Ivanti reported that threat actors are exploiting tw ... Pierluigi Paganini January 11, 2024 Cyber Crime X ACCOUNT OF LEADING CYBERSECURITY FIRM MANDIANT WAS HACKED BECAUSE NOT ADEQUATELY PROTECTED The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mand ... Pierluigi Paganini January 11, 2024 Security CISCO FIXED CRITICAL UNITY CONNECTION VULNERABILITY CVE-2024-20272 Cisco addressed a critical Unity Connection security flaw that can be exploited by an unauthenticated attacker to get root privileges. Cisco has addressed a critical flaw, tracked as CVE-2024-2027 ... Pierluigi Paganini January 11, 2024 Cyber Crime SHINYHUNTERS MEMBER SENTENCED TO THREE YEARS IN PRISON A U.S. District Court sentenced ShinyHunters hacker Sebastien Raoult to three years in prison and ordered him to pay more than $5 million in restitution. The member of the ShinyHunters hacker grou ... Pierluigi Paganini January 10, 2024 Data Breach HMG HEALTHCARE DISCLOSED A DATA BREACH The Healthcare services provider HMG Healthcare has disclosed a data breach that impacted 40 affiliated nursing facilities. In November 2023, the Healthcare services provider HMG Healthcare discov ... Pierluigi Paganini January 10, 2024 Hacking THREAT ACTORS HACKED THE X ACCOUNT OF THE SECURITIES AND EXCHANGE COMMISSION (SEC) AND ANNOUNCED FAKE BITCOIN ETF APPROVAL Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Sec ... Pierluigi Paganini January 10, 2024 Cyber Crime DECRYPTOR FOR TORTILLA VARIANT OF BABUK RANSOMWARE RELEASED Researchers and the Dutch Police released a decryptor for the Tortilla variant of the Babuk ransomware after the arrest of its operator. Cisco Talos researchers obtained a decryptor for the Babuk ... Pierluigi Paganini January 10, 2024 Security MICROSOFT PATCH TUESDAY FOR JANUARY 2024 FIXED 2 CRITICAL FLAWS Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. Microsoft Patch Tuesday security updates for January 2024 fixed 49 ... Pierluigi Paganini January 09, 2024 Security CISA ADDS APACHE SUPERSET BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Superset vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Secur ... Pierluigi Paganini January 09, 2024 Cyber Crime SYRIAN GROUP ANONYMOUS ARABIC DISTRIBUTES STEALTHY MALWARE SILVER RAT A hacker group that calls itself Anonymous Arabic is distributing a stealthy remote access trojan called Silver RAT. Cyfirma researchers observed threat actors called ‘Anonymous Arabic’ distr ... Pierluigi Paganini January 09, 2024 Cyber Crime SWISS AIR FORCE SENSITIVE FILES STOLEN IN THE HACK OF ULTRA INTELLIGENCE & COMMUNICATIONS Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web ... Pierluigi Paganini January 08, 2024 Cyber Crime DOJ CHARGED 19 INDIVIDUALS IN A TRANSNATIONAL CYBERCRIME INVESTIGATION XDEDIC MARKETPLACE 19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The U.S. DoJ charged 19 individuals worldwide for their role in the operati ... Pierluigi Paganini January 08, 2024 Malware LONG-EXISTING BANDOOK RAT TARGETS WINDOWS MACHINES A new variant of the Bandook remote access trojan (RAT) was spotted in attacks aimed at Windows machines. Reseachers from Fortinet observed a new variant of a remote access trojan dubbed Bandook� ... Pierluigi Paganini January 08, 2024 Hacking A CYBER ATTACK HIT THE BEIRUT INTERNATIONAL AIRPORT A cyber attack hit the Beirut International Airport, Rafic Hariri (Lebanon), threat actors breached the Flight Information Display System (FIDS). Threat actors hit the Beirut International Airport ... Pierluigi Paganini January 07, 2024 Breaking News IRANIAN CRYPTO EXCHANGE BIT24.CASH LEAKS USER PASSPORTS AND IDS Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced ... Pierluigi Paganini January 07, 2024 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 453 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini January 07, 2024 APT TURKISH SEA TURTLE APT TARGETS DUTCH IT AND TELECOM FIRMS Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Researchers from Dutch security firm Hunt & Hackett observed Sea Tu ... Pierluigi Paganini January 07, 2024 APT EXPERTS SPOTTED A NEW MACOS BACKDOOR NAMED SPECTRALBLUR LINKED TO NORTH KOREA Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT's malware family. Security researcher Greg Lesnewich discovered a backdoor, call ... Pierluigi Paganini January 06, 2024 Laws and regulations MERCK SETTLES WITH INSURERS REGARDING A $1.4 BILLION CLAIM OVER NOTPETYA DAMAGES Merck has resolved a dispute with insurers regarding a $1.4 billion claim arising from the NotPetya malware incident. Merck and its insurers have agreed with a $1.4 billion claim arising from the ... Pierluigi Paganini January 06, 2024 Cyber Crime THE SOURCE CODE OF ZEPPELIN RANSOMWARE SOLD ON A HACKING FORUM A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Researchers from cybersecurity firm KELA reported that a threat actor ann ... Pierluigi Paganini January 05, 2024 Cyber warfare RUSSIA-LINKED APT SANDWORM WAS INSIDE UKRAINE TELECOMS GIANT KYIVSTAR FOR MONTHS Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant ... Pierluigi Paganini January 05, 2024 Security IVANTI FIXED A CRITICAL EPM FLAW THAT CAN RESULT IN REMOTE CODE EXECUTION Ivanti fixed a critical vulnerability in its Endpoint Manager (EPM) solution that could lead to remote code execution (RCE) on vulnerable servers Ivanti has released security updates to address a ... Pierluigi Paganini January 05, 2024 Security MYESTATEPOINT PROPERTY SEARCH ANDROID APP LEAKS USER PASSWORDS The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real e ... Pierluigi Paganini January 05, 2024 Hacking HACKER HIJACKED ORANGE SPAIN RIPE ACCOUNT CAUSING INTERNET OUTAGE TO COMPANY CUSTOMERS An internet outage impacted Orange Spain after a hacker gained access to the company's RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the R ... Pierluigi Paganini January 04, 2024 Data Breach HEALTHEC DATA BREACH IMPACTED MORE THAN 4.5 MILLION PEOPLE Healthcare technology company HealthEC disclosed a data breach that exposed the personal information of 4.5 million Individuals. Healthcare technology company HealthEC (HEC) disclosed a data brea ... Pierluigi Paganini January 04, 2024 Malware EXPERTS FOUND 3 MALICIOUS PACKAGES HIDING CRYPTO MINERS IN PYPI REPOSITORY Researchers discovered three malicious packages in the PyPI repository targeting Linux systems with a cryptocurrency miner. Fortinet researchers discovered three malicious packages in the open-sou ... Pierluigi Paganini January 04, 2024 Hacking CROOKS HACKED MANDIANT X ACCOUNT TO PUSH CRYPTOCURRENCY SCAM The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity fi ... Pierluigi Paganini January 04, 2024 Cyber Crime CYBERCRIMINALS IMPLEMENTED ARTIFICIAL INTELLIGENCE (AI) FOR INVOICE FRAUD Crooks created a new tool that uses Artificial Intelligence (AI) for creating fraudulent invoices used for wire fraud and BEC. Resecurity has uncovered a cybercriminal faction known as "GXC Team", ... Pierluigi Paganini January 03, 2024 Security CISA ADDS CHROME AND PERL LIBRARY FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Se ... Pierluigi Paganini January 03, 2024 Reports DON’T TRUST LINKS WITH KNOWN DOMAINS: BMW AFFECTED BY REDIRECT VULNERABILITY Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge ... Pierluigi Paganini January 03, 2024 Cyber Crime HACKERS STOLE MORE THAN $81 MILLION WORTH OF CRYPTO ASSETS FROM ORBIT CHAIN Crypto platform Orbit Chain suffered a cyberattack, threat actors have stolen more than $81 million worth of cryptocurrency. Orbit Chain has suffered a security breach that has resulted in the the ... Pierluigi Paganini January 03, 2024 Intelligence UKRAINE’S SBU SAID THAT RUSSIA'S INTELLIGENCE HACKED SURVEILLANCE CAMERAS TO DIRECT A MISSILE STRIKE ON KYIV Ukraine’s SBU revealed that Russia-linked threat actors hacked surveillance cameras to spy on air defense forces and critical infrastructure in Kyiv. Ukraine’s SBU announced they shut down two ... Pierluigi Paganini January 03, 2024 Malware EXPERTS WARN OF JINXLOADER LOADER USED TO SPREAD FORMBOOK AND XLOADER JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader. Researchers from Palo Alto Networks and Symantec warned of a new Go-based malware ... Pierluigi Paganini January 02, 2024 Hacking TERRAPIN ATTACK ALLOWS TO DOWNGRADE SSH PROTOCOL SECURITY Researchers discovered an SSH vulnerability, called Terrapin, that could allow an attacker to downgrade the connection's security. Security researchers from Ruhr University Bochum (Fabian Bäumer, ... Pierluigi Paganini January 02, 2024 Hacking MULTIPLE ORGANIZATIONS IN IRAN WERE BREACHED BY A MYSTERIOUS HACKER Hudson Researchers reported that a mysterious hacker launched a series of attacks against industry-leading companies in Iran. Hudson Researchers reported that on December 20th, a hacker using the ... Pierluigi Paganini January 02, 2024 Breaking News TOP 2023 SECURITY AFFAIRS CYBERSECURITY STORIES These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA ... Pierluigi Paganini January 01, 2024 Hacking MALWARE EXPLOITS UNDOCUMENTED GOOGLE OAUTH ENDPOINT TO REGENERATE GOOGLE COOKIES CloudSEK researchers analyzed a zero-day exploit that can allow the generation of persistent Google cookies through token manipulation. In October 2023, a developer known as PRISMA first uncovered ... Pierluigi Paganini January 01, 2024 Cyber Crime CACTUS RANSOMWARE GANG HIT THE SWEDISH RETAIL AND GROCERY PROVIDER COOP The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden. Coop is one of the largest retail and grocery providers in Sweden, with approxima ... Pierluigi Paganini January 01, 2024 Laws and regulations GOOGLE AGREED TO SETTLE A $5 BILLION PRIVACY LAWSUIT Google has agreed to settle a $5 billion privacy lawsuit, which alleged that the company monitored individuals using the Chrome "incognito" mode. Google agreed to settle a $5 billion privacy lawsu ... Pierluigi Paganini December 31, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 452 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 31, 2023 Cyber Crime INC RANSOM RANSOMWARE GANG CLAIMS TO HAVE BREACHED XEROX CORP The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. Xerox Corp provides document management solutions worldwide. The company's Document Technol ... Pierluigi Paganini December 30, 2023 Security SPOTIFY MUSIC CONVERTER TUNEFAB PUTS USERS AT RISK TuneFab converter, used to convert copyrighted music from streaming platforms such as Spotify, Amazon’s Audible, or Apple Music, has exposed its users' private data. Cybernews research showed th ... Pierluigi Paganini December 30, 2023 Security CYBER ATTACKS HIT THE ASSEMBLY OF THE REPUBLIC OF ALBANIA AND TELECOM COMPANY ONE ALBANIA Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania, a government agency reported. Albania's National Authority for Electronic Certification and Cyber Securit ... Pierluigi Paganini December 29, 2023 APT RUSSIA-LINKED APT28 USED NEW MALWARE IN A RECENT PHISHING CAMPAIGN Ukraine's CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of ... Pierluigi Paganini December 29, 2023 Security CLASH OF CLANS GAMERS AT RISK WHILE USING THIRD-PARTY APP An exposed database and secrets on a third-party app puts Clash of Clans players at risk of attacks from threat actors. The Cybernews research team has discovered that the Clash Base Designer Easy ... Pierluigi Paganini December 29, 2023 Malware NEW VERSION OF MEDUZA STEALER RELEASED IN DARK WEB The Resecurity's HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity's HUNTER unit spotted the author of perspec ... Pierluigi Paganini December 29, 2023 Intelligence OPERATION TRIANGULATION ATTACKS RELIED ON AN UNDOCUMENTED HARDWARE FEATURE Experts discovered that Operation Triangulation targeting Apple iOS devices leveraged an undocumented hardware feature. Researchers from the Russian cybersecurity firm Kaspersky discovered that t ... Pierluigi Paganini December 28, 2023 Deep Web CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported. On Christmas Eve, Resecurity protecting Fortune 100 and government agencies globall ... Pierluigi Paganini December 28, 2023 Cyber Crime LOCKBIT RANSOMWARE ATTACK INTERRUPTED MEDICAL EMERGENCIES GANG AT A GERMAN HOSPITAL NETWORK A Lockbit ransomware attack against the German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) caused service disruptions at three hospitals. German hospital network Katholisch ... Pierluigi Paganini December 28, 2023 Security EXPERTS WARN OF CRITICAL ZERO-DAY IN APACHE OFBIZ Experts warn of a zero-day flaw that affects Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system. Experts warn of an authentication bypass zero-day flaw that affects Apache OfBi ... Pierluigi Paganini December 28, 2023 Malware XAMALICIOUS ANDROID MALWARE DISTRIBUTED THROUGH THE PLAY STORE Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdo ... Pierluigi Paganini December 27, 2023 Breaking News BARRACUDA FIXED A NEW ESG ZERO-DAY EXPLOITED BY CHINESE GROUP UNC4841 Security firm Barracuda addressed a new zero-day, affecting its Email Security Gateway (ESG) appliances, that is actively exploited by the China-linked UNC4841 group. On December 21, network and e ... Pierluigi Paganini December 27, 2023 Security ELECTIONS 2024, ARTIFICIAL INTELLIGENCE COULD UPSET WORLD BALANCES Governments should recognize electoral processes as critical infrastructure and enact laws to regulate the use of generative Artificial Intelligence. Elections are scheduled in several countries w ... Pierluigi Paganini December 27, 2023 Hacking EXPERTS ANALYZED ATTACKS AGAINST POORLY MANAGED LINUX SSH SERVERS Researchers warn of attacks against poorly managed Linux SSH servers that mainly aim at installing DDoS bot and CoinMiner. Researchers at AhnLab Security Emergency Response Center (ASEC) are warni ... Pierluigi Paganini December 27, 2023 Data Breach A CYBERATTACK HIT AUSTRALIAN HEALTHCARE PROVIDER ST VINCENT’S HEALTH AUSTRALIA St Vincent’s Health Australia, the largest Australian healthcare provider, suffered a data breach after a cyber attack. St Vincent’s Health Australia is the largest non-profit healthcare prov ... Pierluigi Paganini December 27, 2023 Cyber Crime RHYSIDA RANSOMWARE GROUP HACKED ABDALI HOSPITAL IN JORDAN The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. Abdali Hospital is a multi-specialty hospital located in the modern developm ... Pierluigi Paganini December 26, 2023 Malware CARBANAK MALWARE RETURNED IN RANSOMWARE ATTACKS Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in Novemb ... Pierluigi Paganini December 26, 2023 Reports RESECURITY RELEASED A 2024 CYBER THREAT LANDSCAPE FORECAST Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldw ... Pierluigi Paganini December 26, 2023 Hacking APT GROUP UAC-0099 TARGETS UKRAINE EXPLOITING A WINRAR FLAW The threat actor UAC-0099 is exploiting a flaw in the WinRAR to deliver LONEPAGE malware in attacks against Ukraine. A threat actor, tracked as UAC-0099, continues to target Ukraine. In some att ... Pierluigi Paganini December 25, 2023 APT IRAN-LINKED APT33 TARGETS DEFENSE INDUSTRIAL BASE SECTOR WITH FALSEFONT BACKDOOR Microsoft reports that the Iran-linked APT33 group is targeting defense contractors worldwide with FalseFont backdoor. Microsoft says the APT33 (aka Peach Sandstorm, Holmium, Elfin, and Magic ... Pierluigi Paganini December 25, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 451 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.Enjoy a new round of the weekly SecurityAf ... Pierluigi Paganini December 25, 2023 Security EUROPOL AND ENISA SPOTTED 443 E-STORES COMPROMISED WITH DIGITAL SKIMMING A joint law enforcement operation led by Europol and the ENISA, along with private security firms, identified 443 online shops compromised with digital skimming. Europol and ENISA collaborated in ... Pierluigi Paganini December 24, 2023 Data Breach