Security Affairs - German encrypted email service Tutanota suffers DDoS attacks
The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. The company currently has over 2 million users, some of them were not […]
The post German encrypted email service Tutanota suffers DDoS attacks appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug
Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network. Mozilla has addressed a vulnerability that can be abused by attackers to hijack all the Firefox for Android browsers on the same WiFi network and force them to visit malicious sites, […]
The post Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Twitter announces measures to protect accounts of people involved in 2020 Presidential election
Twitter announced that it will adopt new security measures to protect high-profile accounts during the upcoming election in the United States. Twitter announced new measures to protect high-profile accounts during the upcoming US Presidential election. The types of accounts that are in this designated group are: US Executive Branch and Congress US Governors and Secretaries […]
The post Twitter announces measures to protect accounts of people involved in 2020 Presidential election appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA
Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Rampant Kitten has been active at least since 2014 and was involved in […]
The post Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Chinese hackers stole info from Spanish centers working on Covid19 vaccine
Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19, El Pais newspaper revealed. The El Pais newspaper reported that Chinese hackers have stolen information from Spanish laboratories working on a vaccine for COVID19. While pharmaceutical companies worldwide are working on the research of a vaccine for the ongoing COVID19 pandemic, […]
The post Chinese hackers stole info from Spanish centers working on Covid19 vaccine appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - US DoJ charges Iranian hackers for attacks on US satellite companies
The US Department of Justice announced the indictment of three Iranian hackers for hacking US aerospace and satellite companies. Three Iranian hackers residing in Iran have been indicted for stealing data from aerospace and satellite tracking companies. The hackers were employed in a coordinated campaign of identity theft and hacking on behalf of Iran’s Islamic […]
The post US DoJ charges Iranian hackers for attacks on US satellite companies appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Ransomware en masse on the wane: top threats inside web-phishing in H1 2020
Web-phishing targeting various online services almost doubled during the COVID-19 pandemic, it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 — Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. It came as no […]
The post Ransomware en masse on the wane: top threats inside web-phishing in H1 2020 appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - CISA Named Top-Level Root CVE Numbering Authority (CNA)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA). The US Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA), it will be overseeing CNAs in assigning CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices. […]
The post CISA Named Top-Level Root CVE Numbering Authority (CNA) appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Maze ransomware uses Ragnar Locker virtual machine technique
The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. This technique was first adopted by Ragnar Locker gang in […]
The post Maze ransomware uses Ragnar Locker virtual machine technique appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Drupal addressed XSS and information disclosure flaws
Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) flaws in the popular content management system (CMS). Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) vulnerabilities in the popular content management system (CMS). The most severe issue, tracked as CVE-2020-13668, is a critical reflected XSS issue affecting Drupal 8 and 9. Let’s remind that Drupal uses […]
The post Drupal addressed XSS and information disclosure flaws appeared first on Security Affairs.
Le 2020-09-20
Security Affairs - Major Duesseldorf hospital infected with ransomware, patient died for consequences
A major hospital in Duesseldorf was hit by a cyber attack, a woman who needed urgent admission died after she had to be hijacked to another city. The news is shocking, German authorities revealed that a cyber attack hit a major hospital in Duesseldorf, the Duesseldorf University Clinic, and a woman who needed urgent admission […]
The post Major Duesseldorf hospital infected with ransomware, patient died for consequences appeared first on Security Affairs.
Le 2020-09-18
Security Affairs - SunCrypt ransomware operators leak data of University Hospital New Jersey
University Hospital New Jersey (UHNJ) has suffered a ransomware attack, SunCrypt ransomware operators also leaked the data they have stolen. Systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked it online. The incident took place in September. The UHNJ is […]
The post SunCrypt ransomware operators leak data of University Hospital New Jersey appeared first on Security Affairs.
Le 2020-09-18
Security Affairs - APT41 actors charged for attacks on more than 100 victims globally
US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. The United States Department of Justice this week announced indictments against five Chinese nationals believed to be members of the cyber-espionage group known as APT41 (Winnti, Barium, Wicked Panda and Wicked Spider). US authorities are […]
The post APT41 actors charged for attacks on more than 100 victims globally appeared first on Security Affairs.
Le 2020-09-18
Security Affairs - Source code of Cerberus banking Trojan leaked on underground forums
The source code of the infamous Cerberus banking Trojan has been released for free on underground hacking forums following a failed auction. The author of the Cerberus banking Trojan has released the source code of the malware on underground hacking forums following a failed auction. In July, the authors of the notorious Cerberus Android banking trojan auctioned […]
The post Source code of Cerberus banking Trojan leaked on underground forums appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - NSA publishes guidance on UEFI Secure Boot customization
The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations. The Unified Extensible Firmware Interface (UEFI) is a specification that defines […]
The post NSA publishes guidance on UEFI Secure Boot customization appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - US CISA report shares details on web shells used by Iranian hackers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report (MAR) that includes technical details about web shells employed by Iranian hackers. A web shell is a code, often written in typical web development programming languages (e.g., ASP, PHP, JSP), that attackers implant on web servers to gain remote access and code […]
The post US CISA report shares details on web shells used by Iranian hackers appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - New MrbMiner malware infected thousands of MSSQL DBs
A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. According to security firm Tencent, the team of […]
The post New MrbMiner malware infected thousands of MSSQL DBs appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - Microsoft open-sourced its Project OneFuzz fuzzing framework for Azure
Microsoft released the Project OneFuzz, an open-source fuzzing framework for its cloud computing service Azure. Microsoft this week announced the release of the Project OneFuzz which is an open-source fuzzing framework for its cloud computing service Azure. The project was previously used by the IT giant to find vulnerabilities in the popular service. “Today, we’re […]
The post Microsoft open-sourced its Project OneFuzz fuzzing framework for Azure appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - Out-of-band security update fixes Adobe Media Encoder issu
Adobe has released an out-of-band security update to address three ‘Important’ security vulnerabilities in the Adobe Media Encoder. Adobe has released an out-of-band security update for Adobe Media Encoder that addresses three ‘Important’ Information Disclosure flaws. The three vulnerabilities could be exploited by an attacker to access sensitive information that is leaked in the security […]
The post Out-of-band security update fixes Adobe Media Encoder issu appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - Experts warn of surge in DDoS attacks targeting education institutions
Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. While the popularity of online learning is increasing due to the ongoing Coronavirus pandemic, threat actors are launching distributed denial-of-service (DDoS) on education institutions and the academic industry across the world. The DDoS attacks are causing […]
The post Experts warn of surge in DDoS attacks targeting education institutions appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - UK NCSC releases the Vulnerability Disclosure Toolkit
The British National Cyber Security Centre (NCSC) released a guideline, dubbed The Vulnerability Disclosure Toolkit, for the implementation of a vulnerability disclosure process. The UK National Cyber Security Centre (NCSC) has released a guideline, dubbed The Vulnerability Disclosure Toolkit, on how to implement a vulnerability disclosure process. The guidelines highlight the importance for any organization […]
The post UK NCSC releases the Vulnerability Disclosure Toolkit appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange
CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. CISA published a security advisory warning of a wave of attacks carried out by China-linked APT groups affiliated with China’s Ministry of State Security. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking […]
The post China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - Thousands of Magento stores hacked in a few days in largest-ever skimming campaign
Thousands of Magento online stores have been hacked over the past few days as part of the largest ever skimming campaign. Security experts from cybersecurity firm Sansec reported that nearly 2,000 Magento online stores have been hacked over the past few days as part of the largest ever Magecart-style campaign. Most of the hacked sites […]
The post Thousands of Magento stores hacked in a few days in largest-ever skimming campaign appeared first on Security Affairs.
Le 2020-09-17
Security Affairs - Staples discloses data breach exposing customer order data
Giant office retail company Staples disclosed a data breach, threat actors accessed some of its customers’ order data. Staples, the office retail giant, disclosed a data breach, it notified its customers that their order data have been accessed by threat actors without authorization. The office retail giant sent out a data breach notification letter to the […]
The post Staples discloses data breach exposing customer order data appeared first on Security Affairs.
Le 2020-09-15
Security Affairs - Zerologon attack lets hackers to completely compromise a Windows domain
Zerologon attack allows threat actors to take over enterprise networks by exploiting the CVE-2020-1472 patched in the August 2020 Patch Tuesday. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday as soon as possible to protect their systems from Zerologon attack that exploits the CVE-2020-1472. The CVE-2020-1472 flaw is an elevation of privilege […]
The post Zerologon attack lets hackers to completely compromise a Windows domain appeared first on Security Affairs.
Le 2020-09-15
Security Affairs - Popular Marketing Tool exposes data of users of dating sites
Personal details of hundreds of users of dating sites were exposed online earlier this month. An Elasticsearch server containing personal details of hundreds of thousands of dating site users were exposed online without authentication. The unsecured database was discovered by security researchers from vpnMentor at the end of August. “vpnMentor’s research team recently received a report from […]
The post Popular Marketing Tool exposes data of users of dating sites appeared first on Security Affairs.
