hacking

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Is the recent accident at Iran Natanz nuclear plant a cyber attack? Joker malware infected 538,000 Huawei Android devices Personal data of 1.3 million Clubhouse users leaked online Fitch Ratings: […]

The post Security Affairs newsletter Round 310 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 310

Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. The campaigns aimed at employees of large organizations, the messages attempt to trick the victims that they contain important information […]

The post Is BazarLoader malware linked to Trickbot operators? appeared first on Security Affairs.

Read More Is BazarLoader malware linked to Trickbot operators?

Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before disclosing associated technical details. The Google Project Zero security team announced an update to its vulnerability disclosure policy, it could include additional 30 days to the disclosure process for some bugs to give end-users enough […]

The post Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model appeared first on Security Affairs.

Read More Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model

SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. […]

The post 6 out of 11 EU agencies running Solarwinds Orion software were hacked appeared first on Security Affairs.

Read More 6 out of 11 EU agencies running Solarwinds Orion software were hacked

Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This flaw stems from the improper buffer size […]

The post Critical RCE can allow attackers to compromise Juniper Networks devices appeared first on Security Affairs.

Read More Critical RCE can allow attackers to compromise Juniper Networks devices

The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have published a joint advisory that warns that Russia-linked APT group SVR  (aka APT29, Cozy Bear, and The Dukes). […]

The post Russia-linked APT SVR actively targets these 5 flaws appeared first on Security Affairs.

Read More Russia-linked APT SVR actively targets these 5 flaws

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code.  Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt”, via threat intelligence systems and our in-house osquery-based sandbox. Upon analysis, we identified several codes, techniques and implementations of Gafgyt, […]

The post Mirai code re-use in Gafgyt appeared first on Security Affairs.

Read More Mirai code re-use in Gafgyt

Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses. The simple nature of such attacks combined with the use of malicious JavaScript code for intercepting payment data attract more and more […]

The post Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto appeared first on Security Affairs.

Read More Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (ska APT29, Cozy Bear, and The Dukes). The UK, US […]

The post US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack appeared first on Security Affairs.

Read More US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016, were moved on Wednesday to new accounts. On August 2016, the Asian Bitfinex suffered a security breach that resulted in the […]

The post Cyber thieves move $760 million stolen in the 2016 Bitfinex heist appeared first on Security Affairs.

Read More Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce. April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released ones, among the issues addressed by the software giant there is a […]

The post April 2021 Security Patch Day fixes a critical flaw in SAP Commerce appeared first on Security Affairs.

Read More April 2021 Security Patch Day fixes a critical flaw in SAP Commerce

For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple browsers impacted. A new Chromium zero-day remote code execution exploit has been released on Twitter this week, kile the previous one that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. The […]

The post For the second time in a week, a Google Chromium zero-day released online appeared first on Security Affairs.

Read More For the second time in a week, a Google Chromium zero-day released online

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on communications. The vulnerabilities […]

The post WhatsApp flaws could have allowed hackers to remotely hack mobile devices appeared first on Security Affairs.

Read More WhatsApp flaws could have allowed hackers to remotely hack mobile devices

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […]

The post FireEye: 650 new threat groups were tracked in 2020 appeared first on Security Affairs.

Read More FireEye: 650 new threat groups were tracked in 2020

FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious code used by threat actors. A US judge granted the FBI the power to log into web shells that were injected by nation-state hackers on Microsoft Exchange servers across the US and remove the malware, […]

The post FBI silently removed web shells planted on Microsoft Exchange servers in the US appeared first on Security Affairs.

Read More FBI silently removed web shells planted on Microsoft Exchange servers in the US

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish Sports Confederation is the umbrella organisation of the Swedish sports movement, it was hacked by Russian military intelligence in a campaign conducted between December 2017 and May 2018, officials said. In the same period, Russia-linked […]

The post Sweden blames Russia for Swedish Sports Confederation hack appeared first on Security Affairs.

