Author: Pierluigi Paganini

by

A threat actor is offering for sale on hacking forums the secret database Clubhouse containing 3.8B phone numbers. Clubhouse is a social audio app for iOS and Android where users can communicate in voice chat rooms that accommodate groups of thousands of people. The audio-only app hosts live discussions, with opportunities to participate through speaking and listening. Conversations are prohibited by Clubhouse’s guidelines […]

The post Threat actor offers Clubhouse secret database containing 3.8B phone numbers appeared first on Security Affairs.

Read More Threat actor offers Clubhouse secret database containing 3.8B phone numbers
by

Threat actors target Kubernetes installs via Argo Workflows to cryptocurrency miners, security researchers from Intezer warn. Researchers from Intezer uncovered new attacks on Kubernetes (K8s) installs via misconfigured Argo Workflows aimed at deploying cryptocurrency miners. Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters. The experts discovered Argo Workflows instances with […]

The post Crooks target Kubernetes installs via Argo Workflows to deploy miners appeared first on Security Affairs.

Read More Crooks target Kubernetes installs via Argo Workflows to deploy miners
by

XCSSET macOS malware continues to evolve, now it is able to steal login information from multiple apps, including Telegram and Google Chrome. Security researchers from Trend Micro continues to monitor the evolution of the XCSSET macOS malware, new variants are able to steal login information from multiple apps, including Telegram and Google Chrome, and send […]

The post XCSSET MacOS malware targets Telegram, Google Chrome data and more appeared first on Security Affairs.

Read More XCSSET MacOS malware targets Telegram, Google Chrome data and more
by

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. HelloKitty ransomware gang targets vulnerable SonicWall devices Instagram implements ‘Security Checkup to help users recover compromised accounts Chinese […]

The post Security Affairs newsletter Round 324 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 324
by

Japanese researchers spotted an Olympics-themed wiper targeting Japanese users ahead of the 2021 Tokyo Olympics. Tokyo Olympics could be a great opportunity for cybercriminals and malware authors, the US FBI warned private US companies of cyberattacks that might attempt to disrupt the 2021 Tokyo Olympics. Researchers from the Japanese security firm Mitsui Bussan Secure Directions (MBSD) […]

The post Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics appeared first on Security Affairs.

Read More Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics
by

A researcher found a flaw in Windows OS, tracked as PetitPotam, that can be exploited to force remote Windows machines to share their password hashes. Security researcher Gilles Lionel (aka Topotam) has discovered a vulnerability in the Windows operating system that allows an attacker to force remote Windows machines to authenticate and share their password hashes with […]

The post Obtaining password hashes of Windows systems with PetitPotam attack appeared first on Security Affairs.

Read More Obtaining password hashes of Windows systems with PetitPotam attack
by

Estonian hacker Pavel Tsurkan has pleaded guilty in a United States court to the counts of computer fraud and of creating and operating a proxy botnet. The Estonian national Pavel Tsurkan has pleaded guilty in a United States court to two counts of computer fraud and abuse. According to court documents, Pavel Tsurkan (33) operated […]

The post Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet. appeared first on Security Affairs.

Read More Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet.
by

WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. Original post at https://www.wizcase.com/blog/us-municipality-breach-report/ This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types […]

The post Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach appeared first on Security Affairs.

Read More Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach
by

How businesses can benefit from the adoption of an identity and access management solution. Businesses that use outdated manual processes to grant and control access to their IT resources are getting left behind. This article describes what an identity and access management solution is and how it can benefit your business. Identity Is the New […]

The post What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It? appeared first on Security Affairs.

Read More What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It?
by

The software provider Kaseya announced to have obtained a universal decryptor for the REvil ransomware. Earlier this month, a massive supply chain attack conducted by the REvil ransomware gang hit the cloud-based managed service provider platform Kaseya, impacting both other MSPs using its VSA software and their customers. The VSA tool is used by MSPs to perform […]

The post Kaseya obtained a universal decryptor for REvil ransomware attack appeared first on Security Affairs.

Read More Kaseya obtained a universal decryptor for REvil ransomware attack
by

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from April to June, Q2, of 2021 The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is also supported […]

The post Threat Report Portugal: Q2 2021 appeared first on Security Affairs.

Read More Threat Report Portugal: Q2 2021
by

Multiple major websites, including Steam, AWS, Amazon, Google, and Salesforce, went offline due to Akamai DNS global outage. A software configuration update triggered a bug in the Akamai DNS which took offline major websites, including Steam, the PlayStation Network, AWS, Google, and Salesforce. “A software configuration update triggered a bug in the DNS (domain name […]

The post Akamai software update triggered a bug that took offline major sites appeared first on Security Affairs.

