hacking news

by

Cisco fixed critical, high severity pre-auth security vulnerabilities impacting multiple Small Business VPN routers. Cisco addressed critical and high severity pre-auth security vulnerabilities that impact multiple Small Business VPN routers. An attacker could exploit the issues to trigger a denial of service condition or execute commands and arbitrary code on impacted multiple Small Business VPN […]

The post Cisco fixes critical, high severity vulnerabilities in VPN routers appeared first on Security Affairs.

Read More Cisco fixes critical, high severity vulnerabilities in VPN routers
by

China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US, and Russia. Researchers from Positive Technologies reported that China-linked APT31 group has been using a new piece of malware in a recent wave of attacks targeting Mongolia, Belarus, Canada, the United States, and Russia. Experts […]

The post China-linked APT31 targets Russia for the first time appeared first on Security Affairs.

Read More China-linked APT31 targets Russia for the first time
by

Cyber Defense Magazine August 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 148 pages of excellent content. Cyber Defense eMagazine August Edition for 2021Grab this PDF version and help fund our operations:https://cyberdefensemagazine.tradepub.com/free/w_cyba125/ Here’s the Yumpu Magazine Versionhttps://www.yumpu.com/en/document/read/65794079/cyber-defense-emagazine-august-edition-for-2021 Here’s a free PDF Version hosted on our site:https://www.cyberdefensemagazine.com/newsletters/august-2021/CDM-CYBER-DEFENSE-eMAGAZINE-August-2021.pdf Mobile Versionhttps://www.cyberdefensemagazine.com/newsletters/august-2021/index.html The Black […]

The post Cyber Defense Magazine – August 2021 has arrived. Enjoy it! appeared first on Security Affairs.

Read More Cyber Defense Magazine – August 2021 has arrived. Enjoy it!
by

A flaw in the GitHub Actions workflow for PyPI ’s source repository could be exploited to potentially execute arbitrary code on pypi.org. Security researcher RyotaK disclosed three flaws in PyPI, the most severe one could potentially lead to the compromise of the entire PyPI infrastructure. Python Package Index (PyPI) is the official third-party software repository […]

The post Experts found potential remote code execution in PyPI appeared first on Security Affairs.

Read More Experts found potential remote code execution in PyPI
by

Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. The video shows an insider plugging a USB Rubber […]

The post Do You Trust Your Smart TV? appeared first on Security Affairs.

Read More Do You Trust Your Smart TV?
by

Cybersecurity researchers disclosed multiple flaws, dubbed PwnedPiper, that left a widely-used pneumatic tube system (PTS) vulnerable to attacks. Researchers from cybersecurity Armis disclosed a set of nine vulnerabilities collectively tracked as PwnedPiper that could be exploited to carry out multiple attacks against a widely-used pneumatic tube system (PTS). The Swisslog PTS system are used in […]

The post PwnedPiper flaws in PTS systems affect 80% of major US hospitals appeared first on Security Affairs.

Read More PwnedPiper flaws in PTS systems affect 80% of major US hospitals
by

An attacker could exploit a vulnerability in the WordPress Download Manager plugin, tracked as CVE-2021-34639, to execute arbitrary code under specific configurations. Researchers from Wordfence team discovered a vulnerability, tracked as CVE-2021-34639, affecting the WordPress Download Manager plugin that could allow attackers to execute arbitrary code under specific configurations. The flaw could allow authors and […]

The post WordPress Download Manager Plugin was affected by two flaws appeared first on Security Affairs.

Read More WordPress Download Manager Plugin was affected by two flaws
by

Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile victims. The long-running operation carried out by the group mostly targeted […]

The post GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia appeared first on Security Affairs.

Read More GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia
by

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Crooks target Kubernetes installs via Argo Workflows to deploy miners XCSSET MacOS malware targets Telegram, Google Chrome […]

The post Security Affairs newsletter Round 325 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 325
by

Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source […]

The post Threat actors leaked data stolen from EA, including FIFA code appeared first on Security Affairs.

Read More Threat actors leaked data stolen from EA, including FIFA code
by

Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The US Department of Justice revealed that the Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were hacked by the Russia-linked SVR (aka APT29, Cozy Bear, and The Dukes) during the SolarWinds attack. The […]

The post SolarWinds hackers breached 27 state attorneys’ offices appeared first on Security Affairs.

Read More SolarWinds hackers breached 27 state attorneys’ offices
by

Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. Vultur was first spotted in late March 2021, it gains full […]

The post Android Banking Trojan Vultur uses screen recording for credentials stealing appeared first on Security Affairs.