Read More Sweden blames Russia for Swedish Sports Confederation hack

Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. Microsoft patch Tuesday security updates released today have addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some of these flaws were reported by the U.S. National Security Agency (NSA). All the […]

The post Microsoft fixes 2 critical Exchange Server flaws reported by the NSA appeared first on Security Affairs.

Read More Microsoft fixes 2 critical Exchange Server flaws reported by the NSA

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitrary code. Adobe has released two […]

The post Adobe addresses two critical vulnerabilities in Photoshop appeared first on Security Affairs.

Read More Adobe addresses two critical vulnerabilities in Photoshop

The exploit code for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video management system is available online. An exploit for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices was publicly released. The vulnerability, tracked as CVE-2020-2501, is a stack-based buffer overflow issue that affects […]

The post Experts released PoC exploit code for a critical RCE in QNAP NAS devices appeared first on Security Affairs.

Read More Experts released PoC exploit code for a critical RCE in QNAP NAS devices

Security experts disclosed nine flaws, collectively tracked as NAME:WRECK, affecting implementations of the DNS protocol in popular TCP/IP network communication stacks. Security researchers disclosed nine vulnerabilities, collectively tracked as NAME:WRECK, that affect implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. The flaws were […]

The post Millions of devices impacted by NAME:WRECK flaws appeared first on Security Affairs.

Read More Millions of devices impacted by NAME:WRECK flaws

An Indian security researcher has published a proof-of-concept (PoC) exploit code for a vulnerability impacting Google Chrome and other Chromium-based browsers. The Indian security researcher Rajvardhan Agarwal has publicly released a proof-of-concept exploit code for a recently discovered vulnerability that affects Google Chrome, Microsoft Edge, and other Chromium-based browsers (i.e. Opera, Brave). The researchers uploaded the PoC […]

The post Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021 appeared first on Security Affairs.

Read More Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021

Pulse Secure VPN users were not able to login due to the expiration of a code signing certificate used to digitally sign and verify software components. Pulse Secure VPN users were not able to login after a code signing certificate used to digitally sign and verify software components has expired. Multiple users have reported on […]

The post Expired certificate caused a Pulse Secure VPN global scale outage appeared first on Security Affairs.

Read More Expired certificate caused a Pulse Secure VPN global scale outage

President Joe Biden has appointed two former senior NSA officials for two prominent cyber roles in his administration. President Joe Biden has assigned to two former senior National Security Agency (NSA) officials key cyber roles in his administration. The first name was John Chris Inglis, who was nominated as the first-ever National Cyber Director, a role […]

The post Two former NSA Officials appointed by Joe Biden for prominent cyber roles appeared first on Security Affairs.

Read More Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Microsoft released as open-source the ‘CyberBattleSim Python-based toolkit which is an Enterprise Environment Simulator. Microsoft has recently announced the open-source availability of the Python-based enterprise environment simulator. named ‘CyberBattleSim.’ “CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network environment. The simulation provides a high-level […]

The post Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator appeared first on Security Affairs.

Read More Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator

LinkedIn has formally denied that the recently disclosed data leak was caused by a security breach, data were obtained via web scraping. LinkedIn has issued a formal statement to deny that the recent leak that exposed the account details of more than 500 million of its registered users was caused by a security breach. A […]

The post LinkedIn confirmed that it was not a victim of a data breach appeared first on Security Affairs.

Read More LinkedIn confirmed that it was not a victim of a data breach

Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to repay debt. Fitch Ratings Inc. is an American credit rating agency and is one of the “Big Three credit rating agencies”, the other two being Moody’s and Standard & Poor’s. It is one of the […]

The post Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities appeared first on Security Affairs.

Read More Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities

On Sunday, an “accident” occurred in the electricity distribution network at Iran’s Natanz nuclear facility, experts speculate it was caused by a cyberattack. A mysterious incident occurred on Sunday at the Natanz nuclear enrichment site and the media speculate it was caused by a cyber attack. The “accident” impacted the electricity distribution network at Iran’s […]

The post Is the recent accident at Iran Natanz nuclear plant a cyber attack? appeared first on Security Affairs.