Read More Akamai software update triggered a bug that took offline major sites
by

Oracle released its Critical Patch Update for July 2021, it fixes hundreds of flaws, including Critical Remotely Exploitable vulnerabilities in Weblogic Server. Oracle this week released its quarterly Critical Patch Update for July 2021 that contains 342 new security patches for multiple product families. Some of the vulnerabilities addressed by the IT giant could be remotely exploited by […]

The post Oracle fixes critical RCE vulnerabilities in Weblogic Server appeared first on Security Affairs.

Read More Oracle fixes critical RCE vulnerabilities in Weblogic Server
by

Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has assisted the Dutch National Police in the operation to apprehend alleged members of a cybercriminal group codenamed ‘Fraud Family.’ Group-IB’s […]

The post Group-IB helps Dutch police identify members of phishing developer gang Fraud Family appeared first on Security Affairs.

Read More Group-IB helps Dutch police identify members of phishing developer gang Fraud Family
by

U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products. Experts pointed out […]

The post CISA analyzed stealthy malware found on compromised Pulse Secure devices appeared first on Security Affairs.

Read More CISA analyzed stealthy malware found on compromised Pulse Secure devices
by

A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums. TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases. Their clients include Burger King, McDonald’s, Cinecittà World, Rainbow Magicland, and many other enterprises having coupon and loyalty programs.  The […]

The post TicketClub Italy Database Offered in Dark Web appeared first on Security Affairs.

Read More TicketClub Italy Database Offered in Dark Web
by

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. The author of the post claims that the data was acquired from […]

The post Thousands of Humana customers have their medical data leaked online by threat actors appeared first on Security Affairs.

Read More Thousands of Humana customers have their medical data leaked online by threat actors
by

French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group. The French national cyber-security agency ANSSI warned of ongoing attacks against a large number of French organizations conducted by the Chine-linked APT31 cyberespionage group. The state-sponsored hackers are hijacking home routers to set up a […]

The post France ANSSI agency warns of APT31 campaign against French organizations appeared first on Security Affairs.

Read More France ANSSI agency warns of APT31 campaign against French organizations
by

Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware.  FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is […]

The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs.

Read More XLoader, a $49 spyware that could target both Windows and macOS devices
by

A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release for his role in operating the Kelihos botnet. The creator of the Kelihos Botnet, Peter Yuryevich Levashov (40), was sentenced to 33 months, time served, and three years of supervised release. Levashev used the pseudonym of […]

The post Kelihos botmaster Peter Levashov gets time served appeared first on Security Affairs.

Read More Kelihos botmaster Peter Levashov gets time served
by

Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros. Qualys researchers discovered a local privilege escalation (LPE) tracked as CVE-2021-33909, aka Sequoia, an unprivileged attacker can exploit the flaw to get root privileges on most Linux distros. The issue is a size_t-to-int type […]

The post LPE flaw in Linux kernel allows attackers to get root privileges on most distros appeared first on Security Affairs.

Read More LPE flaw in Linux kernel allows attackers to get root privileges on most distros
by

Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros. Qualys researchers discovered a local privilege escalation (LPE) tracked as CVE-2021-33909, aka Sequoia, an unprivileged attacker can exploit the flaw to get root privileges on most Linux distros. The issue is a size_t-to-int type […]

The post LPE flaw in Linux kernel allows attackers to get root privileges on most distros appeared first on Security Affairs.

Read More LPE flaw in Linux kernel allows attackers to get root privileges on most distros
by

Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit to gain admin rights on systems. Researchers from SentinelOne discovered a 16-year-old security vulnerability in an HP, Xerox, and Samsung printers driver that can allow attackers to gain admin rights on systems running the flawed […]

The post A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide appeared first on Security Affairs.

Read More A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide
by

Fortinet fixes a serious bug in its FortiManager and FortiAnalyzer network management solutions that could be exploited to execute arbitrary code as root. Fortinet has released security updates to address a serious bug, tracked as CVE-2021-32589, affecting FortiManager and FortiAnalyzer network management solutions. The CVE-2021-32589 vulnerability is a Use After Free issue that an attacker […]

The post A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root appeared first on Security Affairs.

Read More A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root
by

Microsoft has seized 17 malicious homoglyph domains used by crooks in a business email compromise (BEC) campaign targeting its users. Microsoft’s Digital Crimes Unit (DCU) has seized 17 domains that were used by scammers in a business email compromise (BEC) campaign aimed at its customers. The IT giant secured a court order that allowed it to take down “homoglyph” domains […]

The post Microsoft secured court order to take down domains used in BEC campaign appeared first on Security Affairs.