Read More Android Banking Trojan Vultur uses screen recording for credentials stealing
by

Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Manfred Paul of the RedRocket CTF team released the exploit code for a high-severity privilege escalation bug, tracked as CVE-2021-3490, in Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to […]

The post CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines appeared first on Security Affairs.

Read More CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines
by

Estonia ‘s police arrested a man from Tallinn that is suspected to be the hacker who stole 286K ID scans from the government systems. Estonian police arrested a man from Tallinn that is suspected to have stolen 286,438 belonging to Estonians citizens from the government systems. The hacker exploited a vulnerability in a photo transfer […]

The post Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB appeared first on Security Affairs.

Read More Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB
by

The recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by a ransomware as initially thought. According to research from Amnpardaz and SentinelOne, the recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by ransomware as initially thought. Meteor was a previously undetected strain of malware, but experts […]

The post Meteor was the wiper used against Iran’s national railway system appeared first on Security Affairs.

Read More Meteor was the wiper used against Iran’s national railway system
by

A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies. Kramez explained that this is the […]

The post LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains appeared first on Security Affairs.

Read More LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains
by

Experts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on it. Researchers Peleg Hadar of SafeBreach and Ophir Harpaz of Guardicore disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow triggering a DoS condition ot executing arbitrary code on it. The flaw resides in […]

The post Critical flaw in Microsoft Hyper-V could allow RCE and DoS appeared first on Security Affairs.

Read More Critical flaw in Microsoft Hyper-V could allow RCE and DoS
by

A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) published a Joint Cybersecurity […]

The post US, UK, and Australian agencies warn of top routinely exploited issues appeared first on Security Affairs.

Read More US, UK, and Australian agencies warn of top routinely exploited issues
by

A China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks. A China-linked cyberespionage group tracked as PKPLUG (aka Mustang Panda and HoneyMyte), which is known for targeting Southeast Asia, exploited vulnerabilities in the Microsoft Exchange Server to deploy a previously undocumented variant of PlugX  on compromised systems. Researchers […]

The post Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange Servers appeared first on Security Affairs.

Read More Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange Servers
by

The ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data […]

The post IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2M appeared first on Security Affairs.

Read More IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2M
by

BlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its […]

The post BlackMatter ransomware group claims to be Darkside and REvil succesor appeared first on Security Affairs.

Read More BlackMatter ransomware group claims to be Darkside and REvil succesor
by

BlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its […]

The post BlackMatter ransomware group claims to be Darkside and REvil succesor appeared first on Security Affairs.

Read More BlackMatter ransomware group claims to be Darkside and REvil succesor
by

Researchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious email. Cybersecurity researchers have discovered multiple security vulnerabilities, tracked as CVE-2021-35208 and CVE-2021-35208, in Zimbra email collaboration software. An unauthenticated attacker could chain these vulnerabilities to fully takeover a Zimbra webmail server of a targeted organization. An […]

The post Flaws in Zimbra could allow to takeover webmail server of a targeted organization appeared first on Security Affairs.

Read More Flaws in Zimbra could allow to takeover webmail server of a targeted organization
by

Transnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by a disruptive cyber attack. South Africa’s logistics company Transnet SOC was hit last week by a disruptive cyberattack that halted its operations at all the port’s terminals. The attack took place on Thursday, 22 July. “Port terminals are operational across the system, with […]

The post South Africa’s logistics company Transnet SOC hit by a ransomware attack appeared first on Security Affairs.

Read More South Africa’s logistics company Transnet SOC hit by a ransomware attack
by

Experts found three new zero-day flaws in the Kaseya Unitrends service and warn users to avoid exposing the service to the Internet. Security researchers warn of three new zero-day vulnerabilities in the Kaseya Unitrends service. The vulnerabilities include remote code execution and authenticated privilege escalation on the client-side. Kaseya Unitrends is a cloud-based enterprise solution […]

The post DIVD discloses three new unpatched Kaseya Unitrends zero-days appeared first on Security Affairs.

Read More DIVD discloses three new unpatched Kaseya Unitrends zero-days
by

The Babuk ransomware operators seem to have suffered a ransomware attack, threat actors flooded their forum gay orgy porn images. At the end of June, the Babuk Locker ransomware was leaked online allowing threat actors to use it to create their own version of the popular ransomware. The Babuk Locker operators halted their operations at the end […]

The post Hackers flooded the Babuk ransomware gang’s forum with gay porn images appeared first on Security Affairs.