Read More Is the recent accident at Iran Natanz nuclear plant a cyber attack?

An SQL database containing the personal data of 1.3 million Clubhouse users was leaked online for free, a few days after LinkedIn and Facebook suffered similar leaks. Researchers from Cyber News have discovered that the personal data of 1.3 million Clubhouse users was leaked online days after LinkedIn and Facebook also suffered data leaks. The […]

The post Personal data of 1.3 million Clubhouse users leaked online appeared first on Security Affairs.

Read More Personal data of 1.3 million Clubhouse users leaked online

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Clop Ransomware operators plunder US universities Malware attack on Applus blocked vehicle inspections in some US states 2,5M+ users can check whether their data were exposed in Facebook data leak […]

The post Security Affairs newsletter Round 309 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 309

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. The fight to the Joker malware (aka Bread) begun in September […]

The post Joker malware infected 538,000 Huawei Android devices appeared first on Security Affairs.

Read More Joker malware infected 538,000 Huawei Android devices

APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version 3.17.18 of the popular alternative third-party Android app store. APKPure is available only on devices that use Google […]

The post Hackers compromised APKPure client to distribute infected Apps appeared first on Security Affairs.

Read More Hackers compromised APKPure client to distribute infected Apps

Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Threat actors behind the operation are using contact forms published on websites to deliver malicious links to enterprises […]

The post Crooks abuse website contact forms to deliver IcedID malware appeared first on Security Affairs.

Read More Crooks abuse website contact forms to deliver IcedID malware

The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), from Texas, for allegedly planning to launch a bomb attack against Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. The […]

The post This man was planning to kill 70% of Internet in a bomb attack against AWS appeared first on Security Affairs.

Read More This man was planning to kill 70% of Internet in a bomb attack against AWS

Zero-day broker Zerodium announced that will triples payouts for remote code execution exploits for the popular WordPress content management system. Zero-day broker Zerodium has tripled the payouts for exploits for the WordPress content management system that could be used to achieve remote code execution. Zerodium announced via Twitter that is temporarily offering a $300,000 payout […]

The post Zerodium will pay $300K for WordPress RCE exploits appeared first on Security Affairs.

Read More Zerodium will pay $300K for WordPress RCE exploits

Cisco announced it will not release security updates to address a critical security vulnerability affecting some of its Small Business routers. Cisco is urging customers that are using some of its Small Business routers to replace their devices because they will no longer receive security updates. According a security advisory published by the company, Cisco […]

The post Cisco will not release updates to fix critical RCE flaw in EoF Business Routers appeared first on Security Affairs.

Read More Cisco will not release updates to fix critical RCE flaw in EoF Business Routers

The Pwn2Own 2021 hacking competition was concluded, participants earned more than $1.2 million, the greatest total payout ever. The Pwn2Own 2021 hacking competition reached the end, participants earned more than $1.2 million which is more than ever paid out at this contest. White hat hackers demonstrated exploits for Safari, Chrome, Edge, Windows 10, Ubuntu, Microsoft […]

The post Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool appeared first on Security Affairs.

Read More Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool

A threat actor has sold almost 900,000 gift cards and over 300,000 payment cards on a cybercrime forum on the dark web. A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a  top-tier Russian-language hacking forum on the dark web. The criminal actor was spotted offering […]

The post 330K stolen payment cards and 895K stolen gift cards sold on dark web appeared first on Security Affairs.

Read More 330K stolen payment cards and 895K stolen gift cards sold on dark web

Wizcase experts discovered a security flaw in the open-source learning platform Moodle that could allow accounts takeover. At the beginning of October 2020, the Wizcase cyber research team, led by Ata Hakcil, discovered a security vulnerability in the open-source learning platform Moodle. Anyone who had an account on a given school’s Moodle (with TeX filter enabled) could […]

The post Moodle flaw exposed users to account takeover appeared first on Security Affairs.