Read More Microsoft secured court order to take down domains used in BEC campaign
by

A recently discovered iPhone Wi-Fi bug that could crash the WiFi connectivity could be exploited by attackers to achieve remote code execution. In June, the researcher Carl Schou discovered a new bug in iPhone that can permanently break users’ WiFi by disabling it, the issue could be triggered by simply connecting to a rogue hotspot.  Once an […]

The post WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE appeared first on Security Affairs.

Read More WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE
by

US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The U.S. Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope, TEMP.Jumper, and Leviathan) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. […]

The post US DoJ indicts four members of China-linked APT40 cyberespionage group appeared first on Security Affairs.

Read More US DoJ indicts four members of China-linked APT40 cyberespionage group
by

Cisco Talos experts disclose details of several critical flaws in a router monitoring application developed by industrial and IoT firm Advantech. Cisco Talos researchers discovered multiple critical vulnerabilities in the R-SeeNet application developed by industrial and IoT firm Advantech. The application allows network administrators to monitor Advantech routers in their infrastructure. The monitoring tool collects […]

The post Experts disclose critical flaws in Advantech router monitoring tool appeared first on Security Affairs.

Read More Experts disclose critical flaws in Advantech router monitoring tool
by

A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant, Saudi Aramco. Threat actors that goes online with the moniker ZeroX  claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale […]

The post Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco appeared first on Security Affairs.

Read More Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco
by

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware. Pegasus is a surveillance malware developed by […]

The post Pegasus Project – how governments use Pegasus spyware against journalists appeared first on Security Affairs.

Read More Pegasus Project – how governments use Pegasus spyware against journalists
by

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Security researchers at CyberArk Labs discovered a security bypass vulnerability, tracked as CVE-2021-34466, affecting the Windows Hello facial authentication process, An attacker could exploit the vulnerability to login systems running the Windows 10 OS. […]

The post Experts show how to bypass Windows Hello feature to login on Windows 10 PCs appeared first on Security Affairs.

Read More Experts show how to bypass Windows Hello feature to login on Windows 10 PCs
by

Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The Cyberspace Administration of China (CAC) has issued a new exacerbated vulnerability disclosure regulation that requires white hat hackers uncovering critical zero-day flaws in computer systems to first report them to the government authorities within two […]

The post Chinese government issues new vulnerability disclosure regulations appeared first on Security Affairs.

Read More Chinese government issues new vulnerability disclosure regulations
by

Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised. Good news for the owners of Instagram accounts that may have been compromised, the company launched a new feature named ‘Security Checkup‘ feature that aims to keep accounts safe and help users to recover them. […]

The post Instagram implements ‘Security Checkup’ to help users recover compromised accounts appeared first on Security Affairs.

Read More Instagram implements ‘Security Checkup’ to help users recover compromised accounts
by

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “an imminent ransomware campaing” targeting some of its equipment that reached end-of-life (EoL). Threat actors could target unpatched devices belonging to Secure Mobile Access […]

The post HelloKitty ransomware gang targets vulnerable SonicWall devices appeared first on Security Affairs.

Read More HelloKitty ransomware gang targets vulnerable SonicWall devices
by

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Biden discussed Russian ransomware gangs with Putin in a phone call Hackers accessed Mint Mobile subscribers data and […]

The post Security Affairs newsletter Round 323 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 323
by

The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The move was announced by the U.S. Department of State, the US agency states that its Rewards for […]

The post US govt offers $10 million reward for info on nation-state cyber operations appeared first on Security Affairs.

Read More US govt offers $10 million reward for info on nation-state cyber operations
by

Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco this week released security updates for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. The flaw resides in the software cryptography module of both ASA and FTD […]

The post Cisco fixes high-risk DoS flaw in ASA, FTD Software appeared first on Security Affairs.

Read More Cisco fixes high-risk DoS flaw in ASA, FTD Software
by

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. An attacker could exploit the flaws to execute arbitrary code on unpatched routers, crash the devices, or gain access […]

The post D-Link issues beta hotfix for multiple flaws in DIR-3040 routers appeared first on Security Affairs.

Read More D-Link issues beta hotfix for multiple flaws in DIR-3040 routers
by

Microsoft published guidance to mitigate the impact of a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed today. Microsoft published a security advisory for a new Windows Print Spooler vulnerability, tracked as CVE-2021-34481, that was disclosed on Thursday. The flaw is a privilege elevation vulnerability that resides in the Windows Print Spooler, it was […]

The post Microsoft alerts about a new Windows Print Spooler vulnerability appeared first on Security Affairs.

Read More Microsoft alerts about a new Windows Print Spooler vulnerability
by

Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild. Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux that addresses seven vulnerabilities, including a high severity zero-day vulnerability, tracked as CVE-2021-30563, that has been exploited in the wild. The CVE-2021-30563 is a “type confusion” issue that […]

The post Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild appeared first on Security Affairs.