Le 2020-09-15
Security Affairs - CIRWA Project tracks ransomware attacks on critical infrastructure
Researchers from Temple University have been tracking ransomware attacks on critical infrastructure all over the world. A team of researchers at Temple University in Philadelphia has presented a project named CIRWA (repository of critical infrastructure ransomware attacks) that aims at tracking ransomware attacks on critical infrastructure worldwide. The project was launched in September 2019 and […]
The post CIRWA Project tracks ransomware attacks on critical infrastructure appeared first on Security Affairs.
Le 2020-09-15
Security Affairs - Fairfax County Public Schools hit by Maze ransomware
Fairfax County Public Schools (FCPS), one of the largest school divisions in the US, was hit by Maze ransomware operators. Fairfax County Public Schools (FCPS) was victim of an attack carried out by the Maze ransomware operators. FCPS is one of the largest school districts in the US with an approved budget of $3.2 billion […]
The post Fairfax County Public Schools hit by Maze ransomware appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Security Affairs newsletter Round 281
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Visa warns of new sophisticated credit card skimmer dubbed Baka WhatsApp discloses six previously undisclosed flaws Chilean bank BancoEstado hit by REVil ransomware Epic Manchego gang uses Excel docs that […]
The post Security Affairs newsletter Round 281 appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Gaming hardware manufacturer Razer suffered a data leak
Gaming hardware manufacturer Razer suffered a data leak, an unsecured database managed by the company containing gamers’ info was exposed online. Gaming hardware manufacturer Razer has suffered a data leak, this is the discovery made by the security researcher Bob Diachenko. The expert discovered an unsecured database that exposed the information of approximately 100,000 individuals who purchased […]
The post Gaming hardware manufacturer Razer suffered a data leak appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Bank of Seychelles hit by a ransomware attack
The Development Bank of Seychelles (DBS) was hit by a ransomware attack disclose the Central Bank of Seychelles (CBS). The Central Bank of Seychelles (CBS) disclosed via a press statement that the Development Bank of Seychelles (DBS) was hit by a ransomware attack. DBS is a joint venture by the Seychelles government and some shareholders including […]
The post Bank of Seychelles hit by a ransomware attack appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years
The INVDoS (Bitcoin Inventory Out-of-Memory Denial-of-Service)Attack would have allowed hackers to crash Bitcoin nodes and alternative chains. Two years ago, the Bitcoin protocol engineer Braydon Fuller. discovered a major uncontrolled memory resource consumption denial-of-service vulnerability (INVDoS), tracked as CVE-2018-17145, that affected the peer-to-peer network code of three implementations of Bitcoin and other blockchains, including Litecoin, Namecoin, […]
The post INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Malàsmoke gang could infect your PC while you watch porn sites
A cybercrime group named Malàsmoke has been targeting porn sites over the past months with malicious ads redirecting users to exploit kits. A cybercrime group named Malàsmoke has been targeting porn sites over the past months, it is placing malicious ads on adult-themed websites to redirect users to exploit kits and deliver malware. According to […]
The post Malàsmoke gang could infect your PC while you watch porn sites appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Threat actors target WordPress sites using vulnerable File Manager install
Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager. Researchers from WordPress security company Defiant observed a surge in the number of attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager. In early September, experts reported that hackers were actively exploiting a critical remote […]
The post Threat actors target WordPress sites using vulnerable File Manager install appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Iran denies any involvement in the attack against 2020 US election
The Iranian government denies Microsoft’s allegations related to the alleged attacks against individuals involved in the upcoming 2020 US presidential election. Microsoft announced to have detected a new wave of attacks carried out by Chinese, Iranian, and Russian state-sponsored hackers against the US election. Threat actors had tried to compromise email accounts belonging to people […]
The post Iran denies any involvement in the attack against 2020 US election appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Great news, now you can protect your Zoom account with 2FA
Zoom has implemented two-factor authentication (2FA) to protect all user accounts against security breaches and other cyber attacks. Zoom has announced finally implemented the two-factor authentication (2FA) to protect all user accounts from unauthorized accesses. This is a great news due to the spike in the popularity of the communication software during the ongoing COVID-19 pandemic. […]
The post Great news, now you can protect your Zoom account with 2FA appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Decrypting TLS connections with new Raccoon Attack
Boffins devised a new timing attack, dubbed Raccoon that could be exploited by threat actors to decrypt TLS-protected communications. Security researchers from universities in Germany and Israel have disclosed the details of a new timing attack, dubbed Raccoon, that could allow malicious actors to decrypt TLS-protected communications. The timing vulnerability resides in the Transport Layer […]
The post Decrypting TLS connections with new Raccoon Attack appeared first on Security Affairs.
Le 2020-09-14
Security Affairs - Chinese, Iranian, and Russian APT groups target 2020 US election
Microsoft reveals that state-sponsored hackers had tried to breach email accounts belonging to people involved in the US election. Microsoft announced to have detected a new wave of attacks carried out by Chinese, Iranian, and Russian state-sponsored hackers against the US election. Threat actors had tried to compromise email accounts belonging to people associated with […]
The post Chinese, Iranian, and Russian APT groups target 2020 US election appeared first on Security Affairs.
Le 2020-09-12
Security Affairs - Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS
Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. Palo Alto Networks has released security updates to patch critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. The most severe flaw is a buffer overflow issue can be exploited […]
The post Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS appeared first on Security Affairs.
Le 2020-09-12
Security Affairs - Colocation data centers giant Equinix data hit by Netwalker Ransomware
Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker Ransomware. Equinix, one of the leaders in the global colocation data center market share, with 205 data centers in 25 countries on five continents, was hit by Netwalker ransomware operators. The popular cybercrime gang is demanding a […]
The post Colocation data centers giant Equinix data hit by Netwalker Ransomware appeared first on Security Affairs.
Le 2020-09-12
Security Affairs - CDRThief Linux malware steals VoIP metadata from Linux softswitches
ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). Security experts from ESET discovered a new piece of malware, tracked as CDRThief, that targets the Linux VoIP platform, Linknat VOS2009/3000 softswitches, to steal call data records (CDR) from telephone exchange equipment. […]
The post CDRThief Linux malware steals VoIP metadata from Linux softswitches appeared first on Security Affairs.
Le 2020-09-12
Security Affairs - BLURtooth flaw allows attacking Bluetooth encryption process
Bluetooth 4.0 through 5.0 versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. A vulnerability dubbed BLURtooth affects certain implementations of Bluetooth 4.0 through 5.0 affects “dual-mode” Bluetooth devices, like modern smartphones. The vulnerability could be exploited by attackers to overwrite or lower the strength of the pairing key, […]
The post BLURtooth flaw allows attacking Bluetooth encryption process appeared first on Security Affairs.
Le 2020-09-12
Security Affairs - Hackers stole $5.4 million from cryptocurrency exchange ETERBASE
Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 million. Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 million. The company disclosed the hack on Thursday, threat actors have stolen various cryptocurrencies from its hot wallets, it […]
The post Hackers stole $5.4 million from cryptocurrency exchange ETERBASE appeared first on Security Affairs.
Le 2020-09-12
Security Affairs - SeaChange video delivery provider discloses REVIL ransomware attack
US-based supplier of video delivery software solutions, SeaChange International, revealed that a ransomware attack disrupted its operations in Q1 2020. SeaChange International, a US-based supplier of video delivery software solutions, revealed that a ransomware attack has disrupted its operations during the first quarter of 2020. SeaChange’s customers include major organizations such as BBC, Cox, Verizon, […]
The post SeaChange video delivery provider discloses REVIL ransomware attack appeared first on Security Affairs.
Le 2020-09-11
Security Affairs - Netwalker ransomware hit K-Electric, the major Pakistani electricity provider
K-Electric, the electricity provider for the city of Karachi, Pakistan, was hit by a Netwalker ransomware attack that blocked billing and online services. K-Electric, the electricity provider for Karachi (Pakistan) is another victim of the Netwalker ransomware gang, the infection disrupted billing and online services. K-Electric (KE) (formerly known as Karachi Electric Supply Company / […]
The post Netwalker ransomware hit K-Electric, the major Pakistani electricity provider appeared first on Security Affairs.
Le 2020-09-10
Security Affairs - France, Japan, and New Zealand warn of a surgein Emotet attacks
Cybersecurity agencies from multiple countries are warning of the surge of Emotet attacks targeting the private sector and public administration entities. Cybersecurity agencies across Asia and Europe are warning of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of a significant increase […]
The post France, Japan, and New Zealand warn of a surgein Emotet attacks appeared first on Security Affairs.
Le 2020-09-10
Security Affairs - Microsoft September 2020 Patch Tuesday addresses 129 flaws
Microsoft September 2020 Patch Tuesday security updates address 129 vulnerabilities, including twenty critical remote code execution issues. Microsoft September 2020 Patch Tuesday security updates address 129 vulnerabilities in Microsoft products across 15 products (Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), ChakraCore, Internet Explorer (IE), SQL Server, Office and Office Services and Web Apps, Microsoft Dynamics, Visual Studio, […]
The post Microsoft September 2020 Patch Tuesday addresses 129 flaws appeared first on Security Affairs.