Read More Moodle flaw exposed users to account takeover

Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of activity, and […]

The post Swarmshop – What goes around comes around: hackers leak other hackers’ data online appeared first on Security Affairs.

Read More Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Pwn2Own 2021 – Day 2: a security duo earned $200,000 for a zero-interaction Zoom exploit allowing remote code execution. One of the most interesting working exploits of the second day of the Pwn2Own 2021 was demonstrated by security researchers Daan Keuper and Thijs Alkemade from Computest. The duo successfully targeted Zoom Messenger in the Enterprise […]

The post Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit appeared first on Security Affairs.

Read More Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit

Days after a massive Facebook data leak made the headlines, 500 million LinkedIn users are being sold online, seller leaked 2 million records as proof. Original Post at https://cybernews.com/news/stolen-data-of-500-million-linkedin-users-being-sold-online-2-million-leaked-as-proof-2/ An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as […]

The post Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof appeared first on Security Affairs.

Read More Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Cisco has addressed a critical pre-authentication remote code execution (RCE) vulnerability in the SD-WAN vManage Software. Cisco has addressed multiple vulnerabilities in Cisco SD-WAN vManage Software that could be exploited by an unauthenticated, remote attacker to execute arbitrary code or by an authenticated, local attacker to gain escalated privileges on vulnerable systems. The most severe vulnerability […]

The post Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE appeared first on Security Affairs.

Read More Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE

The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords. The maintainers of the PHP programming language have provided an update regarding the security breach that took place on March 28. Unknown attackers hacked the official Git server of the PHP programming language and pushed […]

The post User database was also hacked in the recent hack of PHP ‘s Git Server appeared first on Security Affairs.

Read More User database was also hacked in the recent hack of PHP ‘s Git Server

A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national who hired a hitman on the dark web. Europol and the Italian Postal and Communication Police (Polizia Postale e delle Comunicazioni) arrested an Italian national as part of the “Operation Hitman” because he is suspected […]

The post Man arrested after hired a hitman on the dark web appeared first on Security Affairs.

Read More Man arrested after hired a hitman on the dark web

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet VPNs to deploy a new piece of ransomware, tracked as Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom), to organizations in the industrial sector. […]

The post New Cring ransomware deployed targeting unpatched Fortinet VPN devices appeared first on Security Affairs.

Read More New Cring ransomware deployed targeting unpatched Fortinet VPN devices

The Pwn2Own 2021 hacking competition has begun and white hat hackers participants earned more than $500000 on the first day. The Pwn2Own 2021 has begun, this year the formula for the popular hacking competition sees the distribution of the participants amongst various locations. The competition’s organizer, Trend Micro’s Zero Day Initiative (ZDI), describes this year’s […]

The post Pwn2Own 2021 Day 1 – participants earned more than $500k appeared first on Security Affairs.

Read More Pwn2Own 2021 Day 1 – participants earned more than $500k

Not only the European Commission, but many other organizations of the European Union have been targeted by a cyberattack in March. A European Commission spokesperson confirmed that the European Commission, along with other European Union organizations, was hit by a cyberattack in March. The authorities did not disclose any details about the type of threats […]

The post European Commission and other institutions were hit by a major cyber-attack appeared first on Security Affairs.

Read More European Commission and other institutions were hit by a major cyber-attack

On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis and SAP, on-premises SAP systems are targeted by threat actors within 72 hours after security patches are released. Threat actors perform reverse-engineering of the SAP […]

The post SAP systems are targeted within 72 hours after updates are released appeared first on Security Affairs.

Read More SAP systems are targeted within 72 hours after updates are released

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda, Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast […]

The post Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks appeared first on Security Affairs.

Read More Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security researcher implemented a service to verify if your mobile number is included in the recent Facebook data leak. Security researcher Yaser Alosefer developed a new tool to help users to determine if their mobile numbers are included within the recent Facebook data leak that impacted 553 million users of the social networking giant. The […]

The post This service allows checking if your mobile is included in the Facebook leak appeared first on Security Affairs.