Read More Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild
by

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Experts reported an uptick in malicious Android apps on the official Google Play store laced with the Joker mobile trojan. The Joker malware is a malicious code camouflaged as a system app and […]

The post New enhanced Joker Malware samples appear in the threat landscape appeared first on Security Affairs.

Read More New enhanced Joker Malware samples appear in the threat landscape
by

Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and Citizen Lab believe that the secretive Israel-based Israeli surveillance firm Candiru, tracked as Sourgum, used Windows zero-day exploits to deliver a new Windows spyware dubbed DevilsTongue. According to the experts, at least 100 activists, journalists […]

The post Israeli surveillance firm Candiru used Windows zero-days to deploy spyware appeared first on Security Affairs.

Read More Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
by

Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server Zero-day exploit broker Zerodium announced it is looking for zero-day exploits for VMware vCenter Server. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. The company will […]

The post Exploit broker Zerodium is looking for VMware vCenter Server exploits appeared first on Security Affairs.

Read More Exploit broker Zerodium is looking for VMware vCenter Server exploits
by

Security researchers have linked a new ransomware strain called Diavol to the Wizard Spider threat group behind the Trickbot botnet. BleepingComputer noted the ransomware families utilize the same I/O operations for file encryption queueing and use nearly identical command-line parameters for the same functionality. There may be some similarities, but as they’ve explained and SpearTip […]

The post SpearTip Finds New Diavol Ransomware Does Steal Data appeared first on Security Affairs.

Read More SpearTip Finds New Diavol Ransomware Does Steal Data
by

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. The move of the ransomware gang aims at expanding the operations targeting enterprises that are largely adopting virtualizing platforms. Targeting VMware ESXi […]

The post HelloKitty ransomware now targets VMware ESXi servers appeared first on Security Affairs.

Read More HelloKitty ransomware now targets VMware ESXi servers
by

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. The move of the ransomware gang aims at expanding the operations targeting enterprises that are largely adopting virtualizing platforms. Targeting VMware ESXi […]

The post HelloKitty ransomware now targets VMware ESXi servers appeared first on Security Affairs.

Read More HelloKitty ransomware now targets VMware ESXi servers
by

SonicWall has issued an urgent security alert to warn customers of “an imminent ransomware campaing” targeting EOL equipment. SonicWall has issued an urgent security alert to warn companies of “an imminent ransomware campaing” targeting some of its equipment that reached end-of-life (EoL). Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series […]

The post SonicWall warns of ‘imminent ransomware’ attacks on its EOL products appeared first on Security Affairs.

Read More SonicWall warns of ‘imminent ransomware’ attacks on its EOL products
by

Uptycs threat research team analyzed macOS malware threat landscape and discovered that Shlayer and Bundlore are the most predominant malware. The Uptycs threat research team has been observing over 90% of macOS malware in our daily analysis and customer telemetry alerts using shell scripts. Though these scripts have slight variations, they mostly belong to a […]

The post macOS: Bashed Apples of Shlayer and Bundlore appeared first on Security Affairs.

Read More macOS: Bashed Apples of Shlayer and Bundlore
by

Google security experts revealed that Russia-linked APT group targeted LinkedIn users with Safari zero-day. Security researchers from Google Threat Analysis Group (TAG) and Google Project Zero revealed that four zero-day vulnerabilities have been exploited in the wild earlier this year. The four security flaws were discovered earlier this year and affect Google Chrome, Internet Explorer, and WebKit browser […]

The post Google: four zero-day flaws have been exploited in the wild appeared first on Security Affairs.

Read More Google: four zero-day flaws have been exploited in the wild
by

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. Kaspersky experts uncovered an ongoing and large-scale cyber espionage campaign, tracked as LuminousMoth, aimed at government entities from Southeast Asia, including Myanmar and the Philippines government entities. The LuminousMoth campaign has been linked by […]

The post China-linked LuminousMoth APT targets entities from Southeast Asia appeared first on Security Affairs.

Read More China-linked LuminousMoth APT targets entities from Southeast Asia
by

Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The Trickbot botnet continues to evolve despite the operations conducted by law enforcement aimed at dismantling it. The authors recently implemented an update for the VNC module used for remote control over infected systems. In October, Microsoft’s […]

The post Trickbot improve its VNC module in recent attacks appeared first on Security Affairs.

Read More Trickbot improve its VNC module in recent attacks
by

Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The Trickbot botnet continues to evolve despite the operations conducted by law enforcement aimed at dismantling it. The authors recently implemented an update for the VNC module used for remote control over infected systems. In October, Microsoft’s […]

The post Trickbot improve its VNC module in recent attacks appeared first on Security Affairs.