Le 2020-09-10
Security Affairs - Adobe fixes critical flaws in Adobe InDesign, Framemaker, and Experience Manager
Adobe has released security updates to address 12 critical vulnerabilities in Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. Adobe has released security updates to address twelve critical vulnerabilities that could be exploited by attackers to execute arbitrary code on systems running vulnerable versions of Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. “Adobe has […]
The post Adobe fixes critical flaws in Adobe InDesign, Framemaker, and Experience Manager appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Expert found multiple critical issues in MoFi routers
Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. The researchers Rich Mirch from CRITICALSTART discovered ten vulnerabilities MOFI4500 MoFi Network routers. The expert reported the issues to the vendor in May but some of the flaws have yet to be patched. Most of […]
The post Expert found multiple critical issues in MoFi routers appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Newcastle University infected with DoppelPaymer Ransomware
UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. UK research university Newcastle University was infected with the DoppelPaymer ransomware, in response to the incident it was forced to take systems offline on the morning of August 30th. The Newcastle University did not provide […]
The post Newcastle University infected with DoppelPaymer Ransomware appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - France national cyber-security agency warns of a surge in Emotet attacks
The French national cyber-security agency warns of a surge in Emotet attacks targeting the private sector and public administration entities. The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least […]
The post France national cyber-security agency warns of a surge in Emotet attacks appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Chilean bank BancoEstado hit by REVil ransomware
Chilean bank BancoEstado, one of the country’s biggest banks, was forced to shut down all branches following a ransomware attack. Chilean bank BancoEstado, one of the country’s biggest banks, was hit with a ransomware attack that forced its branches to remain closed since September 7. The ransomware encrypted most of the company servers and workstations. […]
The post Chilean bank BancoEstado hit by REVil ransomware appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Russian national indicted for attempting to recruit Tesla employee to install malware
US authorities have indicted a Russian national for conspiring to recruit a Tesla employee to install malware onto the company’s infrastructure. Russian national Egor Igorevich Kriuchkov (27) has been indicted in the United States for conspiring to recruit a Tesla employee to install malware onto the company’s network. In August, US authorities arrested the Russian […]
The post Russian national indicted for attempting to recruit Tesla employee to install malware appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - US Federal systems must be covered by vulnerability-disclosure policies by March 2021
A new Cybersecurity and Infrastructure Security Agency (CISA) mandate requires U.S. agencies to implement vulnerability-disclosure policies by March 2021. The U.S. government’s cybersecurity agency CISA has issued a mandate that requires federal agencies to implement vulnerability-disclosure policies (VDPs) by March 2021. The main purpose of vulnerability-disclosure policies is to ensure that required information, other than […]
The post US Federal systems must be covered by vulnerability-disclosure policies by March 2021 appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Epic Manchego gang uses Excel docs that avoid detection
A recently discovered cybercrime gang, tracked as Epic Manchego, is using a new technique to create weaponized Excel files that are able to bypass security checks Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since […]
The post Epic Manchego gang uses Excel docs that avoid detection appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Netwalker Ransomware hit Argentina’s official immigration agency
Argentina’s official immigration agency, Dirección Nacional de Migraciones, is the last victim of the Netwalker ransomware operators. Argentina’s official immigration agency, Dirección Nacional de Migraciones, was hit by a Netwalker ransomware attack that caused the interruption of the border crossing into and out of the country for four hours. The ransomware operators also exfiltrated sensitive […]
The post Netwalker Ransomware hit Argentina’s official immigration agency appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Visa warns of new sophisticated credit card skimmer dubbed Baka
Visa issued a warning regarding a new credit card JavaScript skimmer, tracked as Baka, that implements new features to evade detection. Visa issued a warning regarding a new e-skimmer known as Baka that removes itself from memory after having exfiltrating payment card details. The e-skimmer was first spotted by experts with Visa’s Payment Fraud Disruption […]
The post Visa warns of new sophisticated credit card skimmer dubbed Baka appeared first on Security Affairs.
Le 2020-09-09
Security Affairs - Security Affairs newsletter Round 280
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Emotet botnet has begun to use a new ‘Red Dawn template Malicious npm package ‘fallguys removed from the official repository US DoJ wants the funds stored by North Korea in […]
The post Security Affairs newsletter Round 280 appeared first on Security Affairs.
Le 2020-09-07
Security Affairs - WhatsApp discloses six previously undisclosed flaws
WhatsApp addressed six previously undisclosed flaws in its app and disclosed them on a new dedicated security advisory site. WhatsApp announced more transparency about the vulnerabilities affecting its app and will publicly disclose them to the users. The company addressed six previously undisclosed flaws in its app and disclosed them on a new dedicated web site. Some […]
The post WhatsApp discloses six previously undisclosed flaws appeared first on Security Affairs.
Le 2020-09-07
Security Affairs - A full replacement of all Huawei and ZTE hardware on American wireless networks will cost $1.837bn
The US Federal Communications Commission (FCC) estimates the cost of a full replacement of all Huawei and ZTE hardware on American wireless networks at $1.837bn. A report published by the US Federal Communications Commission (FCC) revealed that performing a full replacement of all Huawei and ZTE equipment on American wireless networks will cost $1.837bn in […]
The post A full replacement of all Huawei and ZTE hardware on American wireless networks will cost $1.837bn appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - Hackers use overlay screens on legitimate sites to steal Outlook credentials
Experts spotted a phishing campaign that employees overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the victims. Researchers from Cofense discovered a phishing campaign that uses overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the targets. The overlay screens are displayed on top of legitimate webpages to […]
The post Hackers use overlay screens on legitimate sites to steal Outlook credentials appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - FBI issued a second flash alert about ProLock ransomware in a few months
FBI issued a second flash alert about ProLock ransomware stealing data, four months after the first advisory published by the feds on the same threat. The FBI has issued the 20200901-001 Private Industry Notification about ProLock ransomware stealing data on September 1st. The fresh alert is the second one related to this threat, the first […]
The post FBI issued a second flash alert about ProLock ransomware in a few months appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - SunCrypt Ransomware behind North Carolina school district data breach
A school district in North Carolina disclosed a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The Haywood County School district in North Carolina has suffered a data breach after having unencrypted files stolen during a SunCrypt Ransomware attack. The ransomware attack took place on August 24th, 2020, but at the […]
The post SunCrypt Ransomware behind North Carolina school district data breach appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - U.S. Department of Defense discloses details about critical and high severity issues
The U.S. Department of Defense has disclosed the details about four critical and high severity vulnerabilities in its infrastructure. The U.S. Department of Defense has disclosed details of four vulnerabilities in its infrastructure, two high severity rating issues and other two critical flaws. The vulnerabilities could be exploited by threat actors to hijack a subdomain, […]
The post U.S. Department of Defense discloses details about critical and high severity issues appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - Warner Music Group online stores hit by look-like Magecart attack
Warner Music Group (WMG) disclosed a data breach affecting US-based e-commerce stores, the compromise appears to be a Magecart attack. Warner Music Group (WMG) is a major music company with interests in recorded music, music publishing and artist services. The company has disclosed a data breach that impacted customers’ personal and financial information, the incident […]
The post Warner Music Group online stores hit by look-like Magecart attack appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - Evilnum APT used Python-based RAT PyVil in recent attacks
The Evilnum APT group has added a new weapon to its arsenal, it is a Python-based spy RAT, dubbed PyVil, designed to target FinTech organizations. The Evilnum APT group was first spotted in 2018 while using the homonym malware. Over the years, the group added new tools to its arsenal, including custom and homemade malware […]
The post Evilnum APT used Python-based RAT PyVil in recent attacks appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - The Twitter account of Indian Prime Minister Modi was hacked
The Twitter account of the Indian Prime Minister Modi was hacked, attackers sent a series of tweets asking followers to donate cryptocurrency to a relief fund. The Twitter account for the personal website of the Indian Prime Minister Narendra Modi (@narendramodi_in) has been hacked. The hackers have sent a series of tweets asking the followers […]
The post The Twitter account of Indian Prime Minister Modi was hacked appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - Online marketing company exposes 38+ million US citizen records
CyberNews researchers discovered an unsecured data bucket that belongs to View Media containing close to 39 million US citizen records. Original post: https://cybernews.com/security/online-marketing-company-exposes-data-of-millions-americans/ The CyberNews research team discovered an unsecured data bucket that belongs to View Media, an online marketing company. The bucket contains close to 39 million US citizen records, including their full names, […]
The post Online marketing company exposes 38+ million US citizen records appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - Is the Belarusian government behind the surveillance Android app banned by Google?
Google has removed an app from the Play Store that was used by the Belarusian government to spy on anti-government protesters. Google has removed the app NEXTA LIVE (com.moonfair.wlkm) from the official Play Store because it was used by the Belarusian government to spy on anti-government protesters. The malicious app remained in the store for almost […]
The post Is the Belarusian government behind the surveillance Android app banned by Google? appeared first on Security Affairs.
Le 2020-09-06
Security Affairs - Cyber Defense Magazine – September 2020 has arrived. Enjoy it!