Read More This service allows checking if your mobile is included in the Facebook leak

Experts discovered a vulnerability in the popular CMS Umbraco that could allow low privileged users to escalate privileges to “admin.” Security experts from Trustwave have discovered a privilege escalation vulnerability in the popular website CMS, Umbraco. The vulnerability affects an API endpoint that fails to properly check the user’s authorization prior to returning results found to […]

The post Experts discovered a privilege escalation issue in popular Umbraco CMS appeared first on Security Affairs.

Read More Experts discovered a privilege escalation issue in popular Umbraco CMS

Rockwell Automation has recently addressed nine critical vulnerabilities in its FactoryTalk AssetCentre product with the release of version v11. The American provider of industrial automation Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product. FactoryTalk AssetCentre provides customers with a centralized tool for securing, managing, versioning, […]

The post Experts found critical flaws in Rockwell FactoryTalk AssetCentre appeared first on Security Affairs.

Read More Experts found critical flaws in Rockwell FactoryTalk AssetCentre

You can check if your personal information is included in the Facebook data leak by querying the data breach notification service Have I Been Pwned. The news of the availability on a hacking forum of the personal information for 533,313,128 Facebook users made the headlines. The availability of the data was first reported by Alon Gal, […]

The post 2,5M+ users can check whether their data were exposed in Facebook data leak appeared first on Security Affairs.

Read More 2,5M+ users can check whether their data were exposed in Facebook data leak

H2 2020 – Kaspersky observed an increase in ransomware attacks on industrial control system (ICS) systems in developed countries. Cybersecurity firm Kaspersky has published the Industrial Control System Threat Landscape report for H2 2020 which is based on statistical data collected by the distributed antivirus Kaspersky Security Network (KSN).  The data analyzed by the experts were received […]

The post 33.4% of ICS computers hit by a cyber attack in H2 2020 appeared first on Security Affairs.

Read More 33.4% of ICS computers hit by a cyber attack in H2 2020

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently published a report that states, titled “March 2021 Security Signals report,” that revealed that more than 80% of enterprises were victims of at least one firmware attack in the past two years. The study pointed out that […]

The post Firmware attacks, a grey area in cybersecurity of organizations appeared first on Security Affairs.

Read More Firmware attacks, a grey area in cybersecurity of organizations

A malware attack against vehicle inspection services provider Applus Technologies paralyzed preventing vehicle inspections in eight US states. Applus Technologies is a worldwide leader in the testing, inspection and certification sector, the company was recently hit by a malware cyberattack that impacted vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. […]

The post Malware attack on Applus blocked vehicle inspections in some US states appeared first on Security Affairs.

Read More Malware attack on Applus blocked vehicle inspections in some US states

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the complete weekly Security Affairs Newsletter for free, including the international press, subscribe here. Experts found two flaws in Facebook for WordPress Plugin Hackers disrupted live […]

The post Security Affairs newsletter Round 308 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 308

Clop ransomware gang leaked online data stolen from Stanford Medicine, University of Maryland Baltimore, and the University of California. Clop ransomware operators have leaked the personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California.. Data were stolen by the ransomware gang by compromising the Accellion File […]

The post Clop Ransomware operators plunder US universities appeared first on Security Affairs.

Read More Clop Ransomware operators plunder US universities

On April 3, a user has leaked the phone numbers and personal data of 533 million Facebook users in a hacking forum for free online. Bad news for Facebook, a user in a hacking forum has published the phone numbers and personal data of 533 million Facebook users. The availability of the data was first […]

The post Data of 533 million Facebook users leaked in a hacking forum for free appeared first on Security Affairs.

Read More Data of 533 million Facebook users leaked in a hacking forum for free

More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data breach that took place in July 2019. A hacker that was going […]

The post Capital One discovered more customers’ SSNs exposed in 2019 hack appeared first on Security Affairs.