VIDEO GAME GIANT UBISOFT INVESTIGATES REPORTS OF A DATA BREACH Video game publisher Ubisoft is investigating reports of an alleged data breach after popular researchers shared evidence of the hack. Ubisoft, the popular video game publisher, is examining repor ... Pierluigi Paganini December 24, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG CLAIMS TO HAVE BREACHED ACCOUNTANCY FIRM XEINADIN The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy ... Pierluigi Paganini December 23, 2023 Data Breach MOBILE VIRTUAL NETWORK OPERATOR MINT MOBILE DISCLOSES A DATA BREACH Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers' personal information. Mint Mobile experienced a recent data breach, exposing customer ... Pierluigi Paganini December 23, 2023 Cyber Crime AKIRA RANSOMWARE GANG CLAIMS THE THEFT OF SENSITIVE DATA FROM NISSAN AUSTRALIA The Akira ransomware group announced it had breached the network of Nissan Australia, the Australian branch of the car maker giant. The Akira ransomware gang claimed to have breached Nissan Austra ... Pierluigi Paganini December 22, 2023 Cyber Crime MEMBER OF LAPSUS$ GANG SENTENCED TO AN INDEFINITE HOSPITAL ORDER A member of the Lapsus$ cyber extortion group, Arion Kurtaj, has been sentenced to an indefinite hospital order. The UK Southwark Crown Court has sentenced Arion Kurtaj, a prominent member of the ... Pierluigi Paganini December 22, 2023 Security REAL ESTATE AGENCY EXPOSES DETAILS OF 690K CUSTOMERS An exposed instance contained information for a customer relationship management (CRM) system that likely belongs to Goyzer, a real estate property management software maker, the Cybernews research t ... Pierluigi Paganini December 22, 2023 Security ESET FIXED A HIGH-SEVERITY BUG IN THE SECURE TRAFFIC SCANNING FEATURE OF SEVERAL PRODUCTS ESET fixes a high-severity flaw in Secure Traffic Scanning Feature that could have been exploited to cause web browsers to trust sites that should not be trusted. ESET has addressed a vulnerabilit ... Pierluigi Paganini December 21, 2023 Cyber Crime PHISHING ATTACKS USE AN OLD MICROSOFT OFFICE FLAW TO SPREAD AGENT TESLA MALWARE Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability ... Pierluigi Paganini December 21, 2023 Breaking News DATA LEAK EXPOSES USERS OF CAR-SHARING SERVICE BLINK MOBILITY More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. The Cybernews research team has discovered that their personal data ... Pierluigi Paganini December 21, 2023 Security GOOGLE ADDRESSED A NEW ACTIVELY EXPLOITED CHROME ZERO-DAY Google has released emergency updates to address a new actively exploited zero-day vulnerability in the Chrome browser. Google has released emergency updates to address a new zero-day vulnerabili ... Pierluigi Paganini December 20, 2023 Cyber Crime GERMAN POLICE SEIZED THE DARK WEB MARKETPLACE KINGDOM MARKET The German police seized the dark web marketplace Kingdom Market as a result of an international law enforcement operation. The Federal Criminal Police Office in Germany (BKA) and the internet-cri ... Pierluigi Paganini December 20, 2023 Cyber Crime LAW ENFORCEMENT OPERATION HAECHI IV LED TO THE SEIZURE OF $300 MILLION An international law enforcement operation, named HAECHI IV, led to the arrest of approximately 3,500 suspects and the seizure of roughly $300 million worth of assets. Interpol this week announced ... Pierluigi Paganini December 20, 2023 Malware SOPHISTICATED JASKAGO INFO STEALER TARGETS MACOS AND WINDOWS JaskaGO is a new Go-based information stealer malware that targets both Windows and Apple macOS systems, experts warn. Researchers from AT&T Alien Labs uncovered a previously undetected Go-ba ... Pierluigi Paganini December 20, 2023 Data Breach BMW DEALER AT RISK OF TAKEOVER BY CYBERCRIMINALS By neglecting to set a password, a BMW dealer in India has jeopardized the entire network of car dealerships in the country and put its clients at risk. The Cybernews research team has discovered ... Pierluigi Paganini December 20, 2023 Data Breach COMCAST’S XFINITY CUSTOMER DATA EXPOSED AFTER CITRIXBLEED ATTACK Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast's Xfinity is notifying its customers about the compromise of t ... Pierluigi Paganini December 19, 2023 Breaking News FBI CLAIMS TO HAVE DISMANTLED ALPHV/BLACKCAT RANSOMWARE OPERATION, BUT THE GROUP DENIES IT The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware ... Pierluigi Paganini December 19, 2023 Cyber Crime SMISHING TRIAD: CYBERCRIMINALS IMPERSONATE UAE FEDERAL AUTHORITY FOR IDENTITY AND CITIZENSHIP ON THE PEAK OF HOLIDAYS SEASON Smishing Triad: Researchers warn crooks impersonating UAE Federal Authority for Identity and citizenship ahead of the Holiday Season Resecurity, Inc. (USA) has identified a new fraudulent campaign ... Pierluigi Paganini December 19, 2023 Cyber Crime THE RANSOMWARE ATTACK ON WESTPOLE IS DISRUPTING DIGITAL SERVICES FOR ITALIAN PUBLIC ADMINISTRATION An alleged Lockbit 3.0 ransomware attack on the Italian cloud service provider Westpole disrupted multiple services of local and government organizations and municipalities. A cyber attack hit on ... Pierluigi Paganini December 19, 2023 Malware INFO STEALERS AND HOW TO PROTECT AGAINST THEM Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. So, how do you protect against them? Info stealers, also known as information stea ... Pierluigi Paganini December 18, 2023 Hacktivism PRO-ISRAEL PREDATORY SPARROW HACKER GROUP DISRUPTED SERVICES AT AROUND 70% OF IRAN’S FUEL STATIONS A group of Pro-Israel hacktivists, called Predatory Sparrow, is suspected of having carried out a cyber attack against petrol stations across Iran. A Pro-Israel hacktivist group, called Predatory ... Pierluigi Paganini December 18, 2023 Cyber Crime QAKBOT IS BACK AND TARGETS THE HOSPITALITY INDUSTRY Experts warn of a new phishing campaign distributing the QakBot malware, months after law enforcement dismantled its infrastructure. In August, the FBI announced that the Qakbot bot ... Pierluigi Paganini December 18, 2023 Hacking A SUPPLY CHAIN ATTACK ON CRYPTO HARDWARE WALLET LEDGER LED TO THE THEFT OF $600K A supply chain attack against Crypto hardware wallet maker Ledger resulted in the theft of $600,000 in virtual assets. Threat actors pushed a malicious version of the "@ledgerhq/connect-kit" npm ... Pierluigi Paganini December 18, 2023 Hacking MONGODB INVESTIGATES A CYBERATTACK, CUSTOMER DATA EXPOSED MongoDB on Saturday announced it is investigating a cyberattack that exposed customer account metadata and contact information. MongoDB on Saturday disclosed it is investigating a cyber attack aga ... Pierluigi Paganini December 17, 2023 Hacking INFECTEDSLURS BOTNET TARGETS QNAP VIOSTOR NVR VULNERABILITY The Mirai-based botnet InfectedSlurs was spotted targeting QNAP VioStor NVR (Network Video Recorder) devices. In November, Akamai warned of a new Mirai-based DDoS botnet, named InfectedSlurs, acti ... Pierluigi Paganini December 17, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 450 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 17, 2023 Data Breach HUNTERS INTERNATIONAL RANSOMWARE GANG CLAIMS TO HAVE HACKED THE FRED HUTCH CANCER CENTER The Hunters International ransomware gang claims to have hacked the Fred Hutchinson Cancer Center (Fred Hutch). Another healthcare organization suffered a ransomware attack, the Hunters Internatio ... Pierluigi Paganini December 16, 2023 Malware NEW NKABUSE MALWARE ABUSES NKN DECENTRALIZED P2P NETWORK PROTOCOL Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team (GERT) ... Pierluigi Paganini December 16, 2023 Cyber Crime SNATCH RANSOMWARE GANG CLAIMS THE HACK OF THE FOOD GIANT KRAFT HEINZ The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. Kraft Heinz is an American food company, it is one of the largest food and ... Pierluigi Paganini December 15, 2023 Security MULTIPLE FLAWS IN PFSENSE FIREWALL CAN LEAD TO ARBITRARY CODE EXECUTION Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgat ... Pierluigi Paganini December 15, 2023 Cyber Crime BIANLIAN, WHITE RABBIT, AND MARIO RANSOMWARE GANGS SPOTTED IN A JOINT CAMPAIGN Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Based on a recent Digital Forensics & Incident Response (DFIR) e ... Pierluigi Paganini December 15, 2023 Security DATA OF OVER A MILLION USERS OF THE CRYPTO EXCHANGE GOKUMARKET EXPOSED GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered. The leak comes aft ... Pierluigi Paganini December 15, 2023 Data Breach IDAHO NATIONAL LABORATORY DATA BREACH IMPACTED 45,047 INDIVIDUALS The Idaho National Laboratory (INL) announced that it has suffered a data breach impacting more than 45,000 individuals. In November, the hacktivist group SiegedSec claimed responsibility for the ... Pierluigi Paganini December 15, 2023 Security UBIQUITI USERS CLAIM TO HAVE ACCESS TO OTHER PEOPLE’S DEVICES Users of Ubiquiti WiFi products started reporting that they are accessing other people’s devices when logging into their accounts. Some users of Ubiquiti wifi products started reporting unexpec ... Pierluigi Paganini December 14, 2023 APT RUSSIA-LINKED APT29 SPOTTED TARGETING JETBRAINS TEAMCITY SERVERS Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. Experts warn that the Russia-linked APT29 group has been observed targeting JetBrains ... Pierluigi Paganini December 14, 2023 Security MICROSOFT SEIZED THE US INFRASTRUCTURE OF THE STORM-1152 CYBERCRIME GROUP Microsoft's Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft's Digital Crimes Unit seized multiple domains used by a c ... Pierluigi Paganini December 14, 2023 Cyber Crime FRENCH AUTHORITIES ARRESTED A RUSSIAN NATIONAL FOR HIS ROLE IN THE HIVE RANSOMWARE OPERATION French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian ... Pierluigi Paganini December 14, 2023 APT CHINA-LINKED APT VOLT TYPHOON LINKED TO KV-BOTNET Researchers linked a sophisticated botnet, tracked as KV-Botnet, to the operation of the China-linked threat actor Volt Typhoon. The Black Lotus Labs team at Lumen Technologies linked a small offi ... Pierluigi Paganini December 14, 2023 Security UK HOME OFFICE IS IGNORING THE RISK OF 'CATASTROPHIC RANSOMWARE ATTACKS,' REPORT WARNS A Joint Committee on the National Security Strategy (JCNSS) warns of the high risk of a catastrophic ransomware attack on the UK government. The British government is accused of failing to mitigat ... Pierluigi Paganini December 13, 2023 Hacking OAUTH APPS USED IN CRYPTOCURRENCY MINING, PHISHING CAMPAIGNS, AND BEC ATTACKS Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in crypt ... Pierluigi Paganini December 13, 2023 Security SOPHOS BACKPORTS FIX FOR CVE-2022-3236 FOR EOL FIREWALL FIRMWARE VERSIONS DUE TO ONGOING ATTACKS Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. Sophos backports the fix for the critical code injection ... Pierluigi Paganini December 13, 2023 Security DECEMBER 2023 MICROSOFT PATCH TUESDAY FIXED 4 CRITICAL FLAWS Microsoft Patch Tuesday security updates for December 2023 addressed 33 vulnerabilities in multiple products, including a zero-day. Microsoft Patch Tuesday security updates for December 2023 addre ... Pierluigi Paganini December 13, 2023 Cyber warfare UKRAINIAN MILITARY INTELLIGENCE SERVICE HACKED THE RUSSIAN FEDERAL TAXATION SERVICE The Ukrainian government's military intelligence service announced the hack of the Russian Federal Taxation Service (FNS). Hackers of the Main Intelligence Directorate of the Ministry of Defense o ... Pierluigi Paganini December 12, 2023 Hacking KYIVSTAR, UKRAINE'S LARGEST MOBILE CARRIER BROUGHT DOWN BY A CYBER ATTACK Kyivstar, the largest Ukraine service provider, was hit by a cyber attack that paralyzed its services. The attack is linked to the ongoing conflict. Kyivstar, the largest Ukraine service provider ... Pierluigi Paganini December 12, 2023 Security DUBAI’S LARGEST TAXI APP EXPOSES 220K+ USERS The Dubai Taxi Company (DTC) app, which provides taxi, limousine, and other transport services, left a database open to the public, exposing sensitive customer and driver data. Dubai Taxi Company, ... Pierluigi Paganini December 12, 2023 APT OPERATION BLACKSMITH: LAZARUS EXPLOITS LOG4J FLAWS TO DEPLOY DLANG MALWARE North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a ne ... Pierluigi Paganini December 12, 2023 Security APPLE RELEASED IOS 17.2 TO ADDRESS A DOZEN OF SECURITY FLAWS Apple rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. The company released iOS 17.2 and iPadOS 17.2 which address a dozen of ... Pierluigi Paganini December 12, 2023 Data Breach TOYOTA FINANCIAL SERVICES DISCLOSES A DATA BREACH Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a d ... Pierluigi Paganini December 11, 2023 Hacking APACHE FIXED CRITICAL RCE FLAW CVE-2023-50164 IN STRUTS 2 The Apache Software Foundation addressed a critical remote code execution vulnerability in the Apache Struts 2 open-source framework. The Apache Software Foundation released security updates to ad ... Pierluigi Paganini December 11, 2023 Security CISA ADDS QLIK SENSE FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Qlik Sense vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ... Pierluigi Paganini December 11, 2023 Security CISA AND ENISA SIGNED A WORKING ARRANGEMENT TO ENHANCE COOPERATION ENISA has signed a Working Arrangement with the US CISA to enhance capacity-building, best practices exchange and awareness. The European Union Agency for Cybersecurity (ENISA) has signed a Workin ... Pierluigi Paganini December 11, 2023 Hacking RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users' Google accounts. The security researcher Jose Rodriguez (@VBarraquito) discovered a ... Pierluigi Paganini December 10, 2023 Security WORDPRESS 6.4.2 FIXED A REMOTE CODE EXECUTION (RCE) FLAW WordPress 6.4.2 addressed a security vulnerability that could be chained with another flaw to achieve remote code execution. WordPress released a security update to address a flaw that can be chai ... Pierluigi Paganini December 10, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 449 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 10, 2023 Hacktivism HACKTIVISTS HACKED AN IRISH WATER UTILITY AND INTERRUPTED THE WATER SUPPLY Threat actors launched a cyberattack on an Irish water utility causing the interruption of the power supply for two days. Threat actors hacked a small water utility in Ireland and interrupted the ... Pierluigi Paganini December 09, 2023 Hacking 5GHOUL FLAWS IMPACT HUNDREDS OF 5G DEVICES WITH QUALCOMM, MEDIATEK CHIPS A set of flaws, collectively called 5Ghoul, in the firmware implementation of 5G mobile network modems from major vendors impacts Android and iOS devices. A team of researchers from the Singapore ... Pierluigi Paganini December 09, 2023 Data Breach NORTON HEALTHCARE DISCLOSED A DATA BREACH AFTER A RANSOMWARE ATTACK Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit t ... Pierluigi Paganini December 09, 2023 Hacking BYPASSING MAJOR EDRS USING POOL PARTY PROCESS INJECTION TECHNIQUES Researchers devised a novel attack vector for process injection, dubbed Pool Party, that evades EDR solutions. Researchers from cybersecurity firm SafeBreach devised a set of process injection tec ... Pierluigi Paganini December 08, 2023 Cyber Crime FOUNDER OF BITZLATO EXCHANGE HAS PLEADED FOR UNLICENSED MONEY TRANSMITTING Anatoly Legkodymov, the founder of the Bitzlato cryptocurrency exchange has pleaded in a money-laundering scheme. Anatoly Legkodymov (41) (aka Anatolii Legkodymov, Gandalf, and Tolik), the Russian ... Pierluigi Paganini December 08, 2023 Mobile ANDROID BARCODE SCANNER APP EXPOSES USER PASSWORDS An Android app with over 100k Google Play downloads and a 4.5-star average rating has let an open instance go unchecked, leaving sensitive user data up for grabs. The Cybernews team discovered the ... Pierluigi Paganini December 08, 