Cyber Defense Magazine September 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 150 pages of excellent content. 150 Pages Loaded with excellent content Learn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings […]
The post Cyber Defense Magazine – September 2020 has arrived. Enjoy it! appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - AlphaBay dark web marketplace moderator was sentenced to 11 years of prison time
Bryan Connor Herrell (25) from Colorado, was sentenced to 11 years of prison time for being one of the moderators on the dark web marketplace AlphaBay. Bryan Connor Herrell (25) from Colorado, was sentenced to 11 years of prison time for being one of the moderators on the popular dark web marketplace AlphaBay. “A Colorado man was […]
The post AlphaBay dark web marketplace moderator was sentenced to 11 years of prison time appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - Cisco addresses critical code execution flaw in Cisco Jabber for Windows
Cisco addressed a critical remote code execution vulnerability affecting multiple versions of its Cisco Jabber for Windows operating system. Cisco has addressed a critical severity remote code execution flaw, tracked as CVE-2020-3495, that affects multiple versions of Cisco Jabber for Windows. Cisco Jabber for Windows is a desktop collaboration client that integrates users with presence, audion, video […]
The post Cisco addresses critical code execution flaw in Cisco Jabber for Windows appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - Hackers are actively exploiting critical RCE in WordPress sites using File Manager plugin
Hackers actively exploiting a critical remote code execution vulnerability in the File Manager plugin, over 300,000 WordPress sites potentially exposed. Hackers are actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable versions of the plugin. […]
The post Hackers are actively exploiting critical RCE in WordPress sites using File Manager plugin appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - Hackers use e-skimmer that exfiltrates payment data via Telegram
Researchers observed a new tactic adopted by Magecart groups, the hackers used Telegram to exfiltrate stolen payment details from compromised websites. Researchers from Malwarebytes reported that Magecart groups are using the encrypted messaging service Telegram to exfiltrate stolen payment details from compromised websites. Attackers encrypt payment data to make identification more difficult before transferring it […]
The post Hackers use e-skimmer that exfiltrates payment data via Telegram appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - New KryptoCibule Windows Trojan spreads via malicious torrents
Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The malware has been active since at least December 2018, it targets cryptocurrency […]
The post New KryptoCibule Windows Trojan spreads via malicious torrents appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - MAGMI Magento plugin flaw allows remote code execution on a vulnerable site
Researchers discovered multiple vulnerabilities in the MAGMI Magento plugin that could lead to remote code execution on a vulnerable Magento site. Tenable published a research advisory for two vulnerabilities impacting the Magento Mass Import (MAGMI) plugin. The flaws were discovered by Enguerran Gillier of the Tenable Web Application Security Team. MAGMI is a Magento database […]
The post MAGMI Magento plugin flaw allows remote code execution on a vulnerable site appeared first on Security Affairs.
Le 2020-09-04
Security Affairs - Norway ‘s Parliament, Stortinget, discloses a security breach
Hackers breached Norway ‘s Parliament, Stortinget, and accessed to email for a small number of parliamentary representatives and employees. Norway’s parliament announced Tuesday that it was the target of a major cyber-attack that allowed hackers to access emails and data of a small number of parliamentary representatives and employees. “The parliament has recently been targetted […]
The post Norway ‘s Parliament, Stortinget, discloses a security breach appeared first on Security Affairs.
Le 2020-09-02
Security Affairs - Details of millions of U.S. Voters leaked to Russia’s Dark Web forum
Russia’s Kommersant business newspaper reported that a database containing millions of American voters’ details has appeared on the Russian dark web. A database containing several million American voters’ personal information has appeared on the Russian dark web, Russia’s Kommersant business newspaper reported this week. The news is worrisome due to the upcoming presidential elections in the US and the […]
The post Details of millions of U.S. Voters leaked to Russia’s Dark Web forum appeared first on Security Affairs.
Le 2020-09-02
Security Affairs - Tor launches Tor Project Membership Program to financially support its work
The Tor Project announced the launch of the Tor Project Membership Program to financially support the work of the organizations. The Tor Project launched the Tor Project Membership Program to financially support its work. The move aims at diversifying funding in the budget of the organization and to increase unrestricted funds for the software development of tor and other tools. […]
The post Tor launches Tor Project Membership Program to financially support its work appeared first on Security Affairs.
Le 2020-09-02
Security Affairs - Iran-linked APT group Pioneer Kitten sells access to hacked networks
Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has […]
The post Iran-linked APT group Pioneer Kitten sells access to hacked networks appeared first on Security Affairs.
Le 2020-09-02
Security Affairs - France will not ban Huawei from its upcoming 5G networks
French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks. However, Macron said that France will favor European providers of 5G technology […]
The post France will not ban Huawei from its upcoming 5G networks appeared first on Security Affairs.
Le 2020-09-02
Security Affairs - Researchers warn of QNAP NAS attacks in the wild
Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. Hackers are scanning the Internet for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions vulnerable to a remote code execution (RCE) vulnerability addressed by the vendor 3 years ago. […]
The post Researchers warn of QNAP NAS attacks in the wild appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers
Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers. Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that runs on carrier-grade routers. Cisco IOS XR […]
The post Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - Qbot uses a new email collector module in the latest campaign
QBot Trojan operators are using new tactics in their campaign to hijack legitimate email conversations to steal sensitive data from the victims. Researchers from Check Point are warning of a new trend observed in QBot Trojan campaign targeting Microsoft Outlook users, QBot Trojan operators are using new tactics to hijack legitimate email conversations and steal […]
The post Qbot uses a new email collector module in the latest campaign appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - Google removed malicious Terracotta apps from the Play Store
Researchers from White Ops discovers several Android apps in the official Play store which installed on users’ mobile devices the Terracotta ad fraud malware. Researchers from security firm White Ops discovered several Android apps in the official Play Store that installed a hidden browser to load pages containing ad and commit ad fraud. The company […]
The post Google removed malicious Terracotta apps from the Play Store appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - US DoJ wants the funds stored by North Korea in 280 BTC and ETH
US DoJ filed a civil forfeiture complaint to seize 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korea-linked hackers The US DoJ has filed a civil forfeiture complaint with the intent to seize control over 280 Bitcoin and Ethereum accounts that are believed to be holding funds which are the proceeds of hacking campaigns […]
The post US DoJ wants the funds stored by North Korea in 280 BTC and ETH appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - Emotet botnet has begun to use a new ‘Red Dawn’ template
In August, the Emotet botnet operators switched to a new template, named ‘Red Dawn,’ for the malicious attachments employed in new campaigns. The notorious Emotet went into the dark since February 2020, but after months of inactivity, the infamous trojan has surged back in July with a new massive spam campaign targeting users worldwide. The Emotet banking trojan […]
The post Emotet botnet has begun to use a new ‘Red Dawn’ template appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - Security Affairs newsletter Round 279
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A Google Drive weakness could allow attackers to serve malware Adobe released open- source tool Stringlifier to identify randomly generated strings Canadian delivery company Canpar Express suffered a ransomware attack […]
The post Security Affairs newsletter Round 279 appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - Malicious npm package ‘fallguys’ removed from the official repository
The npm security team removed a malicious JavaScript library from the npm repository that was designed to steal sensitive files from the victims. The npm security team has removed the JavaScript library “fallguys” from the npm portal because it was containing a malicious code used to steal sensitive files from an infected users’ browser and […]
The post Malicious npm package ‘fallguys’ removed from the official repository appeared first on Security Affairs.
Le 2020-09-01
Security Affairs - North Korea-linked APT group BeagleBoyz targets banks
North Korea-linked APT group BeagleBoyz intensified its operations since February, US CISA, Department of the Treasury, FBI, and USCYBERCOM warn. According to a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation (FBI), and U.S. Cyber Command (USCYBERCOM) North Korea-linked APT group BeagleBoyz […]
The post North Korea-linked APT group BeagleBoyz targets banks appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - FBI warns of an increase in online romance scams
The FBI is warning of online romance scams and related financial losses, overall losses associated with those complaints exceeded $475 million. The Federal Bureau of Investigation warns of online romance scams (also known as confidence fraud), an ongoing criminal activity that continues to cause large financial losses along with emotional effects with unpredictable consequences. Crooks […]
The post FBI warns of an increase in online romance scams appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Experts demonstrate the PIN is useless in EMV contactless transactions
Researchers with ETH Zurich have identified vulnerabilities in the implementation of the payment card EMV standard that can allow bypassing PIN verification Researchers David Basin, Ralf Sasse, and Jorge Toro-Pozo from the department of computer science at ETH Zurich discovered multiple vulnerabilities in the implementation of the payment card EMV standard that allow hackers to […]
The post Experts demonstrate the PIN is useless in EMV contactless transactions appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Former Cisco employee pleads guilty to hacking, damaging company systems
A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. The former Cisco employee Sudhish Kasaba Ramesh (30) pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer of his company without authorization and causing damage. The news was announced […]
The post Former Cisco employee pleads guilty to hacking, damaging company systems appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn
The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying […]
The post Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Elon Musk confirms that Russian hackers tried to recruit Tesla employee to plant a malware
Elon Musk confirmed that Russian hackers attempted to recruit an employee to install malware into the network of electric car maker Tesla. Recently US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. The man was arrested on August […]
The post Elon Musk confirms that Russian hackers tried to recruit Tesla employee to plant a malware appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Lemon_Duck cryptomining malware evolves to target Linux devices
A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. The new variant also exploits SMBGhost bug in Windows systems, and is also able to target servers running Redis […]
The post Lemon_Duck cryptomining malware evolves to target Linux devices appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Cisco addresses ten high-risk issues in NX-OS software
Cisco addressed ten high-risk vulnerabilities in NX-OS software, including some issues that could lead to code execution and privilege escalation. Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS […]
The post Cisco addresses ten high-risk issues in NX-OS software appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Group with numerous faces: chronicle of UltraRank’s deceptive JS-sniffer campaigns
Group-IB security researchers provide evidence linking three campaigns with the use of various JS-sniffer families. Singapore – Group-IB, a global threat hunting and intelligence company headquartered in Singapore, today released its analytical report “UltraRank: the unexpected twist of a JS-sniffer triple threat.” In its report, Group-IB Threat Intelligence experts provide evidence linking three campaigns with the use of various JavaScript-sniffer families […]
The post Group with numerous faces: chronicle of UltraRank’s deceptive JS-sniffer campaigns appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - Experts hacked 28,000 unsecured printers to raise awareness of printer security issues
Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security Original post: https://cybernews.com/security/we-hacked-28000-unsecured-printers-to-raise-awareness-of-printer-security-issues/ Most of us already know the importance of using antivirus, anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Printers? Not so much. We at CyberNews […]
The post Experts hacked 28,000 unsecured printers to raise awareness of printer security issues appeared first on Security Affairs.