Read More Capital One discovered more customers’ SSNs exposed in 2019 hack

The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Such kind of attacks was reported at least since the end of 2020, when some software developers reported the malicious activity […]

The post Attackers are abusing GitHub infrastructure to mine cryptocurrency appeared first on Security Affairs.

Read More Attackers are abusing GitHub infrastructure to mine cryptocurrency

The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware family first appeared in the threat landscape in February 2020, and its authors started offering it with a Ransomware-as-a-Service (RaaS) model in June, 2020. In August 2020, cybersecurity intelligence firm Kela was the first to report that […]

The post Evolution and rise of the Avaddon Ransomware-as-a-Service appeared first on Security Affairs.

Read More Evolution and rise of the Avaddon Ransomware-as-a-Service

FBI and CISA published a joint alert to warn of advanced persistent threat (APT) groups targeting Fortinet FortiOS to access networks of multiple organizations. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint alert to warn of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. The […]

The post FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers appeared first on Security Affairs.

Read More FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Researchers from TIM’s Red Team Research discovered five new vulnerabilities affecting the CA eHealth Performance Manager product. Researchers from TIM’s Red Team Research led by Massimiliano Brolli, discovered 5 new vulnerabilities affecting the CA eHealth Performance Manager product. CA Technologies is an American multinational corporation specialized in business-to-business (B2B) software with a product portfolio focused […]

The post TIM’s Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product appeared first on Security Affairs.

Read More TIM’s Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product

Unpatched vulnerabilities in QNAP small office/home office (SOHO) network-attached storage (NAS) devices could be exploited by remote attackers to remotely execute arbitrary code. Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on […]

The post Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs appeared first on Security Affairs.

Read More Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs

Ransomware gang demanded a $40,000,000 ransom to the Broward County Public Schools district, Florida. It is just the last attack of a long string against the sector. Ransomware operators continue to target organizations worldwide and school districts particularly exposed to these malicious campaigns. Recently the Broward County Public Schools district announced that it was victim […]

The post Conti Ransomware gang demanded $40 million ransom to Broward County Public Schools appeared first on Security Affairs.

Read More Conti Ransomware gang demanded $40 million ransom to Broward County Public Schools

PrivacySavvy experts discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. A team of security researchers from PrivacySavvy recently discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. Fortunately, the company has successfully fixed the security loopholes, but the […]

The post Airlift Express Fixes Vulnerabilities in Its E-commerce Store appeared first on Security Affairs.

Read More Airlift Express Fixes Vulnerabilities in Its E-commerce Store

News article:

Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.) While the report doesn’t mention which forum they were posted on (that certainly would’ve been helpful), it does say that these offerings have popped up a number of times. They have also been seen advertised in YouTube videos, where instructions were provided on how gamers can run the “cheats” on their devices, and the report says that “comments [on the videos] seemingly indicate people had downloaded and attempted to use the tool.”…

Read More Malware Hidden in Call of Duty Cheating Software

The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in their infrastructure within five days. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify Microsoft Exchange servers in their environments impacted by […]

The post DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5 appeared first on Security Affairs.

Read More DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5

The United States Department of Justice (DoJ) charged a Kansas man, for accessing and tampering with a public water system. The United States Department of Justice charged Wyatt A. Travnichek (22), of Ellsworth County, Kansas, for accessing and tampering with the computer system of the Ellsworth County Rural Water District. Travnichek accessed the computer system of […]

The post Man indicted for tampering with public water system in Kansas appeared first on Security Affairs.

Read More Man indicted for tampering with public water system in Kansas

VMware has addressed a critical authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. VMware has addressed a critical vulnerability, tracked as CVE-2021-21982, in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication. Carbon Black Cloud Workload is a data center security product that protects customers’ workloads […]

The post VMware fixes authentication bypass in Carbon Black Cloud Workload appliance appeared first on Security Affairs.