2023 APT UK AND US EXPOSE RUSSIA CALLISTO GROUP'S ACTIVITY AND SANCTION MEMBERS The UK NCSC and Microsoft warned that Russia-linked threat actor Callisto Group is targeting organizations worldwide. The UK National Cyber Security Centre (NCSC) and Microsoft reported that the R ... Pierluigi Paganini December 07, 2023 Security A CYBER ATTACK HIT NISSAN OCEANIA Japanese carmaker Nissan announced it has suffered a cyberattack impacting the internal systems at Nissan Oceania. Nissan Oceania, the regional division of the multinational carmaker, announced it ... Pierluigi Paganini December 07, 2023 Malware NEW KRASUE LINUX RAT TARGETS TELECOM COMPANIES IN THAILAND A previously undetected Linux RAT dubbed Krasue has been observed targeting telecom companies in Thailand. Group-IB researchers discovered a previously undetected Linux remote access trojan called ... Pierluigi Paganini December 07, 2023 Security ATLASSIAN ADDRESSED FOUR NEW RCE FLAWS IN ITS PRODUCTS Australian Software giant Atlassian addressed four critical Remote Code Execution (RCE) vulnerabilities in its products. Atlassian released security patches to address four critical remote c ... Pierluigi Paganini December 06, 2023 Security CISA ADDS QUALCOMM FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds four Qualcomm vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security ... Pierluigi Paganini December 06, 2023 Security EXPERTS DEMONSTRATE A POST-EXPLOITATION TAMPERING TECHNIQUE TO DISPLAY FAKE LOCKDOWN MODE Researchers devised a new post-exploitation tampering technique to trick users into believing that their iPhone is in Lockdown Mode. Researchers from Jamf Threat Labs devised a new post-exploit ta ... Pierluigi Paganini December 06, 2023 Hacking GST INVOICE BILLING INVENTORY EXPOSES SENSITIVE DATA TO THREAT ACTORS GST Invoice Billing Inventory, a business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up for grabs. ... Pierluigi Paganini December 06, 2023 Security THREAT ACTORS BREACHED US GOVT SYSTEMS BY EXPLOITING ADOBE COLDFUSION FLAW The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. The U.S. Cybersecurity and Infrastructure Security Agency ... Pierluigi Paganini December 06, 2023 Security ENISA PUBLISHED THE ENISA THREAT LANDSCAPE FOR DOS ATTACKS REPORT ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk ... Pierluigi Paganini December 05, 2023 APT RUSSIA-LINKED APT28 GROUP SPOTTED EXPLOITING OUTLOOK FLAW TO HIJACK MS EXCHANGE ACCOUNTS Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Microsoft's Threat Intelligence is warning of Russi ... Pierluigi Paganini December 05, 2023 Mobile GOOGLE FIXED CRITICAL ZERO-CLICK RCE IN ANDROID Google fixed a critical zero-click RCE vulnerability (CVE-2023-40088) with the release of the December 2023 Android security updates. Google December 2023 Android security updates addressed 85 vul ... Pierluigi Paganini December 05, 2023 Malware NEW P2PINFECT BOT TARGETS ROUTERS AND IOT DEVICES Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botne ... Pierluigi Paganini December 04, 2023 Cyber Crime MALVERTISING ATTACKS RELY ON DANABOT TROJAN TO SPREAD CACTUS RANSOMWARE Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to ... Pierluigi Paganini December 04, 2023 Cyber Crime LOCKBIT ON A ROLL - ICBC RANSOMWARE ATTACK STRIKES AT THE HEART OF THE GLOBAL FINANCIAL ORDER The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. The ransomware breach that crippled U.S. Treasu ... Pierluigi Paganini December 04, 2023 Security ZYXEL FIXED TENS OF FLAWS IN FIREWALLS, ACCESS POINTS, AND NAS DEVICES Zyxel addressed tens of vulnerabilities that expose users to cyber attacks, including command injection and authentication bypass. Taiwanese vendor Zyxel addressed tens of vulnerabilities in its f ... Pierluigi Paganini December 04, 2023 Malware NEW AGENT RACCOON MALWARE TARGETS THE MIDDLE EAST, AFRICA AND THE US Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is ... Pierluigi Paganini December 03, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 448 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini December 03, 2023 Hacking RESEARCHERS DEVISED AN ATTACK TECHNIQUE TO EXTRACT CHATGPT TRAINING DATA Researchers devised an attack technique that could have been used to trick ChatGPT into disclosing training data. A team of researchers from several universities and Google have demonstrated an at ... Pierluigi Paganini December 02, 2023 Security FORTUNE-TELLING WEBSITE WEMYSTIC EXPOSES 13M+ USER RECORDS WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms' users. Telling the future is a tricky bus ... Pierluigi Paganini December 02, 2023 Security EXPERT WARNS OF TURTLE MACOS RANSOMWARE The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detaile ... Pierluigi Paganini December 01, 2023 Cyber Crime BLACK BASTA RANSOMWARE GANG ACCUMULATED AT LEAST $107 MILLION IN BITCOIN RANSOM PAYMENTS SINCE EARLY 2022 The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, l ... Pierluigi Paganini December 01, 2023 Security CISA ADDS OWNCLOUD AND GOOGLE CHROME BUGS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Googl ... Pierluigi Paganini December 01, 2023 Security APPLE ADDRESSED 2 NEW IOS ZERO-DAY VULNERABILITIES Apple released emergency security updates to fix two actively exploited zero-day flaws impacting iPhone, iPad, and Mac devices. Apple released emergency security updates to address two zero-day vu ... Pierluigi Paganini November 30, 2023 Hacking CRITICAL ZOOM ROOM BUG ALLOWED TO GAIN ACCESS TO ZOOM TENANTS A critical vulnerability in Zoom Room allowed threat actors to take over meetings and steal sensitive data. Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne ... Pierluigi Paganini November 30, 2023 Cyber Crime RHYSIDA RANSOMWARE GROUP HACKED KING EDWARD VII’S HOSPITAL IN LONDON The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. King Edward VII's Hospital is a private hospital located on Beaumont Street in the Marylebone district o ... Pierluigi Paganini November 30, 2023 Security GOOGLE ADDRESSED THE SIXTH CHROME ZERO-DAY VULNERABILITY IN 2023 Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to addre ... Pierluigi Paganini November 29, 2023 Hacking OKTA REVEALS ADDITIONAL ATTACKERS' ACTIVITIES IN OCTOBER 2023 BREACH Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 20 ... Pierluigi Paganini November 29, 2023 Security THOUSANDS OF SECRETS LURK IN APP IMAGES ON DOCKER HUB Thousands of secrets have been left exposed on Docker Hub, a platform where web developers collaborate on their code for web applications. While some are harmless API keys, others could lead to unaut ... Pierluigi Paganini November 29, 2023 Hacking THREAT ACTORS STARTED EXPLOITING CRITICAL OWNCLOUD FLAW CVE-2023-49103 Threat actors started exploiting a critical ownCloud vulnerability (CVE-2023-49103) that can lead to sensitive information disclosure. ownCloud is an open-source software platform designed for fil ... Pierluigi Paganini November 28, 2023 Cyber Crime INTERNATIONAL POLICE OPERATION DISMANTLED A PROMINENT UKRAINE-BASED RANSOMWARE GROUP An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the ... Pierluigi Paganini November 28, 2023 Cyber Crime DAIXIN TEAM GROUP CLAIMED THE HACK OF NORTH TEXAS MUNICIPAL WATER DISTRICT The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional wa ... Pierluigi Paganini November 28, 2023 Cyber Crime HEALTHCARE PROVIDER ARDENT HEALTH SERVICES DISCLOSED A RANSOMWARE ATTACK The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and othe ... Pierluigi Paganini November 28, 2023 Cyber warfare UKRAINE'S INTELLIGENCE SERVICE HACKED RUSSIA'S FEDERAL AIR TRANSPORT AGENCY, ROSAVIATSIA Ukraine's intelligence service announced the hack of the Russian Federal Air Transport Agency, 'Rosaviatsia.' Ukraine's intelligence service announced they have hacked Russia's Federal Air Transpo ... Pierluigi Paganini November 27, 2023 Hacktivism IRANIAN HACKER GROUP CYBER AV3NGERS HACKED THE MUNICIPAL WATER AUTHORITY OF ALIQUIPPA IN PENNSYLVANIA Threat actors breached the Municipal Water Authority of Aliquippa in Pennsylvania and took control of a booster station. During the weekend, Iranian threat actors hacked the Municipal Water Author ... Pierluigi Paganini November 27, 2023 Hacking THE HACK OF MSP PROVIDER CTS POTENTIALLY IMPACTED HUNDREDS OF UK LAW FIRMS The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom. CTS is a trusted provider of IT services to the legal sector in the UK. The co ... Pierluigi Paganini November 27, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 447 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 26, 2023 Cyber Crime RHYSIDA RANSOMWARE GANG CLAIMED CHINA ENERGY HACK The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering ... Pierluigi Paganini November 25, 2023 APT NORTH KOREA-LINKED APT LAZARUS IS USING A MAGICLINE4NX ZERO-DAY FLAW IN SUPPLY CHAIN ATTACK UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply-chain attack The National Cyber Security Centre (NCSC) and Korea's National Int ... Pierluigi Paganini November 25, 2023 Malware HAMAS-LINKED APT USES RUST-BASED SYSJOKER BACKDOOR AGAINST ISRAEL Researchers reported that a Hamas-linked APT group is using a Rust-based SysJoker backdoor against Israeli entities. Check Point researchers observed a Hamas-linked APT group is using the SysJoker ... Pierluigi Paganini November 25, 2023 Security APP USED BY HUNDREDS OF SCHOOLS LEAKING CHILDREN'S DATA Almost a million files with minors' data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. During a recent investigation, the Cybernews re ... Pierluigi Paganini November 24, 2023 Security MICROSOFT LAUNCHED ITS NEW MICROSOFT DEFENDER BOUNTY PROGRAM Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products. Microsoft launched its new Microsoft Defender Bounty Program with a focus on Defender ... Pierluigi Paganini November 24, 2023 Hacking EXPOSED KUBERNETES CONFIGURATION SECRETS CAN FUEL SUPPLY CHAIN ATTACKS Researchers warn of publicly exposed Kubernetes configuration secrets that could pose a threat of supply chain attack for organizations. Aqua Nautilus researchers warn of publicly exposed Kubernet ... Pierluigi Paganini November 24, 2023 APT NORTH KOREA-LINKED KONNI APT USES RUSSIAN-LANGUAGE WEAPONIZED DOCUMENTS North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized ... Pierluigi Paganini November 24, 2023 Malware CLEARFAKE CAMPAIGN SPREADS MACOS AMOS INFORMATION STEALER Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being ... Pierluigi Paganini November 23, 2023 Data Breach WELLTOK DATA BREACH IMPACTED 8.5 MILLION PATIENTS IN THE U.S. Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S. Welltok is a company that specializes in health optimization solutions. It provi ... Pierluigi Paganini November 23, 2023 APT NORTH KOREA-LINKED APT DIAMOND SLEET SUPPLY CHAIN ATTACK RELIES ON CYBERLINK SOFTWARE North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack. Microsoft Threat Intelligence researchers uncovered a supply cha ... Pierluigi Paganini November 23, 2023 Data Breach AUTOMOTIVE PARTS GIANT AUTOZONE DISCLOSED DATA BREACH AFTER MOVEIT HACK American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts a ... Pierluigi Paganini November 23, 2023 Malware NEW INFECTEDSLURS MIRAI-BASED BOTNET EXPLOITS TWO ZERO-DAYS Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai warned of a new Mirai-based DDoS botnet, named In ... Pierluigi Paganini November 22, 2023 Hacktivism SIEGEDSEC HACKTIVIST GROUP HACKED IDAHO NATIONAL LABORATORY (INL) The Idaho National Laboratory (INL) disclosed a data breach after the SiegedSec hacktivist group leaked stolen human resources data. SiegedSec hacktivists group claimed responsibility for the hack ... Pierluigi Paganini November 22, 2023 Security CISA ADDS LOONEY TUNABLES LINUX BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA adds Looney Tunables Linux flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Looney Tunables Linux ... Pierluigi Paganini November 22, 2023 Hacking CITRIX PROVIDES ADDITIONAL MEASURES TO ADDRESS CITRIX BLEED Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability. Citrix is providing additional measures to admins who are ... Pierluigi Paganini November 22, 2023 Digital ID TOR PROJECT REMOVED SEVERAL RELAYS ASSOCIATED WITH A SUSPICIOUS CRYPTOCURRENCY SCHEME The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users. The Tor Project announced the removal of multiple network relays t ... Pierluigi Paganini November 21, 2023 Malware EXPERTS WARN OF A SURGE IN NETSUPPORT RAT ATTACKS AGAINST EDUCATION AND GOVERNMENT SECTORS Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The Carbon Black Managed Detection & Response team is warning of a surge in the ... Pierluigi Paganini November 21, 2023 Security THE TOP 5 REASONS TO USE AN API MANAGEMENT PLATFORM Organizations need to govern and control the API ecosystem, this governance is the role of API management. Uber uses APIs (Application Programming Interfaces) to connect with third-party services ... Pierluigi Paganini November 21, 2023 Data Breach CANADIAN GOVERNMENT IMPACTED BY DATA BREACHES OF TWO OF ITS CONTRACTORS The Canadian government discloses a data breach after threat actors hacked two of its contractors. The Canadian government declared that two of its contractors,Brookfield Global Relocation S ... Pierluigi Paganini November 20, 2023 Data Breach RHYSIDA RANSOMWARE GANG IS AUCTIONING DATA STOLEN FROM THE BRITISH LIBRARY The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to th ... Pierluigi Paganini November 20, 2023 APT RUSSIA-LINKED APT29 GROUP EXPLOITED WINRAR 0DAY IN ATTACKS AGAINST EMBASSIES Russia-linked cyberespionage group APT29 has been observed leveraging the CVE-2023-38831 vulnerability in WinRAR in recent attacks. The Ukrainian National Security and Defense Council (NDSC) repor ... Pierluigi Paganini November 20, 2023 APT DARKCASINO JOINS THE LIST OF APT GROUPS EXPLOITING WINRAR ZERO-DAY The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploi ... Pierluigi Paganini November 20, 2023 Cyber Crime US TEENAGER PLEADS GUILTY TO HIS ROLE IN CREDENTIAL STUFFING ATTACK ON A BETTING SITE US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website. US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential ... Pierluigi Paganini November 20, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 446 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 19, 2023 Malware 8BASE RANSOMWARE OPERATORS USE A NEW VARIANT OF THE PHOBOS RANSOMWARE 8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the ... Pierluigi Paganini November 19, 2023 APT RUSSIAN APT GAMAREDON USES USB WORM LITTERDRIFTER AGAINST UKRAINE Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB. Check Point researchers observed Russia-linked Gamaredon spreading the worm called ... Pierluigi Paganini November 18, 2023 Breaking News THE BOARD OF DIRECTORS OF OPENAI FIRED SAM ALTMAN OpenAI fired its CEO Sam Altman, and the Chief technology officer Mira Murati appointed interim CEO to lead the company. Sam Altman has been removed as CEO of OpenAI. The company announced that Mi ... Pierluigi Paganini November 17, 2023 Data Breach MEDUSA RANSOMWARE GANG CLAIMS THE HACK OF TOYOTA FINANCIAL SERVICES Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unaut ... Pierluigi Paganini November 17, 2023 Security CISA ADDS SOPHOS WEB APPLIANCE BUG TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added three new vulnerabilities (tracked as CVE-2023-36584, CVE-2023-1671, and CVE-2023-2551) to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure ... Pierluigi Paganini November 17, 2023 APT ZIMBRA ZERO-DAY EXPLOITED TO STEAL GOVERNMENT EMAILS BY FOUR GROUPS Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments. Google Threat Analysis Group (TAG) researchers revealed t ... Pierluigi Paganini November 16, 