Read More Trickbot improve its VNC module in recent attacks
by

Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]

The post China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks appeared first on Security Affairs.

Read More China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks
by

Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]

The post China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks appeared first on Security Affairs.

Read More China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks
by

The infrastructure and leak sites used by the REvil ransomware gang for its operations went offline last night. Starting last night, the infrastructure and the websites used by the REvil ransomware gang were mysteriously unreachable, BleepingComputer first reported. “The REvil ransomware operation, aka Sodinokibi, operates through numerous clear web and dark web sites used as […]

The post The infrastructure and websites used by REvil ransomware gang are not reachable appeared first on Security Affairs.

Read More The infrastructure and websites used by REvil ransomware gang are not reachable
by

A CyberNews investigation uncovered a network of wallet addresses used by a scammer group to store and cash out millions in crypto stolen from thousands of victims. Original post @ https://cybernews.com/crypto/millions-of-stolen-crypto-found-investigation/ Mindaugas (who wished his last name not to be disclosed publicly), an executive at a UK-based company, unknowingly fell for a scam when he […]

The post This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto appeared first on Security Affairs.

Read More This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto
by

Adobe addressed multiple critical vulnerabilities in several products, including Adobe Acrobat and Reader application. Adobe addressed multiple critical remote code execution and privilege escalation vulnerabilities in multiple products running on both Windows and macOS systems. The flaws fixed by Adobe affect Acrobat and Reader, Illustrator, Framemaker, Dimension and Bridge products. Below the list of advisories […]

The post Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator appeared first on Security Affairs.

Read More Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator
by

ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over the device. Researchers at IoT security firm Armis discovered an authentication bypass vulnerability, tracked as CVE-2021-22779 and dubbed ModiPwn, that affects some of Schneider Electric ’s Modicon PLCs. The flaw can be exploited by an unauthenticated attacker […]

The post ModiPwn flaw in Modicon PLCs bypasses security mechanisms appeared first on Security Affairs.

Read More ModiPwn flaw in Modicon PLCs bypasses security mechanisms
by

NetBlocks reported partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went to the streets to protest the government. Security experts from NetBlocks are observing partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went to the streets to […]

The post Social media partially disrupted in Cuba amid anti-government protests appeared first on Security Affairs.

Read More Social media partially disrupted in Cuba amid anti-government protests
by

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers. The attack was likely carried out by the DarkSide ransomware gang […]

The post American retailer Guess discloses data breach after ransomware attack appeared first on Security Affairs.

Read More American retailer Guess discloses data breach after ransomware attack
by

SolarWinds confirmed that a threat actor is actively exploiting a new zero-day vulnerability in Serv-U products and urges customers to fix it. SolarWinds addressed a zero-day remote code execution flaw in Serv-U products which is actively exploited in the wild by a single threat actor. SolarWinds was informed of the zero-day by Microsoft, the issue affects Serv-U Managed File Transfer […]

The post SolarWinds fixes critical Serv-U zero-day exploited in the wild appeared first on Security Affairs.

Read More SolarWinds fixes critical Serv-U zero-day exploited in the wild
by

Researchers from Cyber News Team have spotted threat actors offering for sale 600 million LinkedIn profiles scraped from the platform, again. Original post: https://cybernews.com/news/threat-actors-scrape-600-million-linkedin-profiles-and-are-selling-the-data-online-again/ For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from […]

The post Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again appeared first on Security Affairs.

Read More Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again
by

Researchers spotted a new malware, dubbed BIOPASS, that sniffs victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Researchers from Trend Micro spotted a new malware, dubbed BIOPASS, that sniffs the victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Threat actors behind the new malware planted a malicious JavaScript code on support […]

The post BIOPASS malware abuses OBS Studio to spy on victims appeared first on Security Affairs.

Read More BIOPASS malware abuses OBS Studio to spy on victims
by

Kaseya has released a security update to address the VSA zero-day vulnerabilities exploited by REvil gang in the massive ransomware supply chain attack. Software vendor Kaseya has released a security update to fix the zero-day vulnerabilities in its VSA software that were exploited by the REvil ransomware gang in the massive ransomware supply chain attack. […]

The post Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack appeared first on Security Affairs.

Read More Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack
by

Magecart hackers continuously improve their exfiltration techniques to evade detection, they are hiding stolen credit card data into images. Magecart hackers have devised a new technique to obfuscating the malware within comment blocks and hide stolen credit card data into images evading detection. Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with […]

The post Magecart hackers hide stolen credit card data into images and bogus CSS files appeared first on Security Affairs.