Le 2020-08-30
Security Affairs - 350 million decrypted email addresses left exposed on an unsecured server
Experts found an unsecured data bucket containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. Original post at: https://cybernews.com/security/350-million-email-addresses-left-exposed-on-an-unsecured-server/ The CyberNews research team uncovered an unsecured data bucket owned by an unidentified party, containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. The massive trove […]
The post 350 million decrypted email addresses left exposed on an unsecured server appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - Anubis, a new info-stealing malware spreads in the wild
Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Anubis is the name of an Android malware […]
The post Anubis, a new info-stealing malware spreads in the wild appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - REvil ransomware operators breached healthcare org Valley Health Systems
REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. During ordinary monitoring activity of data leaks, the Cyble Research Team identified a leak disclosure post published by the REvil ransomware operators claiming to have breached a healthcare organization, the Valley Health Systems. Healthcare organizations are a privileged target of […]
The post REvil ransomware operators breached healthcare org Valley Health Systems appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - New Zealand stock exchange (NZX) halted 2 days by DDoS attack
New Zealand’s stock exchange (NZX) confirmed it was hit by a massive distributed denial of service (DDoS) attack from abroad that knocked it offline two days. New Zealand’s stock exchange (NZX) has been hit by distributed denial-of-service (DDoS) attacks that took it offline for two days, trading activity was interrupted until the connectivity was restored. According […]
The post New Zealand stock exchange (NZX) halted 2 days by DDoS attack appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere
Microsoft addressed vulnerabilities in Microsoft Azure Sphere that could lead to the execution of arbitrary code or to the elevation of privileges. Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security […]
The post Microsoft fixes code execution, privilege escalation in Microsoft Azure Sphere appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - FBI arrested a Russian national for recruiting employee of US firm to plant malware
FBI authorities arrested a Russian national in the U.S. after attempting to recruit an employee at a targeted company to plant a malware. US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. The man was arrested on August […]
The post FBI arrested a Russian national for recruiting employee of US firm to plant malware appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - Hackers for hire group target organizations via 3ds Max exploit
Experts discovered a new hacker hacker-for-hire group that is targeting organizations worldwide with malware hidden inside malicious 3Ds Max plugins. Security researchers from Bitdefender discovered a new hacker group that is currently targeting companies across the world with malware hidden inside malicious 3Ds Max plugins. Autodesk 3ds Max, formerly 3D Studio and 3D Studio Max, […]
The post Hackers for hire group target organizations via 3ds Max exploit appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - DeathStalker cyber-mercenary group targets the financial sector
A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. Victim organizations are small and medium-sized businesses located in Argentina, China, Cyprus, India, Israel, […]
The post DeathStalker cyber-mercenary group targets the financial sector appeared first on Security Affairs.
Le 2020-08-28
Security Affairs - Lazarus APT targets cryptocurrency organizations with using LinkedIn lures
North Korea-linked Lazarus APT group targets cryptocurrency organizations with fake job offers in an ongoing spear-phishing campaign. North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has been observed while using LinkedIn lures in a spear-phishing campaign targeting the cryptocurrency organizations worldwide, including in the United States, the United Kingdom, Germany, Singapore, the Netherlands, Japan. The activity of […]
The post Lazarus APT targets cryptocurrency organizations with using LinkedIn lures appeared first on Security Affairs.
Le 2020-08-27
Security Affairs - Expert discloses unpatched Safari flaw that allows stealing local files
A researcher disclosed technical details of an unpatched vulnerability in Apple’s Safari web browser that can be exploited to steal files from the targeted system. An expert disclosed the details of an unpatched vulnerability in Apple’s Safari web browser that can be exploited by attackers to steal files from a targeted system. The vulnerability was […]
The post Expert discloses unpatched Safari flaw that allows stealing local files appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Google Project Zero expert found 3 flaws in Apache Web Server
Administrators of servers running Apache have to update their installs immediately to fix multiple vulnerabilities disclosed by a Google researcher. Apache Foundation released the 2.4.46 version to address three flaws affecting its web server software that could be potentially exploited by attackers, under specific conditions, to execute arbitrary code or to trigger a DoS condition […]
The post Google Project Zero expert found 3 flaws in Apache Web Server appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - SourMint SDK used by 1200 iOS apps shows malicious behavior
Experts at security firm Snyk discovered a malicious behavior in an advertising SDK that is used in more than 1,200 iOS apps available in the Apple App Store. Experts at security firm Snyk discovered a malicious behavior in the advertising SDK SourMint developed by Mintegral, a China-based mobile advertising platform provider. The Mintegral SDK is […]
The post SourMint SDK used by 1200 iOS apps shows malicious behavior appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Dark web Empire Market still down after 3 days. DDoS attack or exit scam?
The dark web marketplace Empire Market has been down for at least 3 days, two of the possible reasons, an exit scam or a prolonged DDoS attack. The popular dark web site Empire Market has been down for at least 60 hours, it hasn’t been down for so long since 2019. The cause is still […]
The post Dark web Empire Market still down after 3 days. DDoS attack or exit scam? appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Canadian delivery company Canpar Express suffered a ransomware attack
A ransomware attack hit TFI International’s four Canadian courier divisions last week, Canpar Express, ICS Courier, Loomis Express and TForce Integrated Solutions. A couple of days after the transportation and logistics TFI International company raised millions of dollars in a share offering, the news of a ransomware attack against its four Canadian courier divisions (Canpar Express, […]
The post Canadian delivery company Canpar Express suffered a ransomware attack appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Cybercriminal greeners from Iran attack companies worldwide for financial gain
Group-IB has detected financially motivated attacks carried out in June by newbie threat actors from Iran. The attackers used Dharma ransomware and a mix of publicly available tools to target companies in Russia, Japan, China, and India. All the affected organizations had hosts with Internet-facing RDP and weak credentials. The hackers typically demanded a ransom between 1-5 […]
The post Cybercriminal greeners from Iran attack companies worldwide for financial gain appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Grandoreiro campaign impersonates Spanish Agencia Tributaria
Operators of Grandoreiro Latin American banking trojan have launched a new campaign using emails posing as the Agencia Tributaria in order to infect new victims. Operators behind the Grandoreiro banking trojan, which is popular in Latin America, have been using emails posing as the Agencia Tributaria to trick victims into installing the malware. The campaign began […]
The post Grandoreiro campaign impersonates Spanish Agencia Tributaria appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months
The Transparent Tribe cyber-espionage group continues to improve its arsenal while targets Military and Government entities. The Transparent Tribe APT group is carrying out an ongoing cyberespionage campaign aimed at military and diplomatic targets worldwide. The group upgraded its Crimson RAT by adding a management console and implementing a USB worming capability that allows it […]
The post Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - A Google Drive weakness could allow attackers to serve malware
A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. enabling bad actors to perform spear-phishing attacks comparatively with a high success […]
The post A Google Drive weakness could allow attackers to serve malware appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Security Affairs newsletter Round 278
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Ritz hotel diners were victims of a sophisticated scam Sodinokibi ransomware gang stole 1TB of data from Brown-Forman Texas man sentenced to 57 months for the hacking of a major […]
The post Security Affairs newsletter Round 278 appeared first on Security Affairs.
Le 2020-08-26
Security Affairs - Adobe released open- source tool Stringlifier to identify randomly generated strings
Adobe has released an open-source tool, dubbed Stringlifier, that allows users to identify randomly generated strings in any plain text, it can be used to sanitize logs. Adobe has released an open-source tool, dubbed Stringlifier, which was designed to identify randomly generated strings in any plain text. The Stringlifier tool was written in Python and […]
The post Adobe released open- source tool Stringlifier to identify randomly generated strings appeared first on Security Affairs.