Read More VMware fixes authentication bypass in Carbon Black Cloud Workload appliance

VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks The vROps delivers self-driving IT operations management for private, hybrid, and multi-cloud environments in a unified, AI-powered platform. Security researcher Egor Dimitrenko from Positive Technologies discovered a server-side request forgery (SSRF) vulnerability tracked as CVE-2021-21975 […]

The post VMware fixed flaws in vROps that can be chained to compromise organizations appeared first on Security Affairs.

Read More VMware fixed flaws in vROps that can be chained to compromise organizations

Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked at 800Gbps. CDN and cybersecurity firm Akamai warns of a worrying escalation in ransom DDoS attacks since the beginning of the year. The company recently mitigated three of the six biggest volumetric DDoS attacks it […]

The post Akamai dealt with an 800Gbps ransom DDoS against a gambling company appeared first on Security Affairs.

Read More Akamai dealt with an 800Gbps ransom DDoS against a gambling company

The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could have hit the company. In January, American technology vendor Ubiquiti Networks suffered a data breach, it sent out notification emails to its customers asking them to change their passwords and enable 2FA for their accounts. […]

The post Ubiquiti security breach may be a catastrophe appeared first on Security Affairs.

Read More Ubiquiti security breach may be a catastrophe

Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to trigger a denial of service condition on the host. US CISA warns that Citrix has released security updates to address flaws in Hypervisor that could be exploited by threat actors to execute code in a […]

The post US CISA warns of DoS flaws in Citrix Hypervisor appeared first on Security Affairs.

Read More US CISA warns of DoS flaws in Citrix Hypervisor

Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The cyberspies used fake Twitter and LinkedIn social media accounts to get in contact with the victims. Experts identified two accounts impersonating recruiters for antivirus and security companies. Social media profiles were quickly removed after Google […]

The post North Korea-linked hackers target security experts again appeared first on Security Affairs.

Read More North Korea-linked hackers target security experts again

President Joe Biden has extended Executive Order 13694, issued in 2015 by President Obama, regarding sanctions issued in response to cyberattacks. President Joe Biden this week has extended Executive Order 13694 regarding sanctions issued in response to cyberattacks. Executive Order 13694 was issued by President Barack Obama in 2015, it allows the government to block […]

The post President Biden extended Executive Order 13694 regarding cyberattack sanctions appeared first on Security Affairs.

Read More President Biden extended Executive Order 13694 regarding cyberattack sanctions

Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, warns of an ongoing fraudulent campaign targeting Indonesia’s largest banks that cybercriminals run on social media with the ultimate goal of stealing bank customers’ money. […]

The post 5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter appeared first on Security Affairs.

Read More 5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter

Researchers have reported to Google a sandbox escape vulnerability in the Chrome web browser to Google that awarded them $20,000. Experts from the Chinese cybersecurity company Qihoo 360 have reported to Google another sandbox escape vulnerability (CVE-2021-21194) affecting the Chrome web browser. The tech giant awarded the researchers Leecraso and Guang Gong from the 360 Alpha […]

The post Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape appeared first on Security Affairs.

Read More Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape

Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds hack. Russia-linked hackers were able to access email accounts belonging to US Department of Homeland Security (DHS) officials during the SolarWinds supply chain attack.  “Suspected Russian hackers gained access to email accounts belonging to the […]

The post Email accounts of DHS members were compromised in the SolarWinds hack appeared first on Security Affairs.

Read More Email accounts of DHS members were compromised in the SolarWinds hack

IETF has formally deprecated the TLS 1.0 and TLS 1.1 cryptographic protocols because they lack support for recommended cryptographic algorithms and mechanisms The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Both versions lack support for current and recommended cryptographic algorithms and mechanisms. TLS […]

The post IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions appeared first on Security Affairs.

Read More IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

VMware addressed a high severity vulnerability in vRealize Operations that could allow stealing admin credentials from vulnerable servers. VMware has published security updates to address multiple vulnerabilities in VMware vRealize Operations that could allow threat actors to steal admin credentials from vulnerable installs. VMware vRealize Operations is a self-driving and AI-powered platform for the management of IT operations […]

The post VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials appeared first on Security Affairs.