Read More Hackers flooded the Babuk ransomware gang’s forum with gay porn images
by

Apple released a security update that addresses CVE-2021-30807 flaw in macOS and iOS that may have been actively exploited to deliver malware Apple addressed a security flaw, tracked as CVE-2021-30807, in macOS and iOS that may have been actively exploited to plant malware on vulnerable devices. The vulnerability resides in the IOMobileFramebuffer, which is a […]

The post Apple fixes CVE-2021-30807 flaw, the 13th zero-day this year appeared first on Security Affairs.

Read More Apple fixes CVE-2021-30807 flaw, the 13th zero-day this year
by

The No More Ransom initiative celebrates its fifth anniversary, over 6 million victims of ransomware attacks recover their files for free saving almost €1 billion in payments. No More Ransom is celebrating its 5th anniversary, the initiative allowed more than 6 million ransomware victims to recover their files for free saving roughly $1 billion in […]

The post No More Ransom helped ransomware victims to save almost €1B appeared first on Security Affairs.

Read More No More Ransom helped ransomware victims to save almost €1B
by

Researchers demonstrated how to hide malware inside an image classifier within a neural network in order to bypass the defense solutions. Researchers Zhi Wang, Chaoge Liu, and Xiang Cui presented a technique to deliver malware through neural network models to evade the detection without impacting the performance of the network. Tests conducted by the experts […]

The post Hiding Malware inside a model of a neural network appeared first on Security Affairs.

Read More Hiding Malware inside a model of a neural network
by

Microsoft published mitigations for the recently discovered PetitPotam attack that allows attackers to force remote Windows machines to share their password hashes. Microsoft has released mitigations for the recently discovered PetitPotam NTLM attack that could allow attackers to take over a domain controller. A few days ago, security researcher Gilles Lionel (aka Topotam) has discovered a vulnerability in […]

The post Microsoft publishes mitigations for the PetitPotam attack appeared first on Security Affairs.

Read More Microsoft publishes mitigations for the PetitPotam attack
by

A threat actor is offering for sale on hacking forums the secret database Clubhouse containing 3.8B phone numbers. Clubhouse is a social audio app for iOS and Android where users can communicate in voice chat rooms that accommodate groups of thousands of people. The audio-only app hosts live discussions, with opportunities to participate through speaking and listening. Conversations are prohibited by Clubhouse’s guidelines […]

The post Threat actor offers Clubhouse secret database containing 3.8B phone numbers appeared first on Security Affairs.

Read More Threat actor offers Clubhouse secret database containing 3.8B phone numbers
by

Threat actors target Kubernetes installs via Argo Workflows to cryptocurrency miners, security researchers from Intezer warn. Researchers from Intezer uncovered new attacks on Kubernetes (K8s) installs via misconfigured Argo Workflows aimed at deploying cryptocurrency miners. Argo Workflows is an open-source, container-native workflow engine designed to run on K8s clusters. The experts discovered Argo Workflows instances with […]

The post Crooks target Kubernetes installs via Argo Workflows to deploy miners appeared first on Security Affairs.

Read More Crooks target Kubernetes installs via Argo Workflows to deploy miners
by

XCSSET macOS malware continues to evolve, now it is able to steal login information from multiple apps, including Telegram and Google Chrome. Security researchers from Trend Micro continues to monitor the evolution of the XCSSET macOS malware, new variants are able to steal login information from multiple apps, including Telegram and Google Chrome, and send […]

The post XCSSET MacOS malware targets Telegram, Google Chrome data and more appeared first on Security Affairs.

Read More XCSSET MacOS malware targets Telegram, Google Chrome data and more
by

Japanese researchers spotted an Olympics-themed wiper targeting Japanese users ahead of the 2021 Tokyo Olympics. Tokyo Olympics could be a great opportunity for cybercriminals and malware authors, the US FBI warned private US companies of cyberattacks that might attempt to disrupt the 2021 Tokyo Olympics. Researchers from the Japanese security firm Mitsui Bussan Secure Directions (MBSD) […]

The post Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics appeared first on Security Affairs.

Read More Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics
by

Estonian hacker Pavel Tsurkan has pleaded guilty in a United States court to the counts of computer fraud and of creating and operating a proxy botnet. The Estonian national Pavel Tsurkan has pleaded guilty in a United States court to two counts of computer fraud and abuse. According to court documents, Pavel Tsurkan (33) operated […]

The post Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet. appeared first on Security Affairs.

Read More Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet.
by

WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. Original post at https://www.wizcase.com/blog/us-municipality-breach-report/ This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types […]

The post Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach appeared first on Security Affairs.