Le 2020-08-24
Security Affairs - ATM vendors Diebold and NCR fixed deposit forgery bugs
The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks The flaws that could have allowed crooks to modify the […]
The post ATM vendors Diebold and NCR fixed deposit forgery bugs appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Thousands of WordPress WooCommerce stores potentially exposed to hack
Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […]
The post Thousands of WordPress WooCommerce stores potentially exposed to hack appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Popular Freepik site discloses data breach impacting 8.3M users
Freepik, one of the most popular online graphic resources sites online has disclosed a security breach that impacted 8.3 Million users. Freepik, the popular website that provides high-quality free photos and design graphics, has disclosed a major security breach that impacted 8.3 Million users. Freepik says that hackers were able to steal emails and password hashes for […]
The post Popular Freepik site discloses data breach impacting 8.3M users appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn
The FBI and CISA issued a joint alert to warn teleworkers of an ongoing vishing campaign targeting entities from multiple US sectors. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries. […]
The post Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators
Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. During the ordinary monitoring of Deepweb and Darkweb, researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen […]
The post Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Mozilla offers rewards for Bypassing Firefox Exploit Mitigations
Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Mozilla announced this week that it has expanded its bug bounty program with a new category that focuses on bypass methods for the exploit mitigations, security features, and defense-in-depth measures implemented in the Firefox […]
The post Mozilla offers rewards for Bypassing Firefox Exploit Mitigations appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - University of Utah pays a $457,000 ransom to ransomware gang
The University of Utah admitted to have paid a $457,059 ransom in order to avoid having ransomware operators leak student information online. The University of Utah admitted having paid a $457,059 ransom after the ransomware attack that took place on July 19, 2020, that infected systems on the network of the university’s College of Social […]
The post University of Utah pays a $457,000 ransom to ransomware gang appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws
Microsoft released an Out-of-Band security update to address privilege escalation flaws in Windows 8.1 and Windows Server 2012 R2 systems. Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access. Both vulnerabilities were addressed by Microsoft in August, […]
The post Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Google fixed email spoofing flaw 7 hours after public disclosure
Google addressed an email spoofing vulnerability affecting Gmail and G Suite a few hours after it was publicly disclosed. Google addressed an email spoofing vulnerability affecting its Gmail and G Suite products a few hours after it was publicly disclosed, but the IT giant was ware of the flaw since April. On Wednesday, the researcher […]
The post Google fixed email spoofing flaw 7 hours after public disclosure appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - Shared memory flaw in IBM Db2 can lead to Information Disclosure
IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researchers from Trustwave, it […]
The post Shared memory flaw in IBM Db2 can lead to Information Disclosure appeared first on Security Affairs.
Le 2020-08-23
Security Affairs - CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack
Cisco addressed a critical default credentials vulnerability (CVE-2020-3446) affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco fixed a critical default credentials vulnerability impacting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes […]
The post CVE-2020-3446 default credentials bug exposes Cisco ENCS, CSP Appliances to hack appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - Experian South Africa discloses data breach, 24 million customers impacted
The South African branch of consumer credit reporting agency Experian disclosed a data breach that impacted 24 million customers. The South African branch of consumer credit reporting agency Experian disclosed this week a data breach that impacted 24 million customers. The company revealed that only personal information was exposed in the data breach, no financial […]
The post Experian South Africa discloses data breach, 24 million customers impacted appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - CISA’s MAR warns of North Korean BLINDINGCAN RAT
US CISA published an alert related to a new North Korean malware, dubbed BLINDINGCAN, used in attacks on the US defense and aerospace sectors. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) that includes technical details about a new strain of malware, tracked as BLINDINGCAN, that was attributed […]
The post CISA’s MAR warns of North Korean BLINDINGCAN RAT appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked
Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Chinese hackers have gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. According to a top Taiwan cyber official, the attacks are part of a cyber espionage campaign. […]
The post Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH
Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. FritzFrog is a new sophisticated botnet that has been actively targeting SSH servers worldwide since January 2020. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in government, education, and finance […]
The post FritzFrog cryptocurrency P2P botnet targets Linux servers over SSH appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018
The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoft’s August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […]
The post Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018 appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - A flaw in Concrete5 CMS could have allowed website takeover
A remote code execution (RCE) vulnerability affecting the Concrete5 CMS exposed numerous servers to full takeover, experts warn. A recently addressed remote code execution (RCE) flaw in the Concrete5 CMS exposed numerous websites to attacks. Concrete5 is an open-source content management system (CMS) designed for ease of use, for users with a minimum of technical […]
The post A flaw in Concrete5 CMS could have allowed website takeover appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - Critical flaw in Jenkins Server can cause information disclosure
A critical vulnerability in Jenkins server software could result in memory corruption and cause confidential information disclosure. A critical vulnerability in Jenkins server software, tracked as CVE-2019-17638, could result in memory corruption and cause confidential information disclosure. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The […]
The post Critical flaw in Jenkins Server can cause information disclosure appeared first on Security Affairs.
Le 2020-08-21
Security Affairs - Ukraine police and Binance dismantled a cyber gang behind $42M money laundering
Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities. According to the Ukrainian officials, the cryptocurrency exchanges allowed crooks […]
The post Ukraine police and Binance dismantled a cyber gang behind $42M money laundering appeared first on Security Affairs.
Le 2020-08-19
Security Affairs - Cruise line operator Carnival Corporation suffers a ransomware attack
The world’s largest cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend. Cruise line operator Carnival Corporation has disclosed that one of their brands was hit with a ransomware attack over the past weekend. Carnival Corporation & plc is a British-American cruise operator, currently […]
The post Cruise line operator Carnival Corporation suffers a ransomware attack appeared first on Security Affairs.
Le 2020-08-19
Security Affairs - TeamTNT is the first cryptomining bot that steals AWS credentials
Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. The TeamTNT botnet is a crypto-mining malware operation that has been active since […]
The post TeamTNT is the first cryptomining bot that steals AWS credentials appeared first on Security Affairs.
Le 2020-08-19
Security Affairs - CISA warns of phishing attacks delivering KONNI RAT
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert related to attacks delivering the KONNI remote access Trojan (RAT). The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide technical details on a new wave of attacks delivering the KONNI remote access Trojan (RAT). The KONNI RAT was first discovered […]
The post CISA warns of phishing attacks delivering KONNI RAT appeared first on Security Affairs.
Le 2020-08-19
Security Affairs - Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say
The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. The hackers targeted the GCKey service with credential stuffing attacks, the service […]
The post Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say appeared first on Security Affairs.
Le 2020-08-19
Security Affairs - Technology giant Konica Minolta hit by a ransomware attack
IT giant Konica Minolta was hit with a ransomware attack at the end of July, its services have been impacted for almost a week. A ransomware attack has impacted the services at the business technology giant Konica Minolta for almost a week, the attack took place at the end of July. Konica Minolta is a […]
The post Technology giant Konica Minolta hit by a ransomware attack appeared first on Security Affairs.
Le 2020-08-18
Security Affairs - The Australian government wants to respond to attacks on critical infrastructure
The Australian government aims at giving itself the power to manage the response of private enterprises to cyber attacks on critical infrastructure. The Australian government wants to increase the security of critical infrastructure, for this reason, it plans to manage the response of private enterprises to cyber attacks targeting them. According to a Consultation Paper […]
The post The Australian government wants to respond to attacks on critical infrastructure appeared first on Security Affairs.
Le 2020-08-18
Security Affairs - Ritz hotel diners were victims of a sophisticated scam
Guests at the luxury Ritz hotel in London have been victims of “extremely convincing” scammers who posed as hotel staff to steal payment card details. Clients having dinner at the luxury Ritz hotel in London have been targeted by “extremely convincing” scammers who posed as hotel staff to steal payment card details. The crooks phoned […]
The post Ritz hotel diners were victims of a sophisticated scam appeared first on Security Affairs.
Le 2020-08-18
Security Affairs - Security Affairs newsletter Round 277
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Homoglyph attacks used in phishing campaign and Magecart attacks Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated US OCC imposed an $80 Million fine to Capital One for 2019 […]
The post Security Affairs newsletter Round 277 appeared first on Security Affairs.
Le 2020-08-18
Security Affairs - Texas man sentenced to 57 months for the hacking of a major tech firm in New York
A 31-year-old man from Dallas, Texas, was sentenced last week to 57 months in prison for crimes related to the hacking of a major tech firm in New York. Tyler C. King (31), from Dallas, Texas, was sentenced to 57 months in prison for crimes related to the hacking of an unnamed major tech company […]
The post Texas man sentenced to 57 months for the hacking of a major tech firm in New York appeared first on Security Affairs.
Le 2020-08-18
Security Affairs - Sodinokibi ransomware gang stole 1TB of data from Brown-Forman
Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Sodinokibi (REvil) ransomware operators announced last week to have breached the network of the Brown-Forman, one of the largest U.S. firm in the spirits and wine business. Threat actors claim to have […]
The post Sodinokibi ransomware gang stole 1TB of data from Brown-Forman appeared first on Security Affairs.