2023 Data Breach VIETNAM POST EXPOSES 1.2TB OF DATA, INCLUDING EMAIL ADDRESSES Vietnam Post Corporation, a Vietnamese government-owned postal service, exposed security logs and employee email addresses to external cyber threats Vietnam Post Corporation, a Vietnamese governme ... Pierluigi Paganini November 16, 2023 Data Breach SAMSUNG SUFFERED A NEW DATA BREACH Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal informati ... Pierluigi Paganini November 16, 2023 Malware FBI AND CISA WARN OF ATTACKS BY RHYSIDA RANSOMWARE GANG The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to ... Pierluigi Paganini November 16, 2023 Security CRITICAL FLAW FIXED IN SAP BUSINESS ONE PRODUCT Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product. SAP November 2023 Security Patch Day includes three new and three updated secu ... Pierluigi Paganini November 15, 2023 Cyber Crime LAW ENFORCEMENT AGENCIES DISMANTLED THE ILLEGAL BOTNET PROXY SERVICE IPSTORM The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm. The IPStorm botnet was first uncovered in May 2019 while targeting Windows ... Pierluigi Paganini November 15, 2023 Security GAMBLERS’ DATA COMPROMISED AFTER CASINO GIANT STRENDUS FAILS TO SET PASSWORD Mexican online casino Strendus has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling. Strendus, one of the biggest online casinos in Mexico has ... Pierluigi Paganini November 15, 2023 Security VMWARE DISCLOSED A CRITICAL AND UNPATCHED AUTHENTICATION BYPASS FLAW IN VMWARE CLOUD DIRECTOR APPLIANCE VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. VMware disclosed an aut ... Pierluigi Paganini November 15, 2023 APT DANISH CRITICAL INFRASTRUCTURE HIT BY THE LARGEST CYBER ATTACK IN DENMARK'S HISTORY Danish critical infrastructure was hit by the largest cyber attack on record that hit the country, according to Denmark's SektorCERT. In May, Danish critical infrastructure faced the biggest cyber ... Pierluigi Paganini November 14, 2023 Cyber Crime MAJOR AUSTRALIAN PORTS BLOCKED AFTER A CYBER ATTACK ON DP WORLD A cyber attack on the logistics giant DP World caused significant disruptions in the operations of several major Australian ports. A cyberattack hit the international logistics firm DP World Aust ... Pierluigi Paganini November 14, 2023 Malware NUCLEAR AND OIL & GAS ARE MAJOR TARGETS OF RANSOMWARE GROUPS IN 2024 Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Resecurity, Inc. (USA) protecting major Fortune 1 ... Pierluigi Paganini November 14, 2023 Security CISA ADDS FIVE VULNERABILITIES IN JUNIPER DEVICES TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. The U.S. Cybe ... Pierluigi Paganini November 13, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG LEAKED DATA STOLEN FROM BOEING The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. The Boeing Company, commonly known as Boeing, is one of the world’s largest aeros ... Pierluigi Paganini November 13, 2023 APT NORTH KOREA-LINKED APT SAPPHIRE SLEET TARGETS IT JOB SEEKERS WITH BOGUS SKILLS ASSESSMENT PORTALS North Korea-linked APT group Sapphire Sleet set up bogus skills assessment portals in attacks aimed at IT job seekers. The North Korea-linked APT group Sapphire Sleet (aka APT38, BlueNoroff, Cagey ... Pierluigi Paganini November 13, 2023 Data Breach THE LORENZ RANSOMWARE GROUP HIT TEXAS-BASED COGDELL MEMORIAL HOSPITAL The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it w ... Pierluigi Paganini November 12, 2023 Data Breach THE STATE OF MAINE DISCLOSED A DATA BREACH THAT IMPACTED 1.3M PEOPLE The State of Maine disclosed a data breach that impacted about 1.3 million people after an attack hit its MOVEit file transfer install. The State of Maine was the victim of the large-scale hack ... Pierluigi Paganini November 12, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 445 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 12, 2023 Cyber Crime POLICE SEIZED BULLETPROFTLINK PHISHING-AS-A-SERVICE (PHAAS) PLATFORM The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious Bu ... Pierluigi Paganini November 11, 2023 Cyber Crime SERBIAN PLEADS GUILTY TO RUNNING ‘MONOPOLY’ DARK WEB DRUG MARKET The Serbian citizen Milomir Desnica (33) has pleaded guilty to running the dark web Monopoly drug marketplace. Milomir Desnica, a 33-year-old Serbian citizen, admited to being responsible for oper ... Pierluigi Paganini November 11, 2023 Data Breach MCLAREN HEALTH CARE REVEALED THAT A DATA BREACH IMPACTED 2.2 MILLION PEOPLE McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 million individuals. McLaren Health Care (McLaren) disclosed a data ... Pierluigi Paganini November 10, 2023 Hacktivism AFTER CHATGPT, ANONYMOUS SUDAN TOOK DOWN THE CLOUDFLARE WEBSITE After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive di ... Pierluigi Paganini November 10, 2023 Hacking INDUSTRIAL AND COMMERCIAL BANK OF CHINA (ICBC) SUFFERED A RANSOMWARE ATTACK The Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack that disrupted trades in the US Treasury market. The Industrial and Commercial Bank of China (ICBC) announced it has ... Pierluigi Paganini November 10, 2023 Hacking SYSAID ZERO-DAY EXPLOITED BY CLOP RANSOMWARE GROUP Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group. Microsoft reported the exploitation of a zero-day vulnerability, tra ... Pierluigi Paganini November 10, 2023 Cyber Crime DOLLY.COM PAYS RANSOM, ATTACKERS RELEASE DATA ANYWAY On-demand moving and delivery platform Dolly.com allegedly paid a ransom but crooks found an excuse not to hold their end of the bargain. Cybercriminals are hardly a trustworthy bunch. Case in poi ... Pierluigi Paganini November 10, 2023 Hacktivism DDOS ATTACK LEADS TO SIGNIFICANT DISRUPTION IN CHATGPT SERVICES OpenAI confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. OpenAI confirmed earlier today that the outage suffered ... Pierluigi Paganini November 09, 2023 APT RUSSIAN SANDWORM DISRUPTS POWER IN UKRAINE WITH A NEW OT ATTACK Mandiant reported that Russia-linked Sandworm APT used a novel OT attack to cause power outages during mass missile strikes on Ukraine. Mandiant researchers reported that Russia-linked APT group S ... Pierluigi Paganini November 09, 2023 Security VEEAM FIXED MULTIPLE FLAWS IN VEEAM ONE, INCLUDING CRITICAL ISSUES Veeam addressed multiple vulnerabilities in its Veeam ONE IT infrastructure monitoring and analytics platform, including two critical issues. Veeam addressed four vulnerabilities (CVE-2023-38547, ... Pierluigi Paganini November 07, 2023 Security PRO-PALESTINIAN HACKERS GROUP 'SOLDIERS OF SOLOMON' DISRUPTED THE PRODUCTION CYCLE OF THE BIGGEST FLOUR PRODUCTION PLANT IN ISRAEL Pro-Palestinian hackers group 'Soldiers of Solomon' claims to have hacked one of the largest Israeli flour plants causing severe damage to the operations. The Pro-Palestinian hackers group 'Soldie ... Pierluigi Paganini November 07, 2023 APT IRANIAN AGONIZING SERPENS APT IS TARGETING ISRAELI ENTITIES WITH DESTRUCTIVE CYBER ATTACKS Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January. Iran-linked Agonizing Serpens group (aka Agrius, BlackShadow,&n ... Pierluigi Paganini November 07, 2023 Security CRITICAL CONFLUENCE FLAW EXPLOITED IN RANSOMWARE ATTACKS Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server. Over the weekend threat actors started exploiting a recent ... Pierluigi Paganini November 06, 2023 Security QNAP FIXED TWO CRITICAL VULNERABILITIES IN QTS OS AND APPS Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices. Taiwanese vendor QNAP Systems addressed two critical command in ... Pierluigi Paganini November 06, 2023 Hacking ATTACKERS USE GOOGLE CALENDAR RAT TO ABUSE CALENDAR SERVICE AS C2 INFRASTRUCTURE Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-con ... Pierluigi Paganini November 06, 2023 Cyber Crime SOCKS5SYSTEMZ PROXY SERVICE DELIVERED VIA PRIVATELOADER AND AMADEY Threat actors infected more than 10,000 devices worldwide with the 'PrivateLoader' and 'Amadey' loaders to recruit them into the proxy botnet 'Socks5Systemz.' Bitsight researchers uncovered a pro ... Pierluigi Paganini November 06, 2023 Breaking News US GOVT SANCTIONED A RUSSIAN WOMAN FOR LAUNDERING VIRTUAL CURRENCY ON BEHALF OF THREAT ACTORS The Treasury Department sanctioned a Russian woman accused of laundering virtual currency on behalf of cybercriminals. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) on ... Pierluigi Paganini November 05, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 444 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini November 05, 2023 APT LAZARUS TARGETS BLOCKCHAIN ENGINEERS WITH NEW KANDYKORN MACOS MALWARE North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware i ... Pierluigi Paganini November 05, 2023 Hacking KINSING THREAT ACTORS PROBED THE LOONEY TUNABLES FLAWS IN RECENT ATTACKS Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments. Researchers are cloud security firm Aqua have observed th ... Pierluigi Paganini November 04, 2023 Hacking ZDI DISCLOSES FOUR ZERO-DAY FLAWS IN MICROSOFT EXCHANGE Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs. Trend Micro's Zer ... Pierluigi Paganini November 03, 2023 Data Breach OKTA CUSTOMER SUPPORT SYSTEM BREACH IMPACTED 134 CUSTOMERS Threat actors who breached the Okta customer support system also gained access to files belonging to 134 customers. Threat actors who breached the Okta customer support system in October gained ac ... Pierluigi Paganini November 03, 2023 Mobile MULTIPLE WHATSAPP MODS SPOTTED CONTAINING THE CANESSPY SPYWARE Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module du ... Pierluigi Paganini November 03, 2023 Cyber warfare RUSSIAN FSB ARRESTED RUSSIAN HACKERS WHO SUPPORTED UKRAINIAN CYBER OPERATIONS The FSB arrested two Russian hackers who are accused of having helped Ukrainian entities carry out cyberattacks on critical infrastructure targets. The Russian intelligence agency Federal Security ... Pierluigi Paganini November 03, 2023 APT MUDDYWATER HAS BEEN SPOTTED TARGETING TWO ISRAELI ENTITIES Iran-linked cyberespionage group MuddyWater is targeting Israeli entities in a new spear-phishing campaign. Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, and&nbs ... Pierluigi Paganini November 03, 2023 Data Breach CLOP GROUP OBTAINED ACCESS TO THE EMAIL ADDRESSES OF ABOUT 632,000 US FEDERAL EMPLOYEES Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to ... Pierluigi Paganini November 02, 2023 Data Breach OKTA DISCLOSES A NEW DATA BREACH AFTER A THIRD-PARTY VENDOR WAS HACKED Okta warns approximately 5,000 employees that their personal information was compromised due to a third-party vendor data breach. Cloud identity and access management solutions provider Okta warns ... Pierluigi Paganini November 02, 2023 Hacking SUSPECTED EXPLOITATION OF APACHE ACTIVEMQ FLAW CVE-2023-46604 TO INSTALL HELLOKITTY RANSOMWARE Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the ... Pierluigi Paganini November 02, 2023 Cyber Crime BOEING CONFIRMED ITS SERVICES DIVISION SUFFERED A CYBERATTACK Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is ... Pierluigi Paganini November 02, 2023 Data Breach RESECURITY: INSECURITY OF 3RD-PARTIES LEADS TO AADHAAR DATA LEAKS IN INDIA Data leaks containing Aadhaar IDs in India were caused by the insecurity of 3rd parties while aggregating such information for KYC. According to Resecurity, a global cybersecurity provider protect ... Pierluigi Paganini November 02, 2023 Cyber Crime WHO IS BEHIND THE MOZI BOTNET KILL SWITCH? Researchers speculate that the recent shutdown of the Mozi botnet was the response of its authors to the pressure from Chinese law enforcement. ESET researchers speculate that the recent shutdown ... Pierluigi Paganini November 02, 2023 Hacking CISA ADDS TWO F5 BIG-IP FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added two vulnerabilities, tracked as CVE-2023-46747 and CVE-2023-46748, in BIG-IP to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agenc ... Pierluigi Paganini November 01, 2023 Security THREAT ACTORS ACTIVELY EXPLOIT F5 BIG-IP FLAWS CVE-2023-46747 AND CVE-2023-46748 Experts warn that threat actors started exploiting the critical flaw CVE-2023-46747 in F5 BIG-IP installs less than five days after PoC exploit disclosure. F5 this week warned customers about a cr ... Pierluigi Paganini November 01, 2023 Malware PRO-HAMAS HACKTIVIST GROUP TARGETS ISRAEL WITH BIBI-LINUX WIPER A pro-Hamas hacker group is targeting Israeli entities using a new Linux-based wiper malware dubbed BiBi-Linux Wiper. During a forensics investigation, Security Joes Incident Response team di ... Pierluigi Paganini November 01, 2023 Hacking BRITISH LIBRARY SUFFERS MAJOR OUTAGE DUE TO CYBERATTACK Last weekend, the British Library suffered a cyberattack that caused a major IT outage, impacting many of its services. The British Library is facing a major outage that impacts the website and ma ... Pierluigi Paganini November 01, 2023 Security CRITICAL ATLASSIAN CONFLUENCE FLAW CAN LEAD TO SIGNIFICANT DATA LOSS Atlassian warned of a critical security vulnerability, tracked as CVE-2023-22518, in the Confluence Data Center and Server. Atlassian is warning of a critical security flaw, tracked as CVE-2023-2 ... Pierluigi Paganini October 31, 2023 Deep Web WIHD LEAK EXPOSES DETAILS OF ALL TORRENT USERS World-in-HD (WiHD), a French private video torrent community, left an open instance exposing the emails and passwords of all of its users and administrators. WiHD, a popular torrent tracker specia ... Pierluigi Paganini October 31, 2023 Hacking EXPERTS RELEASED POC EXPLOIT CODE FOR CISCO IOS XE FLAW CVE-2023-20198 Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. Researchers from Researchers at Horizon3.ai publicly released the exploit code ... Pierluigi Paganini October 31, 2023 Intelligence CANADA BANS WECHAT AND KASPERSKY APPS ON GOVERNMENT-ISSUED MOBILE DEVICES Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the We ... Pierluigi Paganini October 31, 2023 Cyber Crime FLORIDA MAN SENTENCED TO PRISON FOR SIM SWAPPING CONSPIRACY THAT LED TO THEFT OF $1M IN CRYPTOCURRENCY A man from Orlando was sentenced to prison for SIM Swapping conspiracy that led to the theft of approximately $1M in cryptocurrency. Jordan Dave Persad (20), from Orlando, Florida, was sentenced t ... Pierluigi Paganini October 30, 2023 Hacking WIKI-SLACK ATTACK ALLOWS REDIRECTING BUSINESS PROFESSIONALS TO MALICIOUS WEBSITES eSentire researchers devised a new attack technique, named Wiki-Slack attack, that can be used to redirect business professionals to malicious websites. eSentire Threat Response Unit (TRU) secur ... Pierluigi Paganini October 30, 2023 Security HACKERONE AWARDED OVER $300 MILLION BUG HUNTERS HackerOne announced that it has awarded over $300 million bug hunters as part of its bug bounty programs since the launch of its platform. HackerOne announced that it has surpassed $300 million in ... Pierluigi Paganini October 30, 2023 Malware STRIPEDFLY, A COMPLEX MALWARE THAT INFECTED ONE MILLION DEVICES WITHOUT BEING NOTICED A sophisticated malware tracked as StripedFly remained undetected for five years and infected approximately one million devices. Researchers from Kaspersky discovered a sophisticated malware, dubb ... Pierluigi Paganini October 30, 2023 Hacktivism IT ARMY OF UKRAINE DISRUPTED INTERNET PROVIDERS IN TERRITORIES OCCUPIED BY RUSSIA IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine� ... Pierluigi Paganini October 29, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 443 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 29, 2023 Hacking BUG HUNTERS EARNED $1,038,250 FOR 58 UNIQUE 0-DAYS AT PWN2OWN TORONTO 2023 The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,25 ... Pierluigi Paganini October 28, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG CLAIMS TO HAVE STOLEN DATA FROM BOEING The Lockbit ransomware