Read More Magecart hackers hide stolen credit card data into images and bogus CSS files
by

President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir Putin. The recent wave of ransomware attacks carried out by Russian gangs like REvil and Darkside worries US authorities and was discussed by Presidents Biden and Putin during a phone call. The ransomware attacks against […]

The post Biden discussed Russian ransomware gangs with Putin in a phone call appeared first on Security Affairs.

Read More Biden discussed Russian ransomware gangs with Putin in a phone call
by

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States. BleepingComputer reported that Mint Mobile has disclosed a data breach that […]

The post Hackers accessed Mint Mobile subscribers’ data and ported some numbers appeared first on Security Affairs.

Read More Hackers accessed Mint Mobile subscribers’ data and ported some numbers
by

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack Hackers spread backdoor after compromising the […]

The post Security Affairs newsletter Round 322 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 322
by

Iran’s railroad system was hit by a cyberattack, hackers posted fake messages about delays or cancellations of the trains on display boards at stations across the country. Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, […]

The post Iran’s railroad system was hit by a cyberattack, hackers posted fake delay messages appeared first on Security Affairs.

Read More Iran’s railroad system was hit by a cyberattack, hackers posted fake delay messages
by

Threat actors are conducting a spam campaign aimed at infecting Kaseya customers, posing as legitimate VSA security updates Kaseya is warning customers of threat actors attempting to exploit the recent massive supply chain ransomware attack suffered by the company. The software provider is warning of an ongoing malspam campaign aimed at delivering malware into their […]

The post Kaseya warns customers of ongoing malspam campaign posing as security updates appeared first on Security Affairs.

Read More Kaseya warns customers of ongoing malspam campaign posing as security updates
by

Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. The insurance firm paid a $40 ransom to restore access to its files following the ransomware attack. […]

The post Insurance firm CNA discloses data breach after March ransomware attack appeared first on Security Affairs.

Read More Insurance firm CNA discloses data breach after March ransomware attack
by

Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. Most of the phishing attacks leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. Now experts from McAfee Labs warn of a novel technique used by threat actors that […]

The post Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs appeared first on Security Affairs.

Read More Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs
by

Microsoft confirmed that the emergency security updates (KB5005010) correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527). Microsoft says that the emergency security patches released early this week correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527) for all supported Windows versions. Immediately after the release of the updates (KB5004945) multiple researchers questioned its efficiency and explained […]

The post Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw appeared first on Security Affairs.

Read More Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw
by

Cisco addresses high severity privilege escalation vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users to privilege escalation attacks. Cisco released security patches for high severity vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users to privilege escalation attacks. The IT giant fixed two flaws […]

The post Cisco fixes High Severity issue in BPA and WSA appeared first on Security Affairs.

Read More Cisco fixes High Severity issue in BPA and WSA
by

Rapid7 researchers discovered security vulnerabilities in the Sage X3 ERP product that could allow to take control of vulnerable systems. Researchers from Rapid7 discovered a total of four security vulnerabilities in the Sage X3 enterprise resource planning (ERP) solution. Chaining two of the vulnerabilities discovered by the expert, an attacker could execute malicious commands and take control of vulnerable […]

The post Multiple Sage X3 vulnerabilities expose systems to hack appeared first on Security Affairs.

Read More Multiple Sage X3 vulnerabilities expose systems to hack
by

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has disclosed a data breach after threat actors have compromised the Accellion FTA server of the third-party vendor Guidehouse. The company has offices in more than […]

The post Morgan Stanley discloses data breach after the hack of a third-party vendor appeared first on Security Affairs.

Read More Morgan Stanley discloses data breach after the hack of a third-party vendor
by

The Tor Project has released Tor Browser 10.5 which enhances an anti-censorship feature and warns of V2 onion URL deprecation. The Tor Project has released Tor Browser 10.5 which implements an improved anti-censorship feature and warns users of V2 onion URL deprecation in favor of the newer V3 URLs. The first version supporting V3 URLs […]

The post Tor Browser 10.5 is out, it includes a new anti-censorship feature appeared first on Security Affairs.

Read More Tor Browser 10.5 is out, it includes a new anti-censorship feature
by

A threat actor has deposited 26.99 Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. A threat actor that goes online with the name “integra” has deposited 26.99 Bitcoins on one of the cybercrime forums with the intent to purchase zero-day Exploits from other forum members, researchers from threat intelligence firm Cyble. According to the experts, the […]

The post Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits appeared first on Security Affairs.

Read More Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits
by

The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an out-of-band KB5004945 security update to address the PrintNightmare vulnerability, unfortunately, the patch is incomplete and still allows remote code execution. Researchers have demonstrated that it is possible to bypass the emergency patch to achieve remote code execution […]

The post Experts bypassed Microsoft’s emergency patch for the PrintNightmare appeared first on Security Affairs.

