Multiple major websites, including Steam, AWS, Amazon, Google, and Salesforce, went offline due to Akamai DNS global outage. A software configuration update triggered a bug in the Akamai DNS which took offline major websites, including Steam, the PlayStation Network, AWS, Google, and Salesforce. “A software configuration update triggered a bug in the DNS (domain name […]

The post Akamai software update triggered a bug that took offline major sites appeared first on Security Affairs.

Read More Akamai software update triggered a bug that took offline major sites

LG Electronics announced today that it’s planning on running its entire business on renewable energy by 2050 as a part of its sustainability strategy. The transformation will be phased by region starting with North America. LG said in its press release that it plans on powering all of its North American offices and manufacturing sites […]

The post LG to use 100% renewable energy by 2050 first appeared on IT World Canada.

Read More LG to use 100% renewable energy by 2050

Oracle released its Critical Patch Update for July 2021, it fixes hundreds of flaws, including Critical Remotely Exploitable vulnerabilities in Weblogic Server. Oracle this week released its quarterly Critical Patch Update for July 2021 that contains 342 new security patches for multiple product families. Some of the vulnerabilities addressed by the IT giant could be remotely exploited by […]

The post Oracle fixes critical RCE vulnerabilities in Weblogic Server appeared first on Security Affairs.

Read More Oracle fixes critical RCE vulnerabilities in Weblogic Server

LemonDuck, an actively updated and robust malware that’s primarily known for its botnet and cryptocurrency mining objectives, adopted more sophisticated behavior and escalated its operations. Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity.

The post When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure appeared first on Microsoft Security Blog.

Read More When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure

From SentinelLabs, a critical vulnerability in HP printer drivers:

Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines.

If exploited, cyberattackers could bypass security products; install programs; view, change, encrypt or delete data; or create new accounts with more extensive user rights.

The bug (CVE-2021-3438) has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year. It carries an 8.8 out of 10 rating on the CVSS scale, making it high-severity…

Read More Nasty Windows Printer Driver Vulnerability

Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB, one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection, has assisted the Dutch National Police in the operation to apprehend alleged members of a cybercriminal group codenamed ‘Fraud Family.’ Group-IB’s […]

The post Group-IB helps Dutch police identify members of phishing developer gang Fraud Family appeared first on Security Affairs.

Read More Group-IB helps Dutch police identify members of phishing developer gang Fraud Family

Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter’s history. In July 2020, the Twitter accounts of public figures and well-known organisations were compromised, allowing malicious hackers …

Read More British man arrested in connection with Twitter mega-hack that posted cryptocurrency scam from celebrity accounts

U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products. Experts pointed out […]

The post CISA analyzed stealthy malware found on compromised Pulse Secure devices appeared first on Security Affairs.

Read More CISA analyzed stealthy malware found on compromised Pulse Secure devices