gang claims to have hacked the aerospace manufacturer and defense contractor Boeing and threatened to leak the stolen data. The Boeing Company, commonly known as Boeing, is ... Pierluigi Paganini October 27, 2023 APT FRANCE AGENCY ANSSI WARNS OF RUSSIA-LINKED APT28 ATTACKS ON FRENCH ENTITIES France National Agency for the Security of Information Systems warns that the Russia-linked APT28 group has breached several critical networks. The French National Agency for the Security of Infor ... Pierluigi Paganini October 27, 2023 Security HOW TO COLLECT MARKET INTELLIGENCE WITH RESIDENTIAL PROXIES? How residential proxies using real IPs from diverse locations enable businesses to gather comprehensive and accurate data from the web Since the adoption of the first digital tools and connection ... Pierluigi Paganini October 27, 2023 Hacking F5 URGES TO ADDRESS A CRITICAL FLAW IN BIG-IP F5 warns customers of a critical vulnerability impacting BIG-IP that could lead to unauthenticated remote code execution. F5 is warning customers about a critical security vulnerability, tracked a ... Pierluigi Paganini October 27, 2023 Data Breach HELLO ALFRED APP EXPOSES USER DATA Hello Alfred, an in-home hospitality app, left a database accessible without password protection, exposing almost 170,000 records containing private user data. Hello Alfred is a one-stop applicat ... Pierluigi Paganini October 27, 2023 Hacking ILEAKAGE ATTACK EXPLOITS SAFARI TO STEAL DATA FROM APPLE DEVICES Boffins devised a new iLeakage side-channel speculative execution attack exploits Safari to steal sensitive data from Macs, iPhones, and iPads. A team of researchers from the University of Michiga ... Pierluigi Paganini October 26, 2023 Hacking CLOUDFLARE MITIGATED 89 HYPER-VOLUMETRIC HTTP DISTRIBUTED DDOS ATTACKS EXCEEDING 100 MILLION RPS Cloudflare mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks exploiting the flaw HTTP/2 Rapid Reset. Cloudflare DDoS threat report of 2023 states that the c ... Pierluigi Paganini October 26, 2023 Data Breach SEIKO CONFIRMED A DATA BREACH AFTER BLACKCAT ATTACK Japanese watchmaker Seiko revealed that the attack that suffered earlier this year was carried out by the Black Cat ransomware gang. On August 10, 2023, the Japanese maker of watches Seiko disclos ... Pierluigi Paganini October 26, 2023 APT WINTER VIVERN APT EXPLOITED ZERO-DAY IN ROUNDCUBE WEBMAIL SOFTWARE IN RECENT ATTACKS Russia-linked threat actor Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software. Russian APT group Winter Vivern (aka TA473) has been observed exploiting a ze ... Pierluigi Paganini October 26, 2023 Hacking PWN2OWN TORONTO 2023 DAY 1 - ORGANIZERS AWARDED $438,750 IN PRIZES The Pwn2Own Toronto 2023 hacking contest has begun and during the first day, participants received $438,750 in prizes! During the Day 1 of the Pwn2Own Toronto 2023 hacking contest, the organizatio ... Pierluigi Paganini October 25, 2023 Security VMWARE ADDRESSED CRITICAL VCENTER FLAW ALSO FOR END-OF-LIFE PRODUCTS VMware addressed a critical out-of-bounds write vulnerability, tracked as CVE-2023-34048, that impacts vCenter Server. vCenter Server is a critical component in VMware virtualization and cloud c ... Pierluigi Paganini October 25, 2023 Security CITRIX WARNS ADMINS TO PATCH NETSCALER CVE-2023-4966 BUG IMMEDIATELY Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway applia ... Pierluigi Paganini October 25, 2023 Data Breach NEW ENGLAND BIOLABS LEAK SENSITIVE DATA On September 18th, the Cybernews research team discovered two publicly hosted environment files (.env) attributed to New England Biolabs. Leaving environment files open to the public is one of the ... Pierluigi Paganini October 25, 2023 Intelligence FORMER NSA EMPLOYEE PLEADS GUILTY TO ATTEMPTED SELLING CLASSIFIED DOCUMENTS TO RUSSIA A former NSA employee has pleaded guilty to charges of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke (31), a former NSA employee has admitted to attempting ... Pierluigi Paganini October 24, 2023 Hacking EXPERTS RELEASED POC EXPLOIT CODE FOR VMWARE ARIA OPERATIONS FOR LOGS FLAW. PATCH IT NOW! VMware is aware of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in VMware Aria Operations for Logs. VMware warned customers of the availability of a ... Pierluigi Paganini October 24, 2023 Hacking HOW DID THE OKTA SUPPORT BREACH IMPACT 1PASSWORD? 1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system. The password management and security application 1Password announced it had dete ... Pierluigi Paganini October 24, 2023 Security PII BELONGING TO INDIAN CITIZENS, INCLUDING THEIR AADHAAR IDS, OFFERED FOR SALE ON THE DARK WEB Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web. PII Belonging to Indian Citizens, Including their Aadhaar ID ... Pierluigi Paganini October 24, 2023 Cyber Crime SPAIN POLICE DISMANTLED A CYBERCRIMINAL GROUP WHO STOLE THE DATA OF 4 MILLION INDIVIDUALS The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over four million individuals. The Spanish police have arrested 34 members of a cybe ... Pierluigi Paganini October 24, 2023 Security CISA ADDS SECOND CISCO IOS XE FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulner ... Pierluigi Paganini October 23, 2023 Hacking CISCO WARNS OF A SECOND IOS XE ZERO-DAY USED TO INFECT DEVICES WORLDWIDE Cisco found a second IOS XE zero-day vulnerability, tracked as CVE-2023-20273, which is actively exploited in attacks in the wild. Cisco last week warned customers of a zero-day vulnerability, ... Pierluigi Paganini October 23, 2023 Hacking CITY OF PHILADELPHIA SUFFERS A DATA BREACH The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is inve ... Pierluigi Paganini October 23, 2023 Security SOLARWINDS FIXED THREE CRITICAL RCE FLAWS IN ITS ACCESS RIGHTS MANAGER PRODUCT Researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product. Security researchers discovered three critical remote code execu ... Pierluigi Paganini October 23, 2023 Intelligence DON'T USE AI-BASED APPS, PHILIPPINE DEFENSE ORDERED ITS PERSONNEL The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits. The Philippine defense warned of the risks of using AI-based applications to genera ... Pierluigi Paganini October 23, 2023 Malware VIETNAMESE THREAT ACTORS LINKED TO DARKGATE MALWARE CAMPAIGN Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., the U.S., and India. WithSecure researchers linked the recent attacks using the DarkG ... Pierluigi Paganini October 23, 2023 Intelligence MI5 CHIEF WARNS OF CHINESE CYBER ESPIONAGE REACHED AN UNPRECEDENTED SCALE MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted. The head of MI5, Ken McCallum, warns that Chinese spies targeted more than ... Pierluigi Paganini October 22, 2023 Intelligence THE ATTACK ON THE INTERNATIONAL CRIMINAL COURT WAS TARGETED AND SOPHISTICATED The International Criminal Court revealed the recent attack was carried out by a threat actor for espionage purposes. The International Criminal Court shared additional information about the cyber ... Pierluigi Paganini October 22, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 442 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 22, 2023 Cyber Crime A THREAT ACTOR IS SELLING ACCESS TO FACEBOOK AND INSTAGRAM'S POLICE PORTAL A threat actor is selling access to Facebook and Instagram's Police Portal used by law enforcement agencies to request data relating to users under investigation. Cyber security researcher Alon Ga ... Pierluigi Paganini October 21, 2023 Data Breach THREAT ACTORS BREACHED OKTA SUPPORT SYSTEM AND STOLE CUSTOMERS' DATA Okta revealed that threat actors breached its support case management system and stole sensitive data that can be used in future attacks. Okta says that threat actors broke into its support case m ... Pierluigi Paganini October 21, 2023 Security US DOJ SEIZED DOMAINS USED BY NORTH KOREAN IT WORKERS TO DEFRAUD BUSINESSES WORLDWIDE The U.S. government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide. The U.S. government announced the seizure of 17 website doma ... Pierluigi Paganini October 21, 2023 Cyber Crime ALLEGED DEVELOPER OF THE RAGNAR LOCKER RANSOMWARE WAS ARRESTED A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation. Yesterday we became aware of a joint law en ... Pierluigi Paganini October 20, 2023 Hacking CISA ADDS CISCO IOS XE FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the vulnerability CVE-2021-1435 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnera ... Pierluigi Paganini October 20, 2023 Hacking TENS OF THOUSANDS CISCO IOS XE DEVICES WERE HACKED BY EXPLOITING CVE-2023-20198 More than 40,000 Cisco IOS XE devices have been compromised in attacks exploiting recently disclosed critical vulnerability CVE-2023-20198. Researchers from LeakIX used the indicators of compromis ... Pierluigi Paganini October 20, 2023 Cyber Crime LAW ENFORCEMENT OPERATION SEIZED RAGNAR LOCKER GROUP'S INFRASTRUCTURE An international law enforcement operation shuts down the infrastructure of the Ragnar Locker ransomware operation. Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Nethe ... Pierluigi Paganini October 19, 2023 Security THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT! I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases ... Pierluigi Paganini October 19, 2023 APT NORTH KOREA-LINKED APT GROUPS ACTIVELY EXPLOIT JETBRAINS TEAMCITY FLAW North Korea-linked threat actors are actively exploiting a critical vulnerability CVE-2023-42793 in JetBrains TeamCity. Microsoft warns that North Korea-linked threat actors are actively exploitin ... Pierluigi Paganini October 19, 2023 APT MULTIPLE APT GROUPS EXPLOITED WINRAR FLAW CVE-2023-38831 Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google's Threat Analysis Group (TAG) reported that in recent weeks ... Pierluigi Paganini October 19, 2023 Data Breach CALIFORNIAN IT COMPANY DNA MICRO LEAKS PRIVATE MOBILE PHONE DATA Hundreds of thousands of clients who opted-in for a screen warranty were exposed when DNA Micro leaked data from its systems. The Cybernews research team found that DNA Micro, a California-based I ... Pierluigi Paganini October 18, 2023 Hacking THREAT ACTORS HAVE BEEN EXPLOITING CVE-2023-4966 IN CITRIX NETSCALER ADC/GATEWAY DEVICES SINCE AUGUST Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin ... Pierluigi Paganini October 18, 2023 Hacking A FLAW IN SYNOLOGY DISKSTATION MANAGER ALLOWS ADMIN ACCOUNT TAKEOVER A vulnerability in Synology DiskStation Manager (DSM) could be exploited to decipher an administrator's password. Researchers from Claroty's Team82 discovered a vulnerability, tracked as CVE-2023- ... Pierluigi Paganini October 18, 2023 Hacking D-LINK CONFIRMS DATA BREACH, BUT DOWNPLAYED THE IMPACT Taiwanese manufacturer D-Link confirmed a data breach after a threat actor offered for sale on BreachForums stolen data. The global networking equipment and technology company D-Link confirmed a ... Pierluigi Paganini October 18, 2023 Breaking News CVE-2023-20198 ZERO-DAY WIDELY EXPLOITED TO INSTALL IMPLANTS ON CISCO IOS XE SYSTEMS Threat actors exploited the recently disclosed zero-day flaw (CVE-2023-20198) in a large-scale hacking campaign on Cisco IOS XE devices. Threat actors have exploited the recently disclosed critica ... Pierluigi Paganini October 17, 2023 APT RUSSIA-LINKED SANDWORM APT COMPROMISED 11 UKRAINIAN TELECOMMUNICATIONS PROVIDERS Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between May and September 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised el ... Pierluigi Paganini October 17, 2023 Cyber Crime RANSOMWARE REALITIES IN 2023: ONE EMPLOYEE MISTAKE CAN COST A COMPANY MILLIONS What is the impact of ransomware on organizations? One employee's mistake can cost a company millions of dollars. Studies show that human error is the root cause of more than 80% of all cyber brea ... Pierluigi Paganini October 17, 2023 Malware MALWARE-LACED 'REDALERT - ROCKET ALERTS' APP TARGETS ISRAELI USERS Threat actors are targeting Israeli Android users with a malicious version of the 'RedAlert – Rocket Alerts' that hide spyware. A threat actor is targeting Israeli Android users with a spyware-l ... Pierluigi Paganini October 17, 2023 Hacking CISCO WARNS OF ACTIVE EXPLOITATION OF IOS XE ZERO-DAY Cisco warned customers of a critical zero-day vulnerability in its IOS XE Software that is actively exploited in attacks. Cisco warned customers of a zero-day vulnerability, tracked as CVE-2023-2 ... Pierluigi Paganini October 16, 2023 Hacking SIGNAL DENIES CLAIMS OF AN ALLEGED ZERO-DAY FLAW IN ITS PLATFORM Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation. The popular encrypted messaging app Signal denied claims of an alleged z ... Pierluigi Paganini October 16, 2023 Malware MICROSOFT DEFENDER THWARTED AKIRA RANSOMWARE ATTACK ON AN INDUSTRIAL ENGINEERING FIRM Microsoft thwarted a large-scale hacking campaign carried out by Akira ransomware operators targeting an unknown industrial organization. Microsoft announced that its Microsoft Defender for Endpo ... Pierluigi Paganini October 16, 2023 Cyber Crime DARKGATE MALWARE CAMPAIGN ABUSES SKYPE AND TEAMS Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. From July to September, researchers from Trend Micro observed a ma ... Pierluigi Paganini October 16, 2023 Cyber Crime THE ALPHV RANSOMWARE GANG STOLE 5TB OF DATA FROM THE MORRISON COMMUNITY HOSPITAL The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site. Threat actors continue to target hospitals. The ALPHV/BlackCat ransomware group claims to have hacked th ... Pierluigi Paganini October 15, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 441 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 15, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. The technology services giant CDW announced it has launched an investiga ... Pierluigi Paganini October 14, 2023 Breaking News CISA WARNS OF VULNERABILITIES AND MISCONFIGURATIONS EXPLOITED IN RANSOMWARE ATTACKS CISA warns organizations of vulnerabilities and misconfigurations that are known to be exploited in ransomware operations. The US cybersecurity agency CISA is sharing knowledge about vulnerabiliti ... Pierluigi Paganini October 14, 2023 APT STAYIN' ALIVE CAMPAIGN TARGETS HIGH-PROFILE ASIAN GOVERNMENT AND TELECOM ENTITIES. IS IT LINKED TO TODDYCAT APT? A cyberespionage campaign, tracked as Stayin' Alive, targeted high-profile government and telecom entities in Asia. Cybersecurity company Check Point uncovered a malicious activity, tracked as ... Pierluigi Paganini October 13, 2023 Uncategorized FBI AND CISA PUBLISHED A NEW ADVISORY ON AVOSLOCKER RANSOMWARE FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) published ... Pierluigi Paganini October 13, 2023 Hacking MORE THAN 17,000 WORDPRESS WEBSITES INFECTED WITH THE BALADA INJECTOR IN SEPTEMBER In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. Sucuri researchers reported that more than 17,000 WordPress websites have been compromised i ... Pierluigi Paganini October 13, 2023 Malware RANSOMLOOKER, A NEW TOOL TO TRACK AND ANALYZE RANSOMWARE GROUPS' ACTIVITIES Ransomlooker monitors ransomware groups' extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker, a tool to monitor ransomware groups' extortio ... Pierluigi Paganini October 12, 2023 Cyber Crime PHISHING, THE CAMPAIGNS THAT ARE TARGETING ITALY This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail ... Pierluigi Paganini October 12, 2023 Cyber Crime A NEW MAGECART CAMPAIGN HIDES THE MALICIOUS CODE IN 404 ERROR PAGE Researchers observed a new Magecart web skimming campaign changing the websites' default 404 error page to steal credit cards. Researchers from the Akamai Security Intelligence Group unc ... Pierluigi Paganini October 12, 2023 Hacking CISA ADDS ADOBE ACROBAT READER FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the flaw CVE-2023-21608 