Read More Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach
by

How businesses can benefit from the adoption of an identity and access management solution. Businesses that use outdated manual processes to grant and control access to their IT resources are getting left behind. This article describes what an identity and access management solution is and how it can benefit your business. Identity Is the New […]

The post What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It? appeared first on Security Affairs.

Read More What Is An Identity and Access Management So-lution and How Can Businesses Benefit From It?
by

The software provider Kaseya announced to have obtained a universal decryptor for the REvil ransomware. Earlier this month, a massive supply chain attack conducted by the REvil ransomware gang hit the cloud-based managed service provider platform Kaseya, impacting both other MSPs using its VSA software and their customers. The VSA tool is used by MSPs to perform […]

The post Kaseya obtained a universal decryptor for REvil ransomware attack appeared first on Security Affairs.

Read More Kaseya obtained a universal decryptor for REvil ransomware attack
by

Multiple major websites, including Steam, AWS, Amazon, Google, and Salesforce, went offline due to Akamai DNS global outage. A software configuration update triggered a bug in the Akamai DNS which took offline major websites, including Steam, the PlayStation Network, AWS, Google, and Salesforce. “A software configuration update triggered a bug in the DNS (domain name […]

The post Akamai software update triggered a bug that took offline major sites appeared first on Security Affairs.

Read More Akamai software update triggered a bug that took offline major sites
by

Oracle released its Critical Patch Update for July 2021, it fixes hundreds of flaws, including Critical Remotely Exploitable vulnerabilities in Weblogic Server. Oracle this week released its quarterly Critical Patch Update for July 2021 that contains 342 new security patches for multiple product families. Some of the vulnerabilities addressed by the IT giant could be remotely exploited by […]

The post Oracle fixes critical RCE vulnerabilities in Weblogic Server appeared first on Security Affairs.

Read More Oracle fixes critical RCE vulnerabilities in Weblogic Server
by

Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has assisted the Dutch National Police in the operation to apprehend alleged members of a cybercriminal group codenamed ‘Fraud Family.’ Group-IB’s […]

The post Group-IB helps Dutch police identify members of phishing developer gang Fraud Family appeared first on Security Affairs.

Read More Group-IB helps Dutch police identify members of phishing developer gang Fraud Family
by

A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums. TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases. Their clients include Burger King, McDonald’s, Cinecittà World, Rainbow Magicland, and many other enterprises having coupon and loyalty programs.  The […]

The post TicketClub Italy Database Offered in Dark Web appeared first on Security Affairs.

Read More TicketClub Italy Database Offered in Dark Web
by

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. The author of the post claims that the data was acquired from […]

The post Thousands of Humana customers have their medical data leaked online by threat actors appeared first on Security Affairs.

Read More Thousands of Humana customers have their medical data leaked online by threat actors
by

French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group. The French national cyber-security agency ANSSI warned of ongoing attacks against a large number of French organizations conducted by the Chine-linked APT31 cyberespionage group. The state-sponsored hackers are hijacking home routers to set up a […]

The post France ANSSI agency warns of APT31 campaign against French organizations appeared first on Security Affairs.

Read More France ANSSI agency warns of APT31 campaign against French organizations
by

Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware.  FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is […]

The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs.

Read More XLoader, a $49 spyware that could target both Windows and macOS devices
by

A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release for his role in operating the Kelihos botnet. The creator of the Kelihos Botnet, Peter Yuryevich Levashov (40), was sentenced to 33 months, time served, and three years of supervised release. Levashev used the pseudonym of […]

The post Kelihos botmaster Peter Levashov gets time served appeared first on Security Affairs.

Read More Kelihos botmaster Peter Levashov gets time served
by

Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros. Qualys researchers discovered a local privilege escalation (LPE) tracked as CVE-2021-33909, aka Sequoia, an unprivileged attacker can exploit the flaw to get root privileges on most Linux distros. The issue is a size_t-to-int type […]

The post LPE flaw in Linux kernel allows attackers to get root privileges on most distros appeared first on Security Affairs.

Read More LPE flaw in Linux kernel allows attackers to get root privileges on most distros
by

Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros. Qualys researchers discovered a local privilege escalation (LPE) tracked as CVE-2021-33909, aka Sequoia, an unprivileged attacker can exploit the flaw to get root privileges on most Linux distros. The issue is a size_t-to-int type […]

The post LPE flaw in Linux kernel allows attackers to get root privileges on most distros appeared first on Security Affairs.