Read More Experts bypassed Microsoft’s emergency patch for the PrintNightmare
by

Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama electric cooperative that serves about 25,000 members, was hit by a ransomware attack. The cyberattack temporarily blocked the customers’ access to their account information, the cooperative is working to restore the impacted system. According to […]

The post Wiregrass Electric Cooperative hit by a ransomware attack appeared first on Security Affairs.

Read More Wiregrass Electric Cooperative hit by a ransomware attack
by

WildPressure APT is targeting industrial organizations in the Middle East since 2019 and was spotted using now a new malware that targets both Windows and macOS. Researchers from Kaspersky have spotted a new malware used by the WildPressure APT group to targets both Windows and macOS systems. The WildPressure was spotted for the first time […]

The post WildPressure APT expands operations targeting the macOS platform appeared first on Security Affairs.

Read More WildPressure APT expands operations targeting the macOS platform
by

Resecurity® HUNTER, cyber threat intelligence and R&D unit, identified a strong connection to a cloud hosting and IoT company servicing the domain belonging to cybercriminals. According to the recent research published by ReSecurity on Twitter, starting January 2021 REVil leveraged a new domain ‘decoder[.]re’ in addition to a ransomware page available in the TOR network. […]

The post Researchers uncovered the network infrastructure of REVil – The notorious ransomware group that hit Kaseya appeared first on Security Affairs.

Read More Researchers uncovered the network infrastructure of REVil – The notorious ransomware group that hit Kaseya
by

Microsoft rolled out KB5004945 emergency update to address the actively exploited PrintNightmare zero-day vulnerability (CVE-2021-34527) in Print Spooler service. Microsoft has released the KB5004945 emergency security update to address the actively exploited CVE-2021-34527 zero-day vulnerability, aka PrintNightmare. “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An […]

The post Microsoft rolled out emergency update for Windows PrintNightmare zero-day appeared first on Security Affairs.

Read More Microsoft rolled out emergency update for Windows PrintNightmare zero-day
by

A hacker has leaked claims to have breached pro-Trump GETTR and leaked the private information of almost 90,000 members on a hacking forum. GETTR is a new pro-Trump social media platform created by Jason Miller, a former Trump advisor, the Twitter-like platform suffered a data breach. The security breach comes a few hours after its […]

The post Hacker leaks info of pro-Trump GETTR members online appeared first on Security Affairs.

Read More Hacker leaks info of pro-Trump GETTR members online
by

Positive Technologies experts provide details about potential impact of a recently fixes command injection flaw in SonicWall NSM devices. Positive Technologies researcher Nikita Abramov has provided details about the CVE-2021-20026 command injection vulnerability that affects SonicWall’s Network Security Manager (NSM) product. At the end of May, SonicWall urged its customers to ‘immediately’ address a post-authentication vulnerability, tracked […]

The post SonicWall addresses critical CVE-2021-20026 flaw in NSM devices appeared first on Security Affairs.

Read More SonicWall addresses critical CVE-2021-20026 flaw in NSM devices
by

Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management […]

The post Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya appeared first on Security Affairs.

Read More Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya
by

Group-IB supported INTERPOL in its Operation Lyrebird that allowed to identify a threat actor presumably responsible for multiple attacks. Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has supported INTERPOL in its Operation Lyrebird that resulted in the identification and apprehension of a threat actor presumably responsible for multiple attacks, […]

The post Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide appeared first on Security Affairs.

Read More Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide
by

Taiwanese vendor QNAP addressed a critical flaw, tracked as CVE-2021-28809, that could be exploited to compromise vulnerable NAS devices. Taiwanese vendor QNAP fixed a critical vulnerability, tracked as CVE-2021-28809, that could be exploited by attackers to compromise vulnerable NAS devices. The vulnerability affects certain legacy versions of HBS 3 Hybrid Backup Sync, it was reported to […]

The post QNAP addressed a critical flaw that allows compromising NAS devices appeared first on Security Affairs.

Read More QNAP addressed a critical flaw that allows compromising NAS devices
by

ENISA publishes Cybersecurity guide for SMEs, a document that aims at providing suggestions to secure their business During the COVID-19 pandemic, most of organizations increased their presence online, enlarging their surface of attacks. The surface of attack for SMEs was enlarged, many of them took business continuity measures, such as adopting cloud services, improving their […]

The post ENISA publishes Cybersecurity guide for SMEs appeared first on Security Affairs.