in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five new fl ... Pierluigi Paganini October 11, 2023 Malware MIRAI-BASED DDOS BOTNET IZ1H9 ADDED 13 PAYLOADS TO TARGET ROUTERS A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Fortinet researchers observed a new Mir ... Pierluigi Paganini October 11, 2023 Data Breach AIR EUROPA DATA BREACH EXPOSED CUSTOMERS' CREDIT CARDS Airline Air Europa disclosed a data breach and warned customers to cancel their credit cards after threat actors accessed their card information. Air Europa is a Spanish airline and a subsidiary o ... Pierluigi Paganini October 11, 2023 Cyber warfare #OPISRAEL, #FREEPALESTINE & #OPSAUDIARABIA - HOW CYBER ACTORS CAPITALIZE ON WAR ACTIONS VIA PSY-OPS Gaza: Resecurity identified threat actors exploiting the conflict to weaponize psychological operations (PSYOPs) campaigns. Amidst the outbreak of war on the Gaza Strip last weekend, Resecurity (L ... Pierluigi Paganini October 11, 2023 Security MICROSOFT PATCH TUESDAY UPDATES FOR OCTOBER 2023 FIXED THREE ACTIVELY EXPLOITED ZERO-DAY FLAWS Microsoft Patch Tuesday security updates for October 2023 fixed three actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for October 2023 addressed a total of 10 ... Pierluigi Paganini October 11, 2023 Hacking NEW 'HTTP/2 RAPID RESET' TECHNIQUE BEHIND RECORD-BREAKING DDOS ATTACKS A new DDoS technique named 'HTTP/2 Rapid Reset' is actively employed in attacks since August enabling record-breaking attacks. Researchers disclosed a new zero-day DDoS attack technique, named 'HT ... Pierluigi Paganini October 10, 2023 Hacking EXPOSED SECURITY CAMERAS IN ISRAEL AND PALESTINE POSE SIGNIFICANT RISKS Many poorly configured security cameras are exposed to hacktivists in Israel and Palestine, placing the owners using them and the people around them at substantial risk. After the Hamas attacks on ... Pierluigi Paganini October 10, 2023 Hacking A FLAW IN LIBCUE LIBRARY IMPACTS GNOME LINUX SYSTEMS A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked a ... Pierluigi Paganini October 10, 2023 Hacktivism HACKTIVISTS IN PALESTINE AND ISRAEL AFTER SCADA AND OTHER INDUSTRIAL CONTROL SYSTEMS Both pro-Israeli and pro-Palestinian hacktivists have joined the fight and are targeting SCADA and ICS systems. Both pro-Israeli and pro-Palestinian hacktivists have joined the fight in the cyber ... Pierluigi Paganini October 10, 2023 Hacking LARGE-SCALE CITRIX NETSCALER GATEWAY CREDENTIAL HARVESTING CAMPAIGN EXPLOITS CVE-2023-3519 IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability. IBM's X-Force researchers reported that threat actors are con ... Pierluigi Paganini October 09, 2023 Malware THE SOURCE CODE OF THE 2020 VARIANT OF HELLOKITTY RANSOMWARE WAS LEAKED ON A CYBERCRIME FORUM A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. Cybersecurity researchers 3xp0rt reported that a threat actor ... Pierluigi Paganini October 09, 2023 Hacking GAZA-LINKED HACKERS AND PRO-RUSSIA GROUPS ARE TARGETING ISRAEL Microsoft linked a Gaza-based threat actor tracked as Storm-1133 to a series of attacks aimed at private organizations in Israel. The fourth annual Digital Defense Report published by Microsoft l ... Pierluigi Paganini October 09, 2023 Data Breach FLAGSTAR BANK SUFFERED A DATA BREACH ONCE AGAIN Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that t ... Pierluigi Paganini October 09, 2023 Malware ANDROID DEVICES SHIPPED WITH BACKDOORED FIRMWARE AS PART OF THE BADBOX NETWORK Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security disc ... Pierluigi Paganini October 09, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 440 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 08, 2023 APT NORTH KOREA-LINKED LAZARUS APT LAUNDERED OVER $900 MILLION THROUGH CROSS-CHAIN CRIME North Korea-linked APT group Lazarus has laundered $900 million worth of cryptocurrency, Elliptic researchers reported. Researchers from blockchain analytics firm Elliptic reported that threat act ... Pierluigi Paganini October 08, 2023 Cyber Crime QAKBOT THREAT ACTORS ARE STILL OPERATIONAL AFTER THE AUGUST TAKEDOWN Threat actors behind the QakBot malware are still active, since August they are carrying out a phishing campaign delivering Ransom Knight ransomware and Remcos RAT. In August, the FBI announced th ... Pierluigi Paganini October 07, 2023 Cyber Crime RANSOMWARE ATTACK ON MGM RESORTS COSTS $110 MILLION Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM R ... Pierluigi Paganini October 06, 2023 Breaking News CYBERSECURITY, WHY A HOTLINE NUMBER COULD BE IMPORTANT? The creation of a dedicated emergency number for cybersecurity could provide an effective solution to this rapidly growing challenge The growing threat of cybercrime is calling for new and innovat ... Pierluigi Paganini October 06, 2023 Hacking MULTIPLE EXPERTS RELEASED EXPLOITS FOR LINUX LOCAL PRIVILEGE ESCALATION FLAW LOONEY TUNABLES Researchers published PoC exploits for CVE-2023-4911 vulnerability (aka Looney Tunables) impacting most popular Linux distributions. The vulnerability CVE-2023-4911 (CVSS score 7.8) is a buffer ov ... Pierluigi Paganini October 06, 2023 Security CISCO EMERGENCY RESPONDER IS AFFECTED BY A CRITICAL STATIC CREDENTIALS BUG. FIX IT IMMEDIATELY! Cisco addressed a critical Static Credentials Vulnerability, tracked as CVE-2023-20101, impacting Emergency Responder. Cisco released security updates to address a critical vulnerability, tracked ... Pierluigi Paganini October 06, 2023 Intelligence BELGIAN INTELLIGENCE SERVICE VSSE ACCUSED ALIBABA OF ‘POSSIBLE ESPIONAGE’ AT EUROPEAN HUB IN LIEGE Belgian intelligence agency State Security Service (VSSE) fears that Chinese giant Alibaba is spying on logistics to gather financial intelligence. The Belgian intelligence service VSSE revealed t ... Pierluigi Paganini October 06, 2023 Hacking CISA ADDS JETBRAINS TEAMCITY AND WINDOWS FLAWS TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG The U.S. CISA added JetBrains TeamCity and Windows vulnerabilities to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the JetBra ... Pierluigi Paganini October 05, 2023 Hacking NATO IS INVESTIGATING A NEW CYBER ATTACK CLAIMED BY THE SIEGEDSEC GROUP NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politicall ... Pierluigi Paganini October 05, 2023 Data Breach GLOBAL CRM PROVIDER EXPOSED MILLIONS OF CLIENTS’ FILES ONLINE Researcher discovered that global B2B CRM provider Really Simple Systems exposed online a non-password-protected database with million records. Cybersecurity Researcher, Jeremiah Fowler, discovere ... Pierluigi Paganini October 05, 2023 Data Breach SONY SENT DATA BREACH NOTIFICATIONS TO ABOUT 6,800 INDIVIDUALS Sony Interactive Entertainment has notified current and former employees and their family members about a data breach. Sony Interactive Entertainment (SIE) has notified current and former employee ... Pierluigi Paganini October 05, 2023 Hacking APPLE FIXED THE 17TH ZERO-DAY FLAW EXPLOITED IN ATTACKS Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple released emergency security updates to address a new ... Pierluigi Paganini October 04, 2023 Hacking ATLASSIAN CONFLUENCE ZERO-DAY CVE-2023-22515 ACTIVELY EXPLOITED IN ATTACKS Atlassian fixed a critical zero-day flaw in its Confluence Data Center and Server software, which has been exploited in the wild. Software giant Atlassian released emergency security updates to ad ... Pierluigi Paganini October 04, 2023 Hacking A CYBERATTACK DISRUPTED LYCA MOBILE SERVICES International mobile virtual network operator Lyca Mobile announced it has been the victim of a cyber attack that disrupted its network. Lyca Mobile is a mobile virtual network operator (MVNO) tha ... Pierluigi Paganini October 04, 2023 Security CHIPMAKER QUALCOMM WARNS OF THREE ACTIVELY EXPLOITED ZERO-DAYS Chipmaker Qualcomm addressed 17 vulnerabilities in various components and warns of three other actively exploited zero-day flaws. Chipmaker Qualcomm released security updates to address 17 vulnera ... Pierluigi Paganini October 04, 2023 Reports DRM REPORT Q2 2023 - RANSOMWARE THREAT LANDSCAPE The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. In an era where digitalization has woven its web into ... Pierluigi Paganini October 04, 2023 Cyber Crime PHISHING CAMPAIGN TARGETED US EXECUTIVES EXPLOITING A FLAW IN INDEED JOB SEARCH PLATFORM Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that thre ... Pierluigi Paganini October 04, 2023 Data Breach SAN FRANCISCO’S TRANSPORT AGENCY EXPOSES DRIVERS’ PARKING PERMITS AND ADDRESSES A misconfiguration in the Metropolitan Transportation Commission (MTC) systems caused a leak of over 26K files, exposing clients’ parking permits and home addresses. The MTC is a governmental ag ... Pierluigi Paganini October 03, 2023 Malware BUNNYLOADER, A NEW MALWARE-AS-A-SERVICE ADVERTISED IN CYBERCRIME FORUMS Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that's appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-servi ... Pierluigi Paganini October 03, 2023 Breaking News EXCLUSIVE: LIGHTING THE EXFILTRATION INFRASTRUCTURE OF A LOCKBIT AFFILIATE (AND MORE) Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary We investigated ... Pierluigi Paganini October 03, 2023 Malware TWO HACKER GROUPS ARE BACK IN THE NEWS, LOCKBIT 3.0 BLACK AND BLACKCAT/ALPHV Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups th ... Pierluigi Paganini October 03, 2023 Data Breach EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI) SUFFERED A DATA BREACH The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users ... Pierluigi Paganini October 03, 2023 Hacking WS_FTP FLAW CVE-2023-40044 ACTIVELY EXPLOITED IN THE WILD Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. Progress Software recently warned customers to address a ... Pierluigi Paganini October 02, 2023 Data Breach NATIONAL LOGISTICS PORTAL (NLP) DATA LEAK: SEAPORTS IN INDIA WERE LEFT VULNERABLE TO TAKEOVER BY HACKERS The National Logistics Portal (NLP), a newly launched platform to manage all port operations in India, left public access to sensitive data, posing the risk of a potential takeover by threat actors. ... Pierluigi Paganini October 02, 2023 APT NORTH KOREA-LINKED LAZARUS TARGETED A SPANISH AEROSPACE COMPANY North Korea-linked APT group Lazarus impersonated Meta's recruiters in an attack against a Spanish company in the Aerospace industry. ESET researchers linked the North Korea-linked Lazarus AP ... Pierluigi Paganini October 02, 2023 Data Breach RANSOMWARE ATTACK ON JOHNSON CONTROLS MAY HAVE EXPOSED SENSITIVE DHS DATA Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multin ... Pierluigi Paganini October 02, 2023 Cyber Crime BLACKCAT GANG CLAIMS THEY STOLE DATA OF 2.5 MILLION PATIENTS OF MCLAREN HEALTH CARE The ALPHV/BlackCat ransomware gang added McLaren Health Care to the list of victims on its Tor leak site. McLaren Health Care is a not-for-profit healthcare system based in Michigan, United States ... Pierluigi Paganini October 01, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 439 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini October 01, 2023 Cyber Crime ALPHV/BLACKCAT RANSOMWARE GANG HACKED THE HOTEL CHAIN MOTEL ONE The ALPHV/BlackCat ransomware gang added the hotel chain Motel One to the list of victims on its Tor leak site. Motel One is a German hotel chain that offers budget-friendly accommodations primari ... Pierluigi Paganini September 30, 2023 Cyber Crime FBI WARNS OF DUAL RANSOMWARE ATTACKS The U.S. Federal Bureau of Investigation (FBI) warns of dual ransomware attacks aimed at the same victims. The U.S. Federal Bureau of Investigation (FBI) is warning of dual ransomware attacks, a n ... Pierluigi Paganini September 30, 2023 Breaking News PROGRESS SOFTWARE FIXED TWO CRITICAL SEVERITY FLAWS IN WS_FTP SERVER Progress Software has addressed a critical severity vulnerability in its WS_FTP Server software used by thousands of IT teams worldwide. Progress Software warned customers to address a critical se ... Pierluigi Paganini September 30, 2023 Security CHILD ABUSE SITE TAKEN DOWN, ORGANIZED CHILD EXPLOITATION CRIME SUSPECTED – EXCLUSIVE A child abuse site has been taken down following a request to German law enforcement by Cybernews research team. A hacker collective, who wanted to remain anonymous, has been relentlessly hunting ... Pierluigi Paganini September 30, 2023 Hacking A STILL UNPATCHED ZERO-DAY RCE IMPACTS MORE THAN 3.5M EXIM SERVERS Experts warn of a critical zero-day vulnerability, tracked as CVE-2023-42115, in all versions of Exim mail transfer agent (MTA) software. A critical zero-day vulnerability, tracked as CVE-2023-421 ... Pierluigi Paganini September 29, 2023 Hacking CHINESE THREAT ACTORS STOLE AROUND 60,000 EMAILS FROM US STATE DEPARTMENT IN MICROSOFT BREACH China-linked threat actors stole around 60,000 emails from U.S. State Department after breaching Microsoft's Exchange email platform in May. China-linked hackers who breached Microsoft's email pl ... Pierluigi Paganini September 29, 2023 Data Breach MISCONFIGURED WBSC SERVER LEAKS THOUSANDS OF PASSPORTS The World Baseball Softball Confederation (WBSC) left open a data repository exposing nearly 50,000 files, some of which were highly sensitive, the Cybernews research team has discovered. On June ... Pierluigi Paganini September 29, 2023 Security CISA ADDS JBOSS RICHFACES FRAMEWORK FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the ... Pierluigi Paganini September 29, 2023 Hacking CISCO URGES TO PATCH ACTIVELY EXPLOITED IOS ZERO-DAY CVE-2023-20109 Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security ... Pierluigi Paganini September 28, 2023 Cyber Crime DARK ANGELS TEAM RANSOMWARE GROUP HIT JOHNSON CONTROLS Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate wit ... Pierluigi Paganini September 28, 2023 Hacking GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023 Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to addre ... Pierluigi Paganini September 28, 2023 Hacking RUSSIAN ZERO-DAY BROKER IS WILLING TO PAY $20M FOR ZERO-DAY EXPLOITS FOR IPHONES AND ANDROID DEVICES A Russian zero-day broker is willing to pay $20 million for zero-day exploits for iPhones and Android mobile devices. The Russian zero-day broker firm Operation Zero is increasing payouts for top- ... Pierluigi Paganini September 27, 2023 APT CHINA-LINKED APT BLACKTECH WAS SPOTTED HIDING IN CISCO ROUTER FIRMWARE US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. US and Japanese intelligence, law enforcement ... Pierluigi Paganini September 27, 2023 Hacking WATCH OUT! CVE-2023-5129 IN LIBWEBP LIBRARY AFFECTS MILLIONS APPLICATIONS Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier f ... Pierluigi Paganini September 27, 2023 Security DARKBEAM LEAKS BILLIONS OF EMAIL AND PASSWORD COMBINATIONS DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches. The leaked logins present cybercriminals with almost limi ... Pierluigi Paganini September 27, 2023 Data Breach 'RANSOMED.VC' IN THE SPOTLIGHT - WHAT IS KNOWN ABOUT THE RANSOMWARE GROUP TARGETING SONY AND NTT DOCOMO Following the recently announced data leak from Sony, Ransomed.vc group claimed the hack of the Japanese giant NTT Docomo. Following the recently announced data leak from Sony, the notorious ranso ... Pierluigi Paganini September 27, 2023 Security TOP 5 PROBLEMS SOLVED BY DATA LINEAGE Data lineage is the visualization and tracking of data as it moves through various stages of its lifecycle. In an age where data drives decisions and fuels innovation, understanding the journey of ... Pierluigi Paganini September 27, 2023 Data Breach THREAT ACTORS CLAIM THE HACK OF SONY, AND THE COMPANY INVESTIGATES Sony launched an investigation into an alleged data breach after the RansomedVC group claimed the hack of the company. Sony announced it is investigating allegations of a data breach