Read More LPE flaw in Linux kernel allows attackers to get root privileges on most distros
by

Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit to gain admin rights on systems. Researchers from SentinelOne discovered a 16-year-old security vulnerability in an HP, Xerox, and Samsung printers driver that can allow attackers to gain admin rights on systems running the flawed […]

The post A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide appeared first on Security Affairs.

Read More A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide
by

Fortinet fixes a serious bug in its FortiManager and FortiAnalyzer network management solutions that could be exploited to execute arbitrary code as root. Fortinet has released security updates to address a serious bug, tracked as CVE-2021-32589, affecting FortiManager and FortiAnalyzer network management solutions. The CVE-2021-32589 vulnerability is a Use After Free issue that an attacker […]

The post A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root appeared first on Security Affairs.

Read More A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root
by

A recently discovered iPhone Wi-Fi bug that could crash the WiFi connectivity could be exploited by attackers to achieve remote code execution. In June, the researcher Carl Schou discovered a new bug in iPhone that can permanently break users’ WiFi by disabling it, the issue could be triggered by simply connecting to a rogue hotspot.  Once an […]

The post WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE appeared first on Security Affairs.

Read More WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE
by

US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The U.S. Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope, TEMP.Jumper, and Leviathan) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. […]

The post US DoJ indicts four members of China-linked APT40 cyberespionage group appeared first on Security Affairs.

Read More US DoJ indicts four members of China-linked APT40 cyberespionage group
by

Cisco Talos experts disclose details of several critical flaws in a router monitoring application developed by industrial and IoT firm Advantech. Cisco Talos researchers discovered multiple critical vulnerabilities in the R-SeeNet application developed by industrial and IoT firm Advantech. The application allows network administrators to monitor Advantech routers in their infrastructure. The monitoring tool collects […]

The post Experts disclose critical flaws in Advantech router monitoring tool appeared first on Security Affairs.

Read More Experts disclose critical flaws in Advantech router monitoring tool
by

A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant, Saudi Aramco. Threat actors that goes online with the moniker ZeroX  claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale […]

The post Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco appeared first on Security Affairs.

Read More Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco
by

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware. Pegasus is a surveillance malware developed by […]

The post Pegasus Project – how governments use Pegasus spyware against journalists appeared first on Security Affairs.

Read More Pegasus Project – how governments use Pegasus spyware against journalists
by

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Security researchers at CyberArk Labs discovered a security bypass vulnerability, tracked as CVE-2021-34466, affecting the Windows Hello facial authentication process, An attacker could exploit the vulnerability to login systems running the Windows 10 OS. […]

The post Experts show how to bypass Windows Hello feature to login on Windows 10 PCs appeared first on Security Affairs.

Read More Experts show how to bypass Windows Hello feature to login on Windows 10 PCs
by

Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The Cyberspace Administration of China (CAC) has issued a new exacerbated vulnerability disclosure regulation that requires white hat hackers uncovering critical zero-day flaws in computer systems to first report them to the government authorities within two […]

The post Chinese government issues new vulnerability disclosure regulations appeared first on Security Affairs.

Read More Chinese government issues new vulnerability disclosure regulations
by

Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised. Good news for the owners of Instagram accounts that may have been compromised, the company launched a new feature named ‘Security Checkup‘ feature that aims to keep accounts safe and help users to recover them. […]

The post Instagram implements ‘Security Checkup’ to help users recover compromised accounts appeared first on Security Affairs.

Read More Instagram implements ‘Security Checkup’ to help users recover compromised accounts
by

BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “an imminent ransomware campaing” targeting some of its equipment that reached end-of-life (EoL). Threat actors could target unpatched devices belonging to Secure Mobile Access […]

The post HelloKitty ransomware gang targets vulnerable SonicWall devices appeared first on Security Affairs.

Read More HelloKitty ransomware gang targets vulnerable SonicWall devices
by

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Biden discussed Russian ransomware gangs with Putin in a phone call Hackers accessed Mint Mobile subscribers data and […]

The post Security Affairs newsletter Round 323 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 323
by

The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The move was announced by the U.S. Department of State, the US agency states that its Rewards for […]

The post US govt offers $10 million reward for info on nation-state cyber operations appeared first on Security Affairs.

Read More US govt offers $10 million reward for info on nation-state cyber operations
by

Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco this week released security updates for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. The flaw resides in the software cryptography module of both ASA and FTD […]

The post Cisco fixes high-risk DoS flaw in ASA, FTD Software appeared first on Security Affairs.

Read More Cisco fixes high-risk DoS flaw in ASA, FTD Software
by

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. An attacker could exploit the flaws to execute arbitrary code on unpatched routers, crash the devices, or gain access […]

The post D-Link issues beta hotfix for multiple flaws in DIR-3040 routers appeared first on Security Affairs.

