Security Affairs

APRIL 24, 2023

PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system. Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities Catalog. .” Last week, the U.S.

Cybercrime 73

Cybercrime Software Education Ransomware 73

Security Affairs

OCTOBER 28, 2021

AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu , with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e.

Malware 91

Malware Cybercrime Mobile Banking 91

Security Affairs

JUNE 29, 2022

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. solutions. .

Malware 96

Malware Authentication Software Accountability 96

Security Affairs

JANUARY 9, 2023

The crypto-miner Kinsing was first spotted by security firm Aqua Security in April 2020, at the time the experts spotted threat actors scanning the Internet for Docker servers running API ports exposed without a password. The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency.

Malware 90

Malware Authentication Cryptocurrency Internet 90

Security Affairs

AUGUST 10, 2023

Experts warn that a new info-stealer named Statc Stealer is infecting Windows devices to steal a broad range of sensitive information. Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. ” concludes the report.

Malware 84

Malware Encryption Advertising Cryptocurrency 84

Security Affairs

DECEMBER 8, 2022

While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. Clicking on the “Download for Android” button leads to downloading the Ermac malware. Keylogging. Pierluigi Paganini.

Malware 97

Malware Banking Cryptocurrency Advertising 97

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. ” reads CISA’s advisory.

Malware 127

Malware VPN Authentication Hacking 127

Security Affairs

MARCH 17, 2024

France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware attack Lazarus APT group returned to Tornado Cash to launder stolen funds Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case UK Defence Secretary jet hit by an electronic warfare attack in Poland Cisco (..)

Data breaches 101

Data breaches Computers and Electronics Cybercrime Ransomware 101

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 103

VPN Cybercrime Ransomware Hacking 103

Security Affairs

SEPTEMBER 27, 2022

Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. The Erbium info-stealing malware was first spotted by researchers at threat intelligence firm Cluster25 on July 21, 2022.

Malware 80

Malware Password Management Authentication Passwords 80

Security Affairs

JULY 19, 2022

Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families. ” reads the analysis published by Zscaler.

Malware 118

Malware Spyware Banking Mobile 118

Security Affairs

MAY 12, 2024

Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to the gang behind the Qakbot malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) 61,9% of the victims are in the US, 15.8% in Germany, and 5.9%

Ransomware 109

Ransomware Hacking Healthcare Retail 109

Security Affairs

JUNE 14, 2023

or face the risk of authenticated users (think of standard e-commerce customers) achieving total control of websites by exploiting Broken Access Control — the most severe of OWASP’s Top 10 risks. Balada is not an overly shy malware campaign. As of May 2023, an official CVE designation is still pending. Windows NT 10.0;

Malware 81

Malware DNS Software Penetration Testing 81

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 87

Cybercrime Malware Hacking Accountability 87

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft 102

Identity Theft VPN Malware Ransomware 102

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. Once the rules have been created, a thread connects to an NTP server from a roster of authentic NTP servers.

IoT 119

IoT Cybercrime Internet Internet 119

Security Affairs

OCTOBER 31, 2022

The infection chain was divided into four stages : The malware was installed through a dropper, a program executed by opening an attachment to a deceptive e-mail, probably a fake pdf or doc file, or executed directly from the Internet, without user interaction, exploiting the exploit described in the point 4. The infection chain.

Malware 95

Malware Computers and Electronics Encryption Ransomware 95

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 84

Spyware Data breaches Hacking Ransomware 84

Security Affairs

JULY 2, 2023

Illicit Telegram Communities Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant Malware Trojanized Super Mario Game Installer Spreads SupremeBot Malware Initial research exposing JOKERSPY Who is 8BASE?

Cybercrime 84

Cybercrime Hacking Ransomware Malware 84

Security Affairs

AUGUST 27, 2023

million in critical infrastructure cyber projects via new program Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Defense contractor Belcan leaks admin password with a list of flaws Leaseweb is restoring ‘critical’ systems after security breach Microsoft is now a cybersecurity titan.

Cybercrime 77

Cybercrime Hacking Cryptocurrency Ransomware 77

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 102

Social Engineering Spyware Data breaches Surveillance 102

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware 99

Malware Ransomware Advertising Encryption 99

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 85

Spyware Hacking Malware Social Engineering 85

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. Enforce multi-factor authentication.

Malware 64

Malware Passwords Advertising Antivirus 64

Security Affairs

APRIL 10, 2021

Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. SecurityAffairs – hacking, IcedID malware).

Malware 94

Malware Banking Marketing Authentication 94

Security Affairs

FEBRUARY 16, 2021

Experts provided a list of ngrok -based attacks conducted by cybercrime organizations and nation-stated actors such as Fox Kitten and Pioneer Kitten APT groups. The experts reported multiple malware strains and phishing campaigns abusing ngrok tunnelling, including. “Interestingly, we found multiple ngrok.io Pierluigi Paganini.

Phishing 122

Phishing Cybercrime Mobile Internet 122

Security Affairs

JANUARY 28, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center Participants earned more than $1.3M

Artificial Intelligence 92

Artificial Intelligence Hacking Malware Cyber Attacks 92

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. “Of these, three were found to be activated during the longer vacations of the Christmas season. In addition, during Christmas, there was one incident caused by another ransomware malware family.”

Ransomware 106

Ransomware Backups VPN Authentication 106

Security Affairs

MAY 9, 2024

In early January, the software firm reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

Authentication 94

Authentication Backups Cyber threats Malware 94

Security Affairs

OCTOBER 22, 2023

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw Multiple APT groups exploited WinRAR flaw CVE-2023-38831 Californian IT company DNA Micro leaks private mobile phone data Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August A flaw in Synology DiskStation Manager allows admin account (..)

Ransomware 104

Ransomware Telecommunications Data breaches Mobile 104

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 75

Malware Cybercrime Cryptocurrency Social Engineering 75

Security Affairs

JULY 4, 2023

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. The case was reported by security researcher Pol Thill. . ” Thill explained. The malicious apps are used to capture SMSs containing authorization codes.

Banking 78

Banking Phishing Social Engineering Authentication 78

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Cyble also reported that threat actors are selling access to systems exposed on the Internet via VNC on cybercrime forums. ” Cyble states.

Internet 95

Internet Internet Risk Cybercrime 95

Security Affairs

FEBRUARY 25, 2024

Uninstall it immediately Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers ConnectWise fixed critical flaws in ScreenConnect remote access tool More details about Operation Cronos that disrupted Lockbit operation Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider (..)

Spyware 91

Spyware Cyber Insurance Hacking Advertising 91

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. In addition, during Christmas, there was one incident caused by another ransomware malware family.” The Finish researchers pointed out that the attack cannot bypass multi-step authentication. ” reads the NCSC-FI’s alert.

Ransomware 83

Ransomware Backups VPN Authentication 83