after the Ran ... Pierluigi Paganini September 26, 2023 Data Breach CANADIAN FLAIR AIRLINES LEFT USER DATA LEAKING FOR MONTHS Researchers discovered that Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months Canadian Flair Airlines left credentials to sensitive ... Pierluigi Paganini September 26, 2023 Cyber Crime THE RHYSIDA RANSOMWARE GROUP HIT THE KUWAIT MINISTRY OF FINANCE This week the Rhysida ransomware group claimed the hack of the Kuwait Ministry of Finance and added it to its Tor leak site. Last week a ransomware attack hit the Government of Kuwait, the attack ... Pierluigi Paganini September 26, 2023 Data Breach BORN ONTARIO DATA BREACH IMPACTED 3.4 MILLION NEWBORNS AND PREGNANCY CARE PATIENTS The Better Outcomes Registry & Network (BORN), the Ontario birth registry disclosed a data breach affecting some 3.4 million people. The Better Outcomes Registry & Network (BORN) is a prog ... Pierluigi Paganini September 26, 2023 Malware XENOMORPH MALWARE IS BACK AFTER MONTHS OF HIATUS AND EXPANDS THE LIST OF TARGETS A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading ... Pierluigi Paganini September 26, 2023 Cyber Crime SMISHING TRIAD STRETCHES ITS TENTACLES INTO THE UNITED ARAB EMIRATES Resecurity research found that the 'Smishing Triad' cybercrime group has expanded its phishing campaign into the United Arab Emirates (UAE). Resecurity research recently found that 'Smishing Triad ... Pierluigi Paganini September 26, 2023 Hacking CROOKS STOLE $200 MILLION WORTH OF ASSETS FROM MIXIN NETWORK Crooks stole $200 million from Mixin Network, a free, lightning fast and decentralized network for transferring digital assets. Mixin Network, the Hong Kong-based crypto firm behind a free, lightn ... Pierluigi Paganini September 25, 2023 Cyber warfare A PHISHING CAMPAIGN TARGETS UKRAINIAN MILITARY ENTITIES WITH DRONE MANUAL LURES A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign u ... Pierluigi Paganini September 25, 2023 Hacking ALERT! PATCH YOUR TEAMCITY INSTANCE TO AVOID SERVER HACK Experts warn of a critical vulnerability in the TeamCity CI/CD server that can be exploited to take over a vulnerable server. JetBrains TeamCity is a popular and highly extensible Continuous Integ ... Pierluigi Paganini September 25, 2023 APT IS GELSEMIUM APT BEHIND A TARGETED ATTACK IN SOUTHEAST ASIAN GOVERNMENT? A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Sout ... Pierluigi Paganini September 25, 2023 Cyber Crime NIGERIAN NATIONAL PLEADS GUILTY TO PARTICIPATING IN A MILLIONAIRE BEC SCHEME A Nigerian national pleaded guilty to wire fraud and money laundering through business email compromise (BEC). The Nigerian national Kosi Goodness Simon-Ebo (29), who is residing in South Africa, ... Pierluigi Paganini September 25, 2023 Malware NEW VARIANT OF BBTOK TROJAN TARGETS USERS OF +40 BANKS IN LATAM A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan ... Pierluigi Paganini September 25, 2023 Malware DEADGLYPH, A VERY SOPHISTICATED AND UNKNOWN BACKDOOR TARGETS THE MIDDLE EAST Researchers discovered a previously undocumented sophisticated backdoor, named Deadglyph, used by the Stealth Falcon group for espionage in the Middle East ESET researchers discovered a very sophi ... Pierluigi Paganini September 24, 2023 Data Breach ALPHV GROUP CLAIMS THE HACK OF CLARION, A GLOBAL MANUFACTURER OF AUDIO AND VIDEO EQUIPMENT FOR CARS The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. The Alphv ransomware group added Clarion, the global ... Pierluigi Paganini September 24, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 438 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 24, 2023 Data Breach NATIONAL STUDENT CLEARINGHOUSE DATA BREACH IMPACTED APPROXIMATELY 900 US SCHOOLS U.S. educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. The National Student Clearinghouse (NSC) is a nonprofit o ... Pierluigi Paganini September 24, 2023 Hacking GOVERNMENT OF BERMUDA BLAMES RUSSIAN THREAT ACTORS FOR THE CYBER ATTACK The Government of Bermuda believes that the recent cyberattack against its IT infrastructure was launched by Russian threat actors. This week a cyber attack hit the Government of Bermuda causing t ... Pierluigi Paganini September 23, 2023 Mobile RECENTLY PATCHED APPLE AND CHROME ZERO-DAYS EXPLOITED TO INFECT DEVICES IN EGYPT WITH PREDATOR SPYWARE Citizen Lab and Google's TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Researchers from the Citizen Lab and Google's Threat Analysis Gr ... Pierluigi Paganini September 22, 2023 Hacking CISA ADDS TREND MICRO APEX ONE AND WORRY-FREE BUSINESS SECURITY FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added the flaw CVE-2023-41179 in Trend Micro Apex and other security products to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) a ... Pierluigi Paganini September 22, 2023 Data Breach INFORMATION OF AIR CANADA EMPLOYEES EXPOSED IN RECENT CYBERATTACK Air Canada, the flag carrier and largest airline of Canada, announced that the personal information of some employees was exposed as a result of a recent cyberattack. Air Canada, the flag carrier ... Pierluigi Paganini September 22, 2023 APT SANDMAN APT TARGETS TELCOS WITH LUADREAM BACKDOOR A previously undocumented APT dubbed Sandman targets telecommunication service providers in the Middle East, Western Europe, and South Asia. A joint research conducted by SentinelLabs and QGroup G ... Pierluigi Paganini September 22, 2023 Hacking APPLE ROLLED OUT EMERGENCY UPDATES TO ADDRESS 3 NEW ACTIVELY EXPLOITED ZERO-DAY FLAWS Apple released emergency security updates to address three new actively exploited zero-day vulnerabilities. Apple released emergency security updates to address three new zero-day vulnerabilities ... Pierluigi Paganini September 21, 2023 Hacking UKRAINIAN HACKERS ARE BEHIND THE FREE DOWNLOAD MANAGER SUPPLY CHAIN ATTACK The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the re ... Pierluigi Paganini September 21, 2023 Data Breach SPACE AND DEFENSE TECH MAKER EXAIL TECHNOLOGIES EXPOSES DATABASE ACCESS Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. Exail, a French hig ... Pierluigi Paganini September 21, 2023 Hacking PRO-RUSSIA HACKER GROUP NONAME LAUNCHED A DDOS ATTACK ON CANADIAN AIRPORTS CAUSING SEVERE DISRUPTIONS Pro-Russia hacker group NoName is suspected to have launched a cyberattack that caused border checkpoint outages at several Canadian airports. A massive DDoS cyber attack, likely carried out by Pr ... Pierluigi Paganini September 21, 2023 Security EXPERTS FOUND CRITICAL FLAWS IN NAGIOS XI NETWORK MONITORING SOFTWARE Researchers discovered multiple vulnerabilities in the Nagios XI network and IT infrastructure monitoring and management solution. Researchers discovered four vulnerabilities (CVE-2023-40931, CVE- ... Pierluigi Paganini September 20, 2023 Deep Web THE DARK WEB DRUG MARKETPLACE PIILOPUOTI WAS DISMANTLED BY FINNISH CUSTOMS Finnish police announced the takedown of the dark web marketplace PIILOPUOTI which focuses on the sale of illegal narcotics. Finnish Customs announced the seizure of the dark web marketplace Piilo ... Pierluigi Paganini September 20, 2023 Hacking INTERNATIONAL CRIMINAL COURT HIT WITH A CYBER ATTACK A cyberattack hit the International Criminal Court (ICC) disclosed a cyberattack this week, its systems were compromised last week. The International Criminal Court (ICC) announced that threat act ... Pierluigi Paganini September 20, 2023 Security GITLAB ADDRESSED CRITICAL VULNERABILITY CVE-2023-5009 GitLab rolled out security patches to address a critical vulnerability, tracked as CVE-2023-5009, that can be exploited to run pipelines as another user. GitLab has released security patches to ad ... Pierluigi Paganini September 20, 2023 Hacking TREND MICRO ADDRESSES ACTIVELY EXPLOITED ZERO-DAY IN APEX ONE AND OTHER SECURITY PRODUCTS Trend Micro addressed a zero-day code execution vulnerability (CVE-2023-41179) in Apex One that has been actively exploited in the wild. Trend Micro has released security updates to patch an activ ... Pierluigi Paganini September 20, 2023 APT SHROUDEDSNOOPER THREAT ACTORS TARGET TELECOM COMPANIES IN THE MIDDLE EAST ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy impl ... Pierluigi Paganini September 19, 2023 Security RECENT CYBER ATTACK IS CAUSING CLOROX PRODUCTS SHORTAGE The cyber attack that hit the cleaning products manufacturer Clorox in August is still affecting the supply of the products to customers. The Clorox Company is a multinational consumer goods compa ... Pierluigi Paganini September 19, 2023 APT EARTH LUSCA EXPANDS ITS ARSENAL WITH SPRYSOCKS LINUX MALWARE China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. Researchers from Trend Micro, while monitoring the activity of the China-linke ... Pierluigi Paganini September 19, 2023 Data Breach MICROSOFT AI RESEARCH DIVISION ACCIDENTALLY EXPOSED 38TB OF SENSITIVE DATA Microsoft AI researchers accidentally exposed 38TB of sensitive data via a public GitHub repository since July 2020. Cybersecurity firm Wiz discovered that the Microsoft AI research division accid ... Pierluigi Paganini September 18, 2023 Hacking GERMAN INTELLIGENCE WARNS CYBERATTACKS COULD TARGET LIQUEFIED NATURAL GAS (LNG) TERMINALS The head of Germany’s foreign intelligence service warns of state-sponsored attacks aimed at liquefied natural gas (LNG) terminals in the country. Bruno Kahl, the President of the Bundesnachrich ... Pierluigi Paganini September 18, 2023 Hacking DEEPFAKE AND SMISHING. HOW HACKERS COMPROMISED THE ACCOUNTS OF 27 RETOOL CUSTOMERS IN THE CRYPTO INDUSTRY Software development company Retool was the victim of a smishing attack that resulted in the compromise of 27 accounts of its cloud customers. Software development company Retool revealed that 27 ... Pierluigi Paganini September 18, 2023 Data Breach FBI HACKER USDOD LEAKS HIGHLY SENSITIVE TRANSUNION DATA Researchers from vx-underground reported that FBI hacker 'USDoD' leaked sensitive data from consumer credit reporting agency TransUnion. TransUnion is an American consumer credit reporti ... Pierluigi Paganini September 18, 2023 APT NORTH KOREA'S LAZARUS APT STOLE ALMOST $240 MILLION IN CRYPTO ASSETS SINCE JUNE The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. According to a report published by blockchain cyber security f ... Pierluigi Paganini September 18, 2023 Cyber Crime CLOP GANG STOLEN DATA FROM MAJOR NORTH CAROLINA HOSPITALS Researchers at healthcare technology firm Nuance blame the Clop gang for a series of cyber thefts at major North Carolina hospitals. The Microsoft-owned healthcare technology firm N ... Pierluigi Paganini September 17, 2023 Data Breach CARDX RELEASED A DATA LEAK NOTIFICATION IMPACTING THEIR CUSTOMERS IN THAILAND One of Thailand's major digital financial platforms, CardX, recently disclosed a data leak that affected their customers. According to the statement published on the CardX official website on Sep ... Pierluigi Paganini September 17, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 437 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 17, 2023 Breaking News TIKTOK FINED €345M BY IRISH DPC FOR VIOLATING CHILDREN’S PRIVACY The Irish Data Protection Commission (DPC) fined TikTok €345 million ($368 million) for violating the privacy of children. The Irish Data Protection Commission (DPC) fined TikTok €345 million ... Pierluigi Paganini September 16, 2023 Cyber Crime DARIY PANKOV, THE NLBRUTE MALWARE AUTHOR, PLEADS GUILTY The Russian national Dariy Pankov, aka dpxaker, has pleaded guilty to conspiracy to commit wire and computer fraud. The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrut ... Pierluigi Paganini September 15, 2023 Security DANGEROUS PERMISSIONS DETECTED IN TOP ANDROID HEALTH APPS Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Cybernews has the story. The Android challenge In the digital ... Pierluigi Paganini September 15, 2023 Cyber Crime CAESARS ENTERTAINMENT PAID A RANSOM TO AVOID STOLEN DATA LEAKS Caesars Entertainment announced it has paid a ransom to avoid the leak of customer data stolen in a recent intrusion. Caesars Entertainment is the world's most geographically diversified casino-en ... Pierluigi Paganini September 15, 2023 Malware FREE DOWNLOAD MANAGER BACKDOORED TO SERVE LINUX MALWARE FOR MORE THAN 3 YEARS Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manag ... Pierluigi Paganini September 15, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG HIT THE CARTHAGE AREA HOSPITAL AND THE CLAYTON-HEPBURN MEDICAL CENTER IN NEW YORK LockBit ransomware group breached two hospitals, the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York. The Lockbit ransomware group claims to have hacked two major hospita ... Pierluigi Paganini September 14, 2023 Data Breach UK GREATER MANCHESTER POLICE DISCLOSED A DATA BREACH UK Greater Manchester Police (GMP) disclosed a data breach, threat actors had access to some of its employees' personal information. UK Greater Manchester Police (GMP) announced that threat actors ... Pierluigi Paganini September 14, 2023 Intelligence THE IPHONE OF A RUSSIAN JOURNALIST WAS INFECTED WITH THE PEGASUS SPYWARE The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group's Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with ... Pierluigi Paganini September 14, 2023 Hacking KUBERNETES FLAWS COULD LEAD TO REMOTE CODE EXECUTION ON WINDOWS ENDPOINTS Researchers discovered three security flaws in Kubernetes that can lead to remote code execution on Windows endpoints. Akamai researchers recently discovered a high-severity vulnerability in Kub ... Pierluigi Paganini September 14, 2023 Data Breach THREAT ACTOR LEAKS SENSITIVE DATA BELONGING TO AIRBUS The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company. The multinational aerospace corporation Airb ... Pierluigi Paganini September 14, 2023 Malware A NEW RANSOMWARE FAMILY CALLED 3AM APPEARS IN THE THREAT LANDSCAPE 3AM is a new strain of ransomware that was spotted in a single incident in which the threat actors failed to deploy the LockBit ransomware in the target infrastructure. Symantec’s Threat Hunte ... Pierluigi Paganini September 13, 2023 Hacking REDFLY GROUP INFILTRATED AN ASIAN NATIONAL GRID AS LONG AS SIX MONTHS A threat actor tracked as Redfly had infected the systems at a national grid located in an unnamed Asian country for six months starting in January. Symantec’s Threat Hunter Team discovered th ... Pierluigi Paganini September 13, 2023 Hacking MOZILLA FIXED A CRITICAL ZERO-DAY IN FIREFOX AND THUNDERBIRD Mozilla addressed a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in attacks in the wild. Mozilla rolled out security updates to address a critical ze ... Pierluigi Paganini September 13, 2023 Security MICROSOFT SEPTEMBER 2023 PATCH TUESDAY FIXED 2 ACTIVELY EXPLOITED ZERO-DAY FLAWS Microsoft September 2023 Patch Tuesday addressed 59 new flaws, including two vulnerabilities under active attack. Microsoft September 2023 Patch Tuesday security updates addressed 59 vulnerabiliti ... Pierluigi Paganini September 13, 2023 Cyber Crime SAVE THE CHILDREN CONFIRMS IT WAS HIT BY CYBER ATTACK The international non-governmental organization (NGO) Save the Children International was recently hit with a cyberattack. The charity organization Save the Children International revealed that it ... Pierluigi Paganini September 12, 2023 Security ADOBE FIXED ACTIVELY EXPLOITED ZERO-DAY IN ACROBAT AND READER Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild. Adobe Patch Tuesday security updates (APSB23-34) addresse ... Pierluigi Paganini September 12, 2023 Hacking A NEW REPOJACKING ATTACK EXPOSED OVER 4,000 GITHUB REPOSITORIES TO HACK A critical vulnerability in GitHub could have exposed more than 4,000 code packages to Repojacking attack. Checkmarx researchers discovered a new vulnerability in GitHub could have exposed over 4, ... Pierluigi