Read More D-Link issues beta hotfix for multiple flaws in DIR-3040 routers
by

Microsoft published guidance to mitigate the impact of a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed today. Microsoft published a security advisory for a new Windows Print Spooler vulnerability, tracked as CVE-2021-34481, that was disclosed on Thursday. The flaw is a privilege elevation vulnerability that resides in the Windows Print Spooler, it was […]

The post Microsoft alerts about a new Windows Print Spooler vulnerability appeared first on Security Affairs.

Read More Microsoft alerts about a new Windows Print Spooler vulnerability
by

Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild. Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux that addresses seven vulnerabilities, including a high severity zero-day vulnerability, tracked as CVE-2021-30563, that has been exploited in the wild. The CVE-2021-30563 is a “type confusion” issue that […]

The post Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild appeared first on Security Affairs.

Read More Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild
by

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Experts reported an uptick in malicious Android apps on the official Google Play store laced with the Joker mobile trojan. The Joker malware is a malicious code camouflaged as a system app and […]

The post New enhanced Joker Malware samples appear in the threat landscape appeared first on Security Affairs.

Read More New enhanced Joker Malware samples appear in the threat landscape
by

Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and Citizen Lab believe that the secretive Israel-based Israeli surveillance firm Candiru, tracked as Sourgum, used Windows zero-day exploits to deliver a new Windows spyware dubbed DevilsTongue. According to the experts, at least 100 activists, journalists […]

The post Israeli surveillance firm Candiru used Windows zero-days to deploy spyware appeared first on Security Affairs.

Read More Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
by

Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server Zero-day exploit broker Zerodium announced it is looking for zero-day exploits for VMware vCenter Server. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location. The company will […]

The post Exploit broker Zerodium is looking for VMware vCenter Server exploits appeared first on Security Affairs.

Read More Exploit broker Zerodium is looking for VMware vCenter Server exploits
by

Security researchers have linked a new ransomware strain called Diavol to the Wizard Spider threat group behind the Trickbot botnet. BleepingComputer noted the ransomware families utilize the same I/O operations for file encryption queueing and use nearly identical command-line parameters for the same functionality. There may be some similarities, but as they’ve explained and SpearTip […]

The post SpearTip Finds New Diavol Ransomware Does Steal Data appeared first on Security Affairs.

Read More SpearTip Finds New Diavol Ransomware Does Steal Data
by

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. The move of the ransomware gang aims at expanding the operations targeting enterprises that are largely adopting virtualizing platforms. Targeting VMware ESXi […]

The post HelloKitty ransomware now targets VMware ESXi servers appeared first on Security Affairs.

Read More HelloKitty ransomware now targets VMware ESXi servers
by

HelloKitty ransomware gang is using a Linux variant of their malware to target VMware ESXi virtual machine platform. A Linux variant of the HelloKitty ransomware was employed in attacks against VMware ESXi systems. The move of the ransomware gang aims at expanding the operations targeting enterprises that are largely adopting virtualizing platforms. Targeting VMware ESXi […]

The post HelloKitty ransomware now targets VMware ESXi servers appeared first on Security Affairs.

Read More HelloKitty ransomware now targets VMware ESXi servers
by

SonicWall has issued an urgent security alert to warn customers of “an imminent ransomware campaing” targeting EOL equipment. SonicWall has issued an urgent security alert to warn companies of “an imminent ransomware campaing” targeting some of its equipment that reached end-of-life (EoL). Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series […]

The post SonicWall warns of ‘imminent ransomware’ attacks on its EOL products appeared first on Security Affairs.

Read More SonicWall warns of ‘imminent ransomware’ attacks on its EOL products
by

Uptycs threat research team analyzed macOS malware threat landscape and discovered that Shlayer and Bundlore are the most predominant malware. The Uptycs threat research team has been observing over 90% of macOS malware in our daily analysis and customer telemetry alerts using shell scripts. Though these scripts have slight variations, they mostly belong to a […]

The post macOS: Bashed Apples of Shlayer and Bundlore appeared first on Security Affairs.

Read More macOS: Bashed Apples of Shlayer and Bundlore
by

Google security experts revealed that Russia-linked APT group targeted LinkedIn users with Safari zero-day. Security researchers from Google Threat Analysis Group (TAG) and Google Project Zero revealed that four zero-day vulnerabilities have been exploited in the wild earlier this year. The four security flaws were discovered earlier this year and affect Google Chrome, Internet Explorer, and WebKit browser […]

The post Google: four zero-day flaws have been exploited in the wild appeared first on Security Affairs.