Read More ENISA publishes Cybersecurity guide for SMEs
by

CISA and the FBI published guidance for the victims impacted by the REvil supply-chain ransomware attack against Kaseya. CISA and the Federal Bureau of Investigation (FBI) have published guidance for the organizations impacted by the massive REvil supply-chain ransomware attack that hit Kaseya ‘s cloud-based MSP platform. The US agencies provides instructions to affected MSPs and their customers […]

The post CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack appeared first on Security Affairs.

Read More CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack
by

Revil ransomware gang hit Spanish telecom giant MasMovil and claims to have stolen sensitive data from the group. MasMovil is one of the largest Spanish telecom operators, last week the group was hit by the REvil ransomware gang that claims to have stolen sensitive data from the company. “We have downloaded databases and other important […]

The post Revil ransomware gang hit Spanish telecom giant MasMovil appeared first on Security Affairs.

Read More Revil ransomware gang hit Spanish telecom giant MasMovil
by

REvil ransomware is demanding $70 million for decrypting all systems locked during the Kaseya supply-chain ransomware attack. REvil ransomware is asking $70 million worth of Bitcoin for decrypting all systems impacted in the Kaseya supply-chain ransomware attack. On Friday the REvil ransomware gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The […]

The post REvil ransomware gang demanded $70M for universal decryptor for Kaseya victims appeared first on Security Affairs.

Read More REvil ransomware gang demanded $70M for universal decryptor for Kaseya victims
by

US water company WSSC Water is investigating a ransomware attack that affected non-essential business systems in May. WSSC Water is investigating a ransomware attack that took place on May 24 and that targeted a portion of their network that operates non-essential business systems. According to reports from WJZ13 Baltimore, the company removed the malware just hours later and locked out […]

The post US water company WSSC Water hit by a ransomware attack appeared first on Security Affairs.

Read More US water company WSSC Water hit by a ransomware attack
by

Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The REvil ransomware operators initially compromised the Kaseya VSA’s infrastructure, then pushed out […]

The post REvil gang exploited a zero-day in the Kaseya supply chain attack appeared first on Security Affairs.

Read More REvil gang exploited a zero-day in the Kaseya supply chain attack
by

Threat actors compromised the servers of Mongolian certificate authority (CA) MonPass and used its website to spread malware. Hackers compromised the servers of the Mongolian certificate authority (CA) MonPass and used its website to spread malware, reported Avast researchers. According to the experts, the security breach took place at least six months ago, MonPass was […]

The post Hackers spread backdoor after compromising the Mongolian CA MonPass appeared first on Security Affairs.

Read More Hackers spread backdoor after compromising the Mongolian CA MonPass
by

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Crackonosh Monero miner made $2M after infecting 222,000 Win systems Hackers target Cisco ASA devices after a PoC […]

The post Security Affairs newsletter Round 321 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 321
by

Swedish supermarket chain Coop is the first company to disclose the impact of the recent supply chain ransomware attack that hit Kaseya. The supermarket chain Coop shut down approximately 500 stores as a result of the supply chain ransomware attack that hit the provider Kaseya. The REvil ransomware operators initially compromised the Kaseya VSA’s infrastructure, […]

The post Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack appeared first on Security Affairs.

Read More Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack
by

A supply attack by REvil ransomware operators against Kaseya VSA impacted multiple managed service providers (MSPs) and their clients. A new supply chain attack made the headlines, this afternoon, the REvil ransomware gang hit the cloud-based MSP platform impacting MSPs and their customers. Kaseya has 40,000 customers, not all use the VSA tool which is […]

The post Kaseya VSA supply-chain ransomware attack hit hundreds of companies appeared first on Security Affairs.

Read More Kaseya VSA supply-chain ransomware attack hit hundreds of companies
by

Wizard Spider, the cybercrime gang behind the TrickBot botnet, is believed to be the author of a new ransomware family dubbed Diavol, Fortinet researchers report. Researchers from Fortinet reported that a new ransomware family, tracked as Diavol, might have been developed by Wizard Spider, the cybercrime gang behind the TrickBot botnet. The Trickbot botnet was used […]

The post Diavol ransomware appears in the threat landscape. Is it the work of the Wizard Spider gang? appeared first on Security Affairs.

Read More Diavol ransomware appears in the threat landscape. Is it the work of the Wizard Spider gang?
by

Microsoft is urging Azure users to update PowerShell to address a remote code execution vulnerability that was fixed earlier this year. Microsoft is recommending its Azure users to update PowerShell versions 7.0 and 7.1 to protect against a high severity remote code execution vulnerability tracked as CVE-2021-26701. The IT giant is inviting the PowerShell task […]

The post Microsoft urges Azure users to update PowerShell to fix RCE flaw appeared first on Security Affairs.

Read More Microsoft urges Azure users to update PowerShell to fix RCE flaw