Read More VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials

Researchers discovered a reflected XSS vulnerability in the Ivory Search WordPress Plugin installed on over 60,000 sites. On March 28, 2021, Astra Security Threat Intelligence Team responsibly disclosed a vulnerability in Ivory Search, a WordPress Search Plugin installed on over 60,000 sites. This security vulnerability could be exploited by an attacker to perform malicious actions […]

The post Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites appeared first on Security Affairs.

Read More Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

Linux kernel recently fixed a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. Kernel updates released in March have addressed a couple of vulnerabilities that could be exploited by an attacker to bypass mitigations designed to protect devices against Spectre attacks. In January 2018, White […]

The post Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations appeared first on Security Affairs.

Read More Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

A vulnerability in the netmask npm package, tracked as CVE-2021-28918, could be exploited by attackers to conduct a variety of attacks. A vulnerability in the netmask npm package, tracked as CVE-2021-28918, could expose private networks to multiple attacks. The flaw is caused by the improper input validation of octal strings in netmask npm package, it […]

The post Hundreds of thousands of projects affected by a flaw in netmask npm package appeared first on Security Affairs.

Read More Hundreds of thousands of projects affected by a flaw in netmask npm package

Experts discovered that 30 malicious Docker images with a total number of 20 million pulls were involved in cryptomining operations. Palo Alto Network researcher Aviv Sasson discovered 30 malicious Docker images, which were downloaded 20 million times, that were involved in cryptojacking operations. The expert determined the number of cryptocurrencies that were mined to a mining […]

The post 30 Docker images downloaded 20M times in cryptojacking attacks appeared first on Security Affairs.

Read More 30 Docker images downloaded 20M times in cryptojacking attacks

Harris Federation, the multi-academy trust of 50 primary and secondary academies in and around London, was hit by a ransomware attack. A ransomware attack hit the IT systems of London-based nonprofit multi-academy trust Harris Federation on Saturday, March 27. Harris Federation is a multi-academy trust of 50 primary and secondary academies in and around London […]

The post London-based academies Harris Federation hit by ransomware attack appeared first on Security Affairs.

Read More London-based academies Harris Federation hit by ransomware attack

China-linked APT group RedEcho has taken down its attack infrastructure after it was exposed at the end of February by security researchers. China-linked APT group RedEcho has taken down its attack infrastructure after security experts have exposed it. At the end of February, experts at Recorded Future have uncovered a suspected Chinese APT actor targeting […]

The post China-linked RedEcho APT took down part of its C2 domains appeared first on Security Affairs.

Read More China-linked RedEcho APT took down part of its C2 domains

Threat actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a backdoor into the source code. Unknown attackers hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a backdoor into the source code. On March 28, the attackers pushed two […]

The post Hackers breached the PHP ‘s Git Server and inserted a backdoor in the source code appeared first on Security Affairs.

Read More Hackers breached the PHP ‘s Git Server and inserted a backdoor in the source code

Administrator of Ziggy ransomware recently announced the end of the operation, and now is promising that its victims will have back their money. In an unusual move, the administrator of Ziggy ransomware after the announcement of the end of the operation now is promising that they will give back their money. Ziggy ransomware ceased the […]

The post Ziggy ransomware admin announced it will refund victims who paid the ransom appeared first on Security Affairs.

Read More Ziggy ransomware admin announced it will refund victims who paid the ransom

Researchers from Guardicore have spotted a new variant of the Purple Fox Windows malware that implements worm-like propagation capabilities. Researchers from Guardicore have discovered a new version of the Purple Fox Windows malware that implements worm-like propagation capabilities.Up until recently, Purple Fox’s operators infected machines by using exploit kits and phishing emails. Previous versions of […]

The post New Purple Fox version includes Rootkit and implements wormable propagation appeared first on Security Affairs.

Read More New Purple Fox version includes Rootkit and implements wormable propagation