Read More Google: four zero-day flaws have been exploited in the wild
by

LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the Philippines. Kaspersky experts uncovered an ongoing and large-scale cyber espionage campaign, tracked as LuminousMoth, aimed at government entities from Southeast Asia, including Myanmar and the Philippines government entities. The LuminousMoth campaign has been linked by […]

The post China-linked LuminousMoth APT targets entities from Southeast Asia appeared first on Security Affairs.

Read More China-linked LuminousMoth APT targets entities from Southeast Asia
by

Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The Trickbot botnet continues to evolve despite the operations conducted by law enforcement aimed at dismantling it. The authors recently implemented an update for the VNC module used for remote control over infected systems. In October, Microsoft’s […]

The post Trickbot improve its VNC module in recent attacks appeared first on Security Affairs.

Read More Trickbot improve its VNC module in recent attacks
by

Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The Trickbot botnet continues to evolve despite the operations conducted by law enforcement aimed at dismantling it. The authors recently implemented an update for the VNC module used for remote control over infected systems. In October, Microsoft’s […]

The post Trickbot improve its VNC module in recent attacks appeared first on Security Affairs.

Read More Trickbot improve its VNC module in recent attacks
by

Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]

The post China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks appeared first on Security Affairs.

Read More China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks
by

Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]

The post China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks appeared first on Security Affairs.

Read More China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks
by

The infrastructure and leak sites used by the REvil ransomware gang for its operations went offline last night. Starting last night, the infrastructure and the websites used by the REvil ransomware gang were mysteriously unreachable, BleepingComputer first reported. “The REvil ransomware operation, aka Sodinokibi, operates through numerous clear web and dark web sites used as […]

The post The infrastructure and websites used by REvil ransomware gang are not reachable appeared first on Security Affairs.

Read More The infrastructure and websites used by REvil ransomware gang are not reachable
by

A CyberNews investigation uncovered a network of wallet addresses used by a scammer group to store and cash out millions in crypto stolen from thousands of victims. Original post @ https://cybernews.com/crypto/millions-of-stolen-crypto-found-investigation/ Mindaugas (who wished his last name not to be disclosed publicly), an executive at a UK-based company, unknowingly fell for a scam when he […]

The post This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto appeared first on Security Affairs.

Read More This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto
by

Adobe addressed multiple critical vulnerabilities in several products, including Adobe Acrobat and Reader application. Adobe addressed multiple critical remote code execution and privilege escalation vulnerabilities in multiple products running on both Windows and macOS systems. The flaws fixed by Adobe affect Acrobat and Reader, Illustrator, Framemaker, Dimension and Bridge products. Below the list of advisories […]

The post Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator appeared first on Security Affairs.

Read More Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator
by

ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over the device. Researchers at IoT security firm Armis discovered an authentication bypass vulnerability, tracked as CVE-2021-22779 and dubbed ModiPwn, that affects some of Schneider Electric ’s Modicon PLCs. The flaw can be exploited by an unauthenticated attacker […]

The post ModiPwn flaw in Modicon PLCs bypasses security mechanisms appeared first on Security Affairs.

Read More ModiPwn flaw in Modicon PLCs bypasses security mechanisms
by

NetBlocks reported partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went to the streets to protest the government. Security experts from NetBlocks are observing partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went to the streets to […]

The post Social media partially disrupted in Cuba amid anti-government protests appeared first on Security Affairs.

Read More Social media partially disrupted in Cuba amid anti-government protests
by

American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers. The attack was likely carried out by the DarkSide ransomware gang […]

The post American retailer Guess discloses data breach after ransomware attack appeared first on Security Affairs.

Read More American retailer Guess discloses data breach after ransomware attack
by

SolarWinds confirmed that a threat actor is actively exploiting a new zero-day vulnerability in Serv-U products and urges customers to fix it. SolarWinds addressed a zero-day remote code execution flaw in Serv-U products which is actively exploited in the wild by a single threat actor. SolarWinds was informed of the zero-day by Microsoft, the issue affects Serv-U Managed File Transfer […]

The post SolarWinds fixes critical Serv-U zero-day exploited in the wild appeared first on Security Affairs.

Read More SolarWinds fixes critical Serv-U zero-day exploited in the wild
by

Researchers from Cyber News Team have spotted threat actors offering for sale 600 million LinkedIn profiles scraped from the platform, again. Original post: https://cybernews.com/news/threat-actors-scrape-600-million-linkedin-profiles-and-are-selling-the-data-online-again/ For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from […]

The post Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again appeared first on Security Affairs.