Paganini September 12, 2023 Hacking MGM RESORTS HIT BY A CYBER ATTACK Hospitality and entertainment company MGM Resorts was hit by a cyber attack that shut down its systems at MGM Hotels and Casinos. Hospitality and entertainment company MGM Resorts was the victim o ... Pierluigi Paganini September 12, 2023 Hacking ANONYMOUS SUDAN LAUNCHED A DDOS ATTACK AGAINST TELEGRAM Anonymous Sudan launched a DDoS attack against Telegram after the company suspended the account of the group. The hacker collective Anonymous Sudan (aka Storm-1359) has launched a distributed deni ... Pierluigi Paganini September 12, 2023 APT IRANIAN CHARMING KITTEN APT TARGETS VARIOUS ENTITIES IN BRAZIL, ISRAEL, AND THE U.A.E. USING A NEW BACKDOOR Iran-linked APT group Charming Kitten used a previously undocumented backdoor named Sponsor in attacks against entities in Brazil, Israel, and the U.A.E. ESET researchers observed a series of a ... Pierluigi Paganini September 12, 2023 Hacking GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023 Google rolled out emergency security updates to address a new Chrome zero-day (CVE-2023-4863) actively exploited in the wild. Google rolled out emergency security updates to address a zero-day vul ... Pierluigi Paganini September 11, 2023 Security CISA ADDS RECENTLY DISCOVERED APPLE ZERO-DAYS TO KNOWN EXPLOITED VULNERABILITIES CATALOG U.S. CISA adds vulnerabilities in Apple devices exploited to install NSO Group's Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security ... Pierluigi Paganini September 11, 2023 Cyber Crime UK AND US SANCTIONED 11 MEMBERS OF THE RUSSIA-BASED TRICKBOT GANG The U.K. and U.S. governments sanctioned 11 more individuals who were alleged members of the Russia-based TrickBot cybercrime gang. The United States, in coordination with the United Kingdom, sanc ... Pierluigi Paganini September 11, 2023 Cyber Crime NEW HIJACKLOADER MALWARE IS RAPIDLY GROWING IN POPULARITY IN THE CYBERCRIME COMMUNITY Zscaler ThreatLabz detailed a new malware loader, named HijackLoader, which has grown in popularity over the past few months HijackLoader is a loader that is gaining popularity among the cybercrim ... Pierluigi Paganini September 11, 2023 Security SOME OF TOP UNIVERSITIES WOULDN’T PASS CYBERSECURITY EXAM: LEFT WEBSITES VULNERABLE CyberNews researchers discovered that many universities worldwide are leaking sensitive information and are even open to full takeover. Many universities worldwide, including some of the most pres ... Pierluigi Paganini September 11, 2023 Malware EVIL TELEGRAM CAMPAIGN: TROJANIZED TELEGRAM APPS FOUND ON GOOGLE PLAY Evil Telegram: a Trojanized version of the Telegram app was spotted on the Google Play Store, Kaspersky researchers reported. Researchers from Kaspersky discovered several Telegram mods on the Goo ... Pierluigi Paganini September 11, 2023 Cyber Crime RHYSIDA RANSOMWARE GANG CLAIMS TO HAVE HACKED THREE MORE US HOSPITALS Rhysida Ransomware group added three more US hospitals to the list of victims on its Tor leak site after the PROSPECT MEDICAL attack. Recently the Rhysida ransomware group made the headlines becau ... Pierluigi Paganini September 10, 2023 Cyber Crime AKAMAI PREVENTED THE LARGEST DDOS ATTACK ON A US FINANCIAL COMPANY Akamai announced it has mitigated the largest distributed denial-of-service (DDoS) attack on a U.S. financial company. Cybersecurity firm Akamai successfully identified and prevented a massive d ... Pierluigi Paganini September 10, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 436 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 10, 2023 Hacking US CISA ADDED CRITICAL APACHE ROCKETMQ FLAW TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG US CISA added critical vulnerability CVE-2023-33246 in Apache RocketMQ to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical ... Pierluigi Paganini September 09, 2023 Hacking RAGNAR LOCKER GANG LEAKS DATA STOLEN FROM THE ISRAEL'S MAYANEI HAYESHUA HOSPITAL The Ragnar Locker ransomware gang added Israel's Mayanei Hayeshua hospital to the list of victims on its Tor leak site The Ragnar Locker ransomware gang claimed responsibility for an attack on Isr ... Pierluigi Paganini September 09, 2023 Intelligence NORTH KOREA-LINKED THREAT ACTORS TARGET CYBERSECURITY EXPERTS WITH A ZERO-DAY North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-da ... Pierluigi Paganini September 08, 2023 Hacking ZERO-DAY IN CISCO ASA AND FTD IS ACTIVELY EXPLOITED IN RANSOMWARE ATTACKS A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adapti ... Pierluigi Paganini September 08, 2023 Security ZERO-DAYS FIXED BY APPLE WERE USED TO DELIVER NSO GROUP’S PEGASUS SPYWARE Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws ( ... Pierluigi Paganini September 08, 2023 Hacking APPLE DISCLOSES 2 NEW ACTIVELY EXPLOITED ZERO-DAY FLAWS IN IPHONES, MACS Apple rolled out emergency security updates to address two new actively exploited zero-day vulnerabilities impacting iPhones and Macs. The two Apple zero-day vulnerabilities, tracked as CVE-2023-4 ... Pierluigi Paganini September 07, 2023 Malware A MALVERTISING CAMPAIGN IS DELIVERING A NEW VERSION OF THE MACOS ATOMIC STEALER Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer. Malwarebytes researchers have observed a new malvertising campaign distr ... Pierluigi Paganini September 07, 2023 Hacking TWO FLAWS IN APACHE SUPERSET ALLOW TO REMOTELY HACK SERVERS A couple of security vulnerabilities in Apache SuperSet could be exploited by an attacker to gain remote code execution on vulnerable systems. Apache Superset is an open-source Data Visualizatio ... Pierluigi Paganini September 07, 2023 Hacking CHINESE CYBERSPIES OBTAINED MICROSOFT SIGNING KEY FROM WINDOWS CRASH DUMP DUE TO A MISTAKE Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. In July, Microsoft announced it had mitigated an attack ... Pierluigi Paganini September 07, 2023 Hacking GOOGLE ADDRESSED AN ACTIVELY EXPLOITED ZERO-DAY IN ANDROID Google released September 2023 Android security updates to address multiple flaws, including an actively exploited zero-day. Google released September 2023 Android security updates that address te ... Pierluigi Paganini September 06, 2023 Hacking A ZERO-DAY IN ATLAS VPN LINUX CLIENT LEAKS USERS' IP ADDRESS Experts warn of an Atlas VPN zero-day flaw impacting the Linux client that can reveal the user's IP address by visiting a website. A Reddit user with the handle 'Educational-Map-8145' published a ... Pierluigi Paganini September 06, 2023 Hacking MITRE AND CISA RELEASE CALDERA FOR OT ATTACK EMULATION MITRE and CISA released a Caldera extension for OT that allows the emulation of attacks on operational technology systems. MITRE Caldera is an open-source adversary emulation platform that helps c ... Pierluigi Paganini September 06, 2023 Internet of Things ASUS ROUTERS ARE AFFECTED BY THREE CRITICAL REMOTE CODE EXECUTION FLAWS Three critical remote code execution vulnerabilities in ASUS routers potentially allow attackers to hijack the network devices. ASUS routers RT-AX55, RT-AX56U_V2, and RT-AC86U are affected by thre ... Pierluigi Paganini September 06, 2023 Hacking HACKERS STOLE $41M WORTH OF CRYPTO ASSETS FROM CRYPTO GAMBLING FIRM STAKE Crypto gambling site Stake suffered a security breach, and threat actors withdrew $41M of funds stolen including Tether and Ether. Researchers reported abnormally large withdrawals made from the c ... Pierluigi Paganini September 05, 2023 Security FREECYCLE DATA BREACH IMPACTED 7 MILLION USERS The nonprofit organization Freecycle Network (Freecycle.org) confirmed that it has suffered a data breach that impacted more than 7 million users. The Freecycle Network (TFN,) is a private, nonpro ... Pierluigi Paganini September 05, 2023 Social Networks META DISRUPTED TWO INFLUENCE CAMPAIGNS FROM CHINA AND RUSSIA Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages. Meta announced it has taken down two of the largest known covert influ ... Pierluigi Paganini September 05, 2023 Hacking A MASSIVE DDOS ATTACK TOOK DOWN THE SITE OF THE GERMAN FINANCIAL AGENCY BAFIN A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down. A distributed denial-of-service (DDoS) attack took the site of the G ... Pierluigi Paganini September 05, 2023 Cyber Crime "SMISHING TRIAD" TARGETED USPS AND US CITIZENS FOR DATA THEFT Resecurity has identified a large-scale smishing campaign, tracked as Smishing Triad, targeting the US Citizens. Earlier episodes have revealed victims from the U.K., Poland, Sweden, Italy, Indon ... Pierluigi Paganini September 04, 2023 Hacking UNIVERSITY OF SYDNEY SUFFERED A SECURITY BREACH CAUSED BY A THIRD-PARTY SERVICE PROVIDER The University of Sydney (USYD) suffered a security breach caused by a third-party service provider that exposed personal information of recent applicants. The University of Sydney (USYD) announce ... Pierluigi Paganini September 04, 2023 Cyber Crime CYBERCRIME WILL COST GERMANY $224 BILLION IN 2023 Cybercrime will cost Germany 206 billion euros ($224 billion) in 2023, German digital association Bitkom told Reuters. According to the German digital association Bitkom, cybercrime will have a wo ... Pierluigi Paganini September 04, 2023 Hacking POC EXPLOIT CODE RELEASED FOR CVE-2023-34039 BUG IN VMWARE ARIA OPERATIONS FOR NETWORKS Researcher released PoC exploit code for a recent critical flaw (CVE-2023-34039) in VMware Aria Operations for Networks. At the end of August, VMware released security updates to address two vulne ... Pierluigi Paganini September 03, 2023 Breaking News SECURITY AFFAIRS NEWSLETTER ROUND 435 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly Securi ... Pierluigi Paganini September 03, 2023 Cyber Crime LOCKBIT RANSOMWARE GANG HIT THE COMMISSION DES SERVICES ELECTRIQUES DE MONTRÉAL (CSEM) The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM). The LockBit ransomware group continues to be one of the most active extortion gangs ... Pierluigi Paganini September 03, 2023 Hacking UNRAVELING ETERNALBLUE: INSIDE THE WANNACRY’S ENABLER WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you s ... Pierluigi Paganini September 01, 2023 Malware RESEARCHERS RELEASED A FREE DECRYPTOR FOR THE KEY GROUP RANSOMWARE Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption ... Pierluigi Paganini September 01, 2023 Data Breach FASHION RETAILER FOREVER 21 DATA BREACH IMPACTED +500,000 INDIVIDUALS Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cybe ... Pierluigi Paganini August 31, 2023 Cyber warfare RUSSIA-LINKED HACKERS TARGET UKRAINIAN MILITARY WITH INFAMOUS CHISEL ANDROID MALWARE Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. GCHQ’s National Cyber Security Centre and international partn ... Pierluigi Paganini August 31, 2023 Cyber Crime AKIRA RANSOMWARE GANG TARGETS CISCO ASA WITHOUT MULTI-FACTOR AUTHENTICATION Experts warn of ongoing credential stuffing and brute-force attacks targeting Cisco ASA (Adaptive Security Appliance) SSL VPNs. Cisco is aware of attacks conducted by Akira ransomware threat actor ... Pierluigi Paganini August 31, 2023 Data Breach PARAMOUNT GLOBAL DISCLOSED A DATA BREACH Multinational mass media conglomerate Paramount Global suffered a data breach after an unauthorized party accessed files from certain of its systems. Multinational mass media conglomerate Paramoun ... Pierluigi Paganini August 31, 2023 Security NATIONAL SAFETY COUNCIL DATA LEAK: CREDENTIALS OF NASA, TESLA, DOJ, VERIZON, AND 2K OTHERS LEAKED BY WORKPLACE SAFETY ORGANIZATION The National Safety Council leaked thousands of emails and passwords of their members, including companies such as NASA and Tesla. The National Safety Council has leaked nearly 10,000 emails and p ... Pierluigi Paganini August 31, 2023 Hacking ABUSING WINDOWS CONTAINER ISOLATION FRAMEWORK TO AVOID DETECTION BY SECURITY PRODUCTS Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conferen ... Pierluigi Paganini August 31, 2023 Security CRITICAL RCE FLAW IMPACTS VMWARE ARIA OPERATIONS NETWORKS VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution. VMware has released security updates to address two ... Pierluigi Paganini August 30, 2023 APT UNC4841 THREAT ACTORS HACKED US GOVERNMENT EMAIL SERVERS EXPLOITING BARRACUDA ESG FLAW China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. In June, Mandiant researchers linked the threat actor UNC4841 to the attacks ... Pierluigi Paganini August 29, 2023 Intelligence HACKERS INFILTRATED JAPAN’S NATIONAL CENTER OF INCIDENT READINESS AND STRATEGY FOR CYBERSECURITY (NISC) FOR MONTHS Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has been infiltrated for months. Threat actors have infiltrated Japan’s National Center of Incident Readines ... Pierluigi Paganini August 29, 2023 Hacking FIN8-LINKED ACTOR TARGETS CITRIX NETSCALER SYSTEMS A financially motivated actor linked to the FIN8 group exploits the CVE-2023-3519 RCE in attacks on Citrix NetScaler systems in massive attacks. Sophos X-Ops is tracking an ongoing campaign, which ... Pierluigi Paganini August 29, 2023 Hacking JAPAN'S JPCERT WARNS OF NEW 'MALDOC IN PDF' ATTACK TECHNIQUE Japan's JPCERT warns of a new recently detected 'MalDoc in PDF' attack that embeds malicious Word files into PDFs. Japan's computer emergency response team (JPCERT) has recently observed a new att ... Pierluigi Paganini August 29, 2023 Hacking ATTACKERS CAN DISCOVER IP ADDRESS BY SENDING A LINK OVER THE SKYPE MOBILE APP A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a targ ... Pierluigi Paganini August 28, 2023 Security CISCO FIXES 3 HIGH-SEVERITY DOS FLAWS IN NX-OS AND FXOS SOFTWARE Cisco addressed three high-severity flaws in NX-OS and FXOS software that could cause denial-of-service (DoS) conditions. Cisco this week addressed multiple flaws in its products, including three ... Pierluigi Paganini August 27, 2023 Hacking CLOUD AND HOSTING PROVIDER LEASEWEB TOOK DOWN CRITICAL SYSTEMS AFTER A CYBER ATTACK The cloud and hosting provider Leaseweb suffered a security breach that impacted some "critical" systems of the company. Global hosting and cloud services provider Leaseweb has disabled some "crit ... Pierluigi Paganini August 26, 2023 Cyber Crime CRYPTO INVESTOR DATA EXPOSED BY A SIM SWAPPING ATTACK AGAINST A KROLL EMPLOYEE Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees. Security consulting firm Kroll revealed that a SIM-swappin ... Pierluigi Paganini August 26, 2023 APT CHINA-LINKED FLAX TYPHOON APT TARGETS TAIWAN China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cy ... Pierluigi Paganini August 25, 2023 Breaking News RESEARCHERS RELEASED POC EXPLOIT FOR IVANTI SENTRY FLAW CVE-2023-38035 Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti ... Pierluigi Paganini August 24, 2023 Security RESECURITY IDENTIFIED A ZERO-DAY VULNERABILITY IN SCHNEIDER ELECTRIC ACCUTECH MANAGER Resecurity researchers identified a zero-day Buffer Overflow vulnerability in the Schneider Electric Accutech Manager product. Resecurity identified a zero-day vulnerability in the Schneider Elec ... Pierluigi Paganini July 11, 2023 Next To contact me write an email to: Pierluigi Paganini : pierluigi.paganini@securityaffairs.co LEARN MORE QUICK LINKS * Home * Cyber Crime * Cyber warfare * APT * Data Breach * Deep Web * Digital ID * Hacking * Hacktivism * Intelligence * Internet of Things * Laws and regulations * Malware * Mobile * Reports * Security * Social Networks * Terrorism * ICS-SCADA * POLICIES * Contact me Copyright@securityaffairs 2024 We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent. Cookie SettingsAccept All Manage consent Close PRIVACY OVERVIEW This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities... Necessary Necessary Always Enabled Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information. Non-necessary Non-necessary Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website. SAVE & ACCEPT