Le 2020-08-18
Security Affairs - Emotet malware employed in fresh COVID19-themed spam campaign
The Emotet malware has begun to spam COVID19-themed emails to U.S. businesses after not being active for most of the USA pandemic. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. businesses. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were […]
The post Emotet malware employed in fresh COVID19-themed spam campaign appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - PoC exploit code for two Apache Struts 2 flaws available online
Security researchers have discovered a PoC exploit code available online that can be used to trigger unpatched security flaws in Apache Struts 2. Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2. The Proof-of-concept exploit code was released […]
The post PoC exploit code for two Apache Struts 2 flaws available online appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - XCSSET Mac spyware spreads via Xcode Projects
A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks. The first zero-day issue is used to steal cookies via […]
The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - North Korea’s Lazarus compromised dozens of organizations in Israel
Since January 2020, the North Korea-linked Lazarus APT has successfully compromised dozens of organizations in Israel and other countries. The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. According to the officials, the attack was launched by “an […]
The post North Korea’s Lazarus compromised dozens of organizations in Israel appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - Threat Report Portugal: Q2 2020
The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution […]
The post Threat Report Portugal: Q2 2020 appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - Maze ransomware gang leaked Canon USA’s stolen files
Maze ransomware operators have leaked online the unencrypted files allegedly stolen from Canon during a recent ransomware attack. According to an internal memo obtained by ZDNet last week, the recent outage suffered by Canon was caused by a ransomware attack, at the same time Maze ransomware operators were taking the credit for the incident. The memo […]
The post Maze ransomware gang leaked Canon USA’s stolen files appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - Chinese APT CactusPete targets military and financial orgs in Eastern Europe
China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. A China-linked APT group, tracked by Kaspersky as CactusPete (aka Karma Panda or Tonto Team), was observed using an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The […]
The post Chinese APT CactusPete targets military and financial orgs in Eastern Europe appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - Threat actor leaked data for U.S. gun exchange site on hacking forum
A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. He claims the databases contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video […]
The post Threat actor leaked data for U.S. gun exchange site on hacking forum appeared first on Security Affairs.
Le 2020-08-16
Security Affairs - FBI and NSA joint report details APT28’s Linux malware Drovorub
The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub, allegedly employed by Russia-linked the APT28 group. The name […]
The post FBI and NSA joint report details APT28’s Linux malware Drovorub appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Microsoft failed to fix LSASS elevation of privilege flaw
Microsoft did not properly address an elevation of privilege flaw (CVE-2020-1509) in the Windows Local Security Authority Subsystem Service (LSASS). Google Project Zero researcher who discovered the elevation of privilege flaw (CVE-2020-1509) in the Windows Local Security Authority Subsystem Service (LSASS) warn that Microsoft did not properly address it. “An elevation of privilege vulnerability exists […]
The post Microsoft failed to fix LSASS elevation of privilege flaw appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Rent a hacker: Group-IB uncovers corporate espionage group RedCurl
Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. In less than three years, RedCurl […]
The post Rent a hacker: Group-IB uncovers corporate espionage group RedCurl appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Israel announced to have foiled an attempted cyber-attack on defence firms
Israel ‘s defence ministry announced to have foiled an attempted cyber attack by a foreign threat actors group targeting the country’s defence manufacturers. The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. According to the officials, the attack […]
The post Israel announced to have foiled an attempted cyber-attack on defence firms appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Threat actors managed to control 23% of Tor Exit nodes
A security researcher has discovered that a threat actor controlled roughly 23% of the Tor network’s exit nodes. A security researcher named Nusenu revealed that in May a malicious controlled roughly 23% of the entire Tor network’s exit nodes. Experts warn that this was the first time that a single actor controlled such a large […]
The post Threat actors managed to control 23% of Tor Exit nodes appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - SANS Institute Email Breach – 28,000 User Records exposed
The SANS Institute suffered a data breach, 28,000 user records containing personally identifiable information (PII) were exposed. On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. The SANS […]
The post SANS Institute Email Breach – 28,000 User Records exposed appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Agent Tesla includes new password-stealing capabilities from browsers and VPNs
Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Researchers from SentinelOne discovered new variants of the popular Agent Tesla Trojan that includes new modules to steal credentials from applications including popular web browsers, VPN software, as […]
The post Agent Tesla includes new password-stealing capabilities from browsers and VPNs appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack
The City of Lafayette, Colorado, USA, has been forced to pay $45,000 because they were unable to restore necessary files from backup. On July 27th, the systems at the City of Lafayette, Colorado, were infected with ransomware, the malicious code impacted phone services, email, and online payment reservation systems. The City did not immediately disclose […]
The post City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Citrix fixed flaws in XenMobile that will be likely exploited soon
Citrix addressed multiple vulnerabilities in Citrix Endpoint Management (XenMobile) that can be exploited by an attacker to gain administrative privileges on affected systems. The Citrix Endpoint Management (CEM), formerly XenMobile, is software that provides mobile device management (MDM) and mobile application management (MAM). The vulnerabilities that impacted the Citrix XenMobile were tracked as CVE-2020-8208, CVE-2020-8209, […]
The post Citrix fixed flaws in XenMobile that will be likely exploited soon appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days
Microsoft August 2020 Patch Tuesday updates addressed 120 vulnerabilities, including two zero-days that have been exploited in attacks. Microsoft August 2020 Patch Tuesday updates have addressed 120 flaws, including two zero-day vulnerabilities that have been exploited in attacks in the wild. The two issues are a Windows spoofing bug and a remote code execution flaw […]
The post Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days appeared first on Security Affairs.
Le 2020-08-14
Security Affairs - Adobe Acrobat and Reader affected by critical flaws
Adobe has released security updates to address twenty-six vulnerabilities in the Adobe Acrobat, Reader, and Lightroom products. Adobe has released security updates to address tens of vulnerabilities in Adobe Acrobat, Reader, and Lightroom products. Eleven out of twenty-six flaws are rated as ‘Critical’ because they could be exploited by attackers to remotely execute arbitrary code […]
The post Adobe Acrobat and Reader affected by critical flaws appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - Flaws in ‘Find My Mobile’ exposed Samsung phones to hack
A researcher found multiple flaws in Samsung’s Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. The security researcher Pedro Umbelino from Portugal-based cybersecurity services provider Char49 discovered multiple vulnerabilities in Samsung’s Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy […]
The post Flaws in ‘Find My Mobile’ exposed Samsung phones to hack appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - Avaddon ransomware operators have launched their data leak site
Avaddon ransomware operators, like other cybercrime groups, decided to launch a data leak site where publish data of victims who refuse to pay a ransom demand. Avaddon ransomware operators announced the launch of their data leak site where they will publish the data stolen from the victims who do not pay a ransom demand. The […]
The post Avaddon ransomware operators have launched their data leak site appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - Researcher discloses exploit code for a vBulletin zero-day
A researcher published details and proof-of-concept exploit code for a zero-day RCE vulnerability in the popular forum CMS vBulletin. The researcher Amir Etemadieh has published technical details and proof-of-concept exploit code for a zero-day remote code execution vulnerability in vBulletin, the popular forum software. The new vulnerability is a bypass for a the security patch […]
The post Researcher discloses exploit code for a vBulletin zero-day appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - TeamViewer flaw can allow hackers to steal System password
A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability (CVE 2020-13699), that could be exploited by remote attackers to steal system password and potentially compromise it. TeamViewer is a popular software application for remote control, […]
The post TeamViewer flaw can allow hackers to steal System password appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - Nefilim ransomware operators claim to have hacked the SPIE group
Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services. Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group, an independent European leader in multi-technical services. The number of ransomware attacks continues to increase, hackers also steal victims’ data and threaten them to […]
The post Nefilim ransomware operators claim to have hacked the SPIE group appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - NCSC Director warns of interference on elections tied to Russia, China, Iran
The Director of the U.S. National Counterintelligence and Security Center (NCSC) shared info on attempts of influence 2020 U.S. elections. The Director of the U.S. National Counterintelligence and Security Center (NCSC) William Evanina shared information on ongoing operations aimed at influencing the 2020 U.S. elections. “Many foreign actors have a preference for who wins the election, which they express through a […]
The post NCSC Director warns of interference on elections tied to Russia, China, Iran appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL
The list of sites blocked in MYANMAR includes many websites that did not fall under the categories adult content or fake news Original post at: https://www.qurium.org/alerts/myanmar/internet-blocking-in-myanmar-secret-block-list-and-no-means-to-appeal In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; […]
The post INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - Spying on satellite internet comms with a $300 listening station
An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference, explained that satellite internet communications are susceptible to eavesdropping and signal interception. Attackers could use cheap equipment like a basic home-television gear that goes from […]
The post Spying on satellite internet comms with a $300 listening station appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - Security Affairs newsletter Round 276
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account FBI issued a flash alert about Netwalker ransomware attacks Garmin allegedly paid for a decryptor for WastedLocker […]
The post Security Affairs newsletter Round 276 appeared first on Security Affairs.