Read More Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again
by

Researchers spotted a new malware, dubbed BIOPASS, that sniffs victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Researchers from Trend Micro spotted a new malware, dubbed BIOPASS, that sniffs the victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Threat actors behind the new malware planted a malicious JavaScript code on support […]

The post BIOPASS malware abuses OBS Studio to spy on victims appeared first on Security Affairs.

Read More BIOPASS malware abuses OBS Studio to spy on victims
by

Kaseya has released a security update to address the VSA zero-day vulnerabilities exploited by REvil gang in the massive ransomware supply chain attack. Software vendor Kaseya has released a security update to fix the zero-day vulnerabilities in its VSA software that were exploited by the REvil ransomware gang in the massive ransomware supply chain attack. […]

The post Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack appeared first on Security Affairs.

Read More Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack
by

Magecart hackers continuously improve their exfiltration techniques to evade detection, they are hiding stolen credit card data into images. Magecart hackers have devised a new technique to obfuscating the malware within comment blocks and hide stolen credit card data into images evading detection. Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with […]

The post Magecart hackers hide stolen credit card data into images and bogus CSS files appeared first on Security Affairs.

Read More Magecart hackers hide stolen credit card data into images and bogus CSS files
by

President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir Putin. The recent wave of ransomware attacks carried out by Russian gangs like REvil and Darkside worries US authorities and was discussed by Presidents Biden and Putin during a phone call. The ransomware attacks against […]

The post Biden discussed Russian ransomware gangs with Putin in a phone call appeared first on Security Affairs.

Read More Biden discussed Russian ransomware gangs with Putin in a phone call
by

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States. BleepingComputer reported that Mint Mobile has disclosed a data breach that […]

The post Hackers accessed Mint Mobile subscribers’ data and ported some numbers appeared first on Security Affairs.

Read More Hackers accessed Mint Mobile subscribers’ data and ported some numbers
by

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack Hackers spread backdoor after compromising the […]

The post Security Affairs newsletter Round 322 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 322
by

Iran’s railroad system was hit by a cyberattack, hackers posted fake messages about delays or cancellations of the trains on display boards at stations across the country. Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, […]

The post Iran’s railroad system was hit by a cyberattack, hackers posted fake delay messages appeared first on Security Affairs.

Read More Iran’s railroad system was hit by a cyberattack, hackers posted fake delay messages
by

Threat actors are conducting a spam campaign aimed at infecting Kaseya customers, posing as legitimate VSA security updates Kaseya is warning customers of threat actors attempting to exploit the recent massive supply chain ransomware attack suffered by the company. The software provider is warning of an ongoing malspam campaign aimed at delivering malware into their […]

The post Kaseya warns customers of ongoing malspam campaign posing as security updates appeared first on Security Affairs.

Read More Kaseya warns customers of ongoing malspam campaign posing as security updates
by

Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. The insurance firm paid a $40 ransom to restore access to its files following the ransomware attack. […]

The post Insurance firm CNA discloses data breach after March ransomware attack appeared first on Security Affairs.

Read More Insurance firm CNA discloses data breach after March ransomware attack
by

Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. Most of the phishing attacks leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. Now experts from McAfee Labs warn of a novel technique used by threat actors that […]

The post Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs appeared first on Security Affairs.

Read More Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs
by

Microsoft confirmed that the emergency security updates (KB5005010) correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527). Microsoft says that the emergency security patches released early this week correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527) for all supported Windows versions. Immediately after the release of the updates (KB5004945) multiple researchers questioned its efficiency and explained […]

The post Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw appeared first on Security Affairs.

Read More Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw
by

Rapid7 researchers discovered security vulnerabilities in the Sage X3 ERP product that could allow to take control of vulnerable systems. Researchers from Rapid7 discovered a total of four security vulnerabilities in the Sage X3 enterprise resource planning (ERP) solution. Chaining two of the vulnerabilities discovered by the expert, an attacker could execute malicious commands and take control of vulnerable […]

The post Multiple Sage X3 vulnerabilities expose systems to hack appeared first on Security Affairs.

Read More Multiple Sage X3 vulnerabilities expose systems to hack
by

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has disclosed a data breach after threat actors have compromised the Accellion FTA server of the third-party vendor Guidehouse. The company has offices in more than […]

The post Morgan Stanley discloses data breach after the hack of a third-party vendor appeared first on Security Affairs.

Read More Morgan Stanley discloses data breach after the hack of a third-party vendor