Le 2020-08-12
Security Affairs - US OCC imposed an $80 Million fine to Capital One for 2019 hack
US Office of the Comptroller of the Currency (OCC) regulator has fined the credit card provider Capital One Financial Corp with $80 million over 2019 data breach. The US Office of the Comptroller of the Currency (OCC) has imposed an $80 million fine to the credit card provider Capital One Financial Corp over 2019 data breach. Capital One, one of […]
The post US OCC imposed an $80 Million fine to Capital One for 2019 hack appeared first on Security Affairs.
Le 2020-08-10
Security Affairs - Homoglyph attacks used in phishing campaign and Magecart attacks
Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. The hackers targeted visitors of several sites using typo-squatted domain names, and modified favicons […]
The post Homoglyph attacks used in phishing campaign and Magecart attacks appeared first on Security Affairs.
Le 2020-08-10
Security Affairs - Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated
Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. A team of Chinese experts from Sky-Go, the Qihoo 360 division focused on car hacking, discovered 19 vulnerabilities in a Mercedes-Benz E-Class, including some issues that can be exploited by attackers to remotely hack a […]
The post Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated appeared first on Security Affairs.
Le 2020-08-10
Security Affairs - FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw
According to the FBI, Iranian hackers are actively attempting to exploit an unauthenticated RCE flaw, tracked as CVE-2020-5902, in F5 Big-IP ADC devices. The FBI is warning of Iranian hackers actively attempting to exploit an unauthenticated remote code execution flaw (CVE-2020-5902) affecting F5 Big-IP application delivery controller (ADC) devices. Early June, researchers at F5 Networks […]
The post FBI warns of Iran-linked hackers attempting to exploit F5 BIG-IP flaw appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks
Wi-Fi chips manufactured by Qualcomm and MediaTek are impacted by vulnerabilities similar to the Kr00k issue disclosed early this year. Earlier this year, experts from ESET disclosed the Kr00k, a new high-severity hardware vulnerability, that affects Wi-Fi chips manufactured by Broadcom and Cypress. The Kr00k vulnerability, tracked as CVE-2019-15126, could be exploited by nearby remote attackers […]
The post Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Reddit massive hack: hackers defaced channels with pro-Trump messages
Reddit suffered a massive hack, threat actors compromised tens of Reddit channels and defaced them showing messages in support of Donald Trump’s campaign. Reddit suffered a massive hack, threat actors defaced tens of channel to display messages in support of Donald Trump’s reelection campaign. At the time of writing, the massive hack is still ongoing […]
The post Reddit massive hack: hackers defaced channels with pro-Trump messages appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Did Maze ransomware operators steal 10 GB of data from Canon?
An internal memo confirms that the prolonged outage suffered by Canon last week was caused by a ransomware infection, Maze operators took credit for it. According to an internal memo obtained by ZDNet, the recent outage of Canon was caused by a ransomware attack, while Maze ransomware operators are taking the credit for the incident. […]
The post Did Maze ransomware operators steal 10 GB of data from Canon? appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Intel investigates security breach after the leak of 20GB of internal documents
Intel is investigating reports of an alleged hack that resulted in the theft and leak of 20GB of data coming from the chip giant. Intel is investigating reports that an alleged hacker has leaked 20GB of exfiltrated from its systems. The stolen data includes source code and developer documents and tools, some documents are labeled […]
The post Intel investigates security breach after the leak of 20GB of internal documents appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Google Threat Analysis Group took down ten influence operations in Q2 2020
Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report, a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. Google revealed to have taken down ten coordinated operations in […]
The post Google Threat Analysis Group took down ten influence operations in Q2 2020 appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Netwalker ransomware operators claim to have stolen data from Forsee Power
Netwalker ransomware operators breached the networks of Forsee Power, a well-known player in the electromobility market. A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power, which provides advanced lithium-ion battery systems for any mobility application. The industrial group is based in France and […]
The post Netwalker ransomware operators claim to have stolen data from Forsee Power appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life
The FBI warned private industry partners of risks impacting companies running Windows 7 after the Microsoft OS reached the end of life on January 14. The Federal Bureau of Investigation is warning companies running Windows 7 systems of the greater risk of getting hacked because the Microsoft OS has reached the end of life on January 14. […]
The post FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Hackers can abuse Microsoft Teams updater to deliver malicious payloads
Threat actors can abuse Microsoft Teams updater to retrieve and execute malicious code from a remote location. Security experts from Trustwave detailed the Living Off the Land technique that could allow a threat actor to abuse the MS Teams Updater to download any binary or malicious payload from a remote server. The bad news is […]
The post Hackers can abuse Microsoft Teams updater to deliver malicious payloads appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - Cyber Defense Magazine – August 2020 has arrived. Enjoy it!
Cyber Defense Magazine august 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 147 pages of excellent content. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK THIS FIRST LINK […]
The post Cyber Defense Magazine – August 2020 has arrived. Enjoy it! appeared first on Security Affairs.
Le 2020-08-09
Security Affairs - NSA releases a guide to reduce location tracking risks
The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide, titled […]
The post NSA releases a guide to reduce location tracking risks appeared first on Security Affairs.
Le 2020-08-07
Security Affairs - Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers
ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum. ZDNet […]
The post Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers appeared first on Security Affairs.
Le 2020-08-07
Security Affairs - Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product
Researchers from TIM’s Red Team Research (RTR) have discovered another 4 new zero-day vulnerabilities in the WOWZA Streaming Engine product. Last month, the TIM’s Red Team Research (RTR) disclosed 2 new vulnerabilities affecting the Oracle Business Intelligence product with High severity. Today, the TIM’s Red Team Research led by Massimiliano Brolli, discovered 4 new vulnerabilities […]
The post Exclusive: TIM’s Red Team Research finds 4 zero-days in WOWZA Streaming Engine product appeared first on Security Affairs.
Le 2020-08-07
Security Affairs - Flaw in popular NodeJS ‘express-fileupload’ module allows DoS attacks and code injection
Expert found a flaw in a popular NodeJS module that can allow attackers to perform a denial-of-service (DoS) attack on a server or get arbitrary code execution. The NodeJS module “express-fileupload,” which has more that 7.3 million times downloads from the npm repository. The NodeJS module is affected by a ‘Prototype Pollution’ CVE-2020-7699 vulnerability that can allow attackers to perform a denial-of-service (DoS) attack on a […]
The post Flaw in popular NodeJS ‘express-fileupload’ module allows DoS attacks and code injection appeared first on Security Affairs.
Le 2020-08-07
Security Affairs - UberEats data leaked on the dark web
Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Another day, another data breach made the headlines, this time the alleged victim is UberEATS. UberEats is an American online food ordering and delivery platform launched by Uber in 2014. During the process […]
The post UberEats data leaked on the dark web appeared first on Security Affairs.
Le 2020-08-07
Security Affairs - US govt agencies share details of the China-linked espionage malware Taidoor
China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD) released information on a RAT variant, dubbed TAIDOOR, used by China-linked hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. “The Cybersecurity and Infrastructure Security […]
The post US govt agencies share details of the China-linked espionage malware Taidoor appeared first on Security Affairs.
Le 2020-08-07
Security Affairs - Hackers stole €1.2m worth of cryptocurrency from 2gether
2gether has disclosed a security breach, hackers have stolen roughly €1.2 million worth of cryptocurrency from cryptocurrency investment accounts. Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. The attack took place on July 31 at 6.00 pm CEST, when hackers compromised the […]
The post Hackers stole €1.2m worth of cryptocurrency from 2gether appeared first on Security Affairs.
Le 2020-08-06
Security Affairs - Maze Ransomware operators published data from LG and Xerox
Maze ransomware operators published internal data from LG and Xerox after the company did not pay the ransom. Ransomware crews are very active during these months, Maze ransomware operators have published tens of GB of internal data allegedly stolen from IT giants LG and Xerox following failed extortion attempts. Maze ransomware operators published 50.2 GB […]
The post Maze Ransomware operators published data from LG and Xerox appeared first on Security Affairs.
Le 2020-08-05
Security Affairs - NetWalker ransomware operators have made $25 million since March 2020
NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. The malware has been active […]
The post NetWalker ransomware operators have made $25 million since March 2020 appeared first on Security Affairs.
Le 2020-08-05
Security Affairs - Reading the 2020 Cost of a Data Breach Report
2020 Cost of a Data Breach Report: the global total cost of a data breach averaged $3.86 million in 2020, down about 1.5% from the 2019 study. Every year, I write about the annual report published by the Ponemon Institute on the cost of a data breach, it is a very interesting study that explores the […]
The post Reading the 2020 Cost of a Data Breach Report appeared first on Security Affairs.
Le 2020-08-05
Security Affairs - Belarussian authorities arrested GandCrab ransomware distributor
Last week, the Minister of Internal Affairs of Belarus announced the arrest of a 31-year-old man that is accused of distributing the infamous GandCrab ransomware. Last week, the Minister of Internal Affairs of Belarus announced the arrest of a man on charges of distributing the infamous GandCrab ransomware. The arrest is the result of an […]
The post Belarussian authorities arrested GandCrab ransomware distributor appeared first on Security Affairs.
Le 2020-08-05