Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. The phishing attacks began in February 2023, the IT giant reported. Ahead of the U.S.

Accountability 85

Accountability Phishing Financial Services Surveillance 85

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. A few months after last year’s blog post came out, we stumbled across a new multi-platform ransomware family, which targeted both Linux and Windows. In 2022, Kaspersky solutions detected over 74.2M

Ransomware 120

Ransomware Malware Architecture Telecommunications 120

Security Affairs

APRIL 3, 2023

.” The experts discovered that other apps were impacted by the misconfiguration issue, including Mag News, Central Notification Service (CNS), Contact Center, PoliCheck, Power Automate Blog, and COSMOS. 31, 2023 – Wiz Research reported the Bing issue to MSRC Jan. 31, 2023 – MSRC issues initial fix to Bing app Feb.

Accountability 74

Accountability Education Media Authentication 74

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 73

Ransomware Cybercrime Cybersecurity Hacking 73

CyberSecurity Insiders

SEPTEMBER 22, 2022

The 2023 Cybersecurity Excellence Awards are officially open – recognizing companies, products and professionals that demonstrate excellence, innovation and leadership in information security. VOTING – Voting is open throughout the award nomination season and closes January 27, 2023. Best of luck to all nominees!

Cybersecurity 52

Cybersecurity InfoSec Information Security Media 52

Security Affairs

MAY 12, 2023

What started as notes from Nigerian princes that needed large sums of money to help them get home has evolved into bad actors that use refined social engineering tactics to convince the receiver to unknowingly share important information. What Can We Expect in 2023? It’s not likely to stop there.

Phishing 84

Phishing Social Engineering Small Business B2B 84

Security Affairs

APRIL 20, 2023

VMware fixed two severe flaws, tracked as CVE-2023-20864 and CVE-2023-20865, impacting the VMware Aria Operations for Logs product. The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8)

Education 86

Education Media Hacking Accountability 86

Security Affairs

MAY 3, 2023

. “Since March alone, our security analysts have found around 10 malware families posing as ChatGPT and similar tools to compromise accounts across the internet. ” reads the Meta’s Q1 2023 Security Reports. ” said Meta Chief Information Security Officer Guy Rosen.

Malware 91

Malware Education Accountability Media 91

Security Affairs

APRIL 15, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-20963 – Android Framework Privilege Escalation Vulnerability. CISA orders federal agencies to fix this flaw by May 4, 2023.

Education 74

Education Accountability Media Cybersecurity 74

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. .

Firewall 91

Firewall Firmware VPN Authentication 91

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Improper Input Validation CWE-20 ( CVE-2023–1751 , CVSS3.0:

Manufacturing 86

Manufacturing Media Firewall Education 86

Security Affairs

APRIL 22, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability. CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability.

Education 85

Education Media Authentication Cybersecurity 85

Security Affairs

APRIL 10, 2023

Cybersecurity vendor Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw, tracked as CVE-2023-1671 (CVSS score of 9.8), that can lead to code execution. The CVE-2023-1671 flaw is a pre-auth command injection issue that resides in the warn-proceed handler, it affects appliances older than version 4.3.10.4.

Firewall 87

Firewall Education Media Hacking 87

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for April 2023.

Cybercrime 87

Cybercrime Ransomware Education Media 87

Security Affairs

APRIL 21, 2023

The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. “On March 17, 2023, the ABA observed unusual activity on its network. million members impacted appeared first on Security Affairs. The organization on Thursday began notifying members.

Data breaches 85

Data breaches Passwords Education Accountability 85

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 score 9.1), that affects tens of HP Enterprise LaserJet and HP LaserJet Managed Printers models.

Firmware 84

Firmware Education Media Hacking 84

Security Affairs

APRIL 18, 2023

CVE-2023-2033 – Google Chromium V8 Engine Type Confusion Vulnerability. The CVE-2023-2033 flaw is the first Chrome zero-day vulnerability addressed by Google in 2023. The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11.

Education 76

Education Media Engineering Cybersecurity 76

Duo's Security Blog

JANUARY 23, 2024

Throughout 2023, we’ve heard about many high-profile security incidents targeting a wide range of publicly listed companies. Additionally, Chief Information Security Officers (CISOs) have also been under scrutiny for the actions they’ve taken to address these issues. WebAuthn is important.

Authentication 75

Authentication Accountability CISO Technology 75

Security Affairs

APRIL 11, 2023

Apple has released emergency updates to backport security patches that address two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. The zero-day CVE-2023-28205 is a use after free issue that resides in the WebKit, its exploitation may lead to arbitrary code execution. iPadOS 16.4.1, and Safari 16.4.1.

Education 79

Education Media Hacking Cybersecurity 79

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking 302

Banking Government Information Security Authentication 302

Centraleyes

DECEMBER 10, 2023

SOC 2 is the gold standard in Information Security certifications and shows the world just how seriously your company takes Information Security. The audit itself is conducted by an official auditor, often from the “Big-4” (the 4 largest accounting firms in the US) but the preparation isn’t required to be.

Risk 59

Risk Data breaches Software Information Security 59

Security Affairs

APRIL 27, 2023

Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505).

Ransomware 78

Ransomware Education Media Malware 78

Security Affairs

APRIL 16, 2023

patrickwardle cc @cyb3rops pic.twitter.com/SMuN3Rmodl — MalwareHunterTeam (@malwrhunterteam) April 15, 2023 The discovery is disconcerting and demonstrates the effort of the group to expand its operation targeting also Apple systems. Anyway, the archive in which this sample was included shown bundled date as March 20.

Encryption 95

Encryption Architecture Ransomware Education 95

Security Affairs

MAY 2, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability. CVE-2023-21839 (CVSS score: 7.5) – Oracle WebLogic Server Unspecified Vulnerability.

Education 82

Education Media Cybersecurity Hacking 82

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime 84

Cybercrime Malware Hacking Accountability 84

Security Affairs

APRIL 7, 2023

Apple released emergency security updates to address two actively exploited zero-day vulnerabilities impacting iPhones, Macs, and iPads. Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-28205 and CVE-2023-28206, impacting iPhones, Macs, and iPads.

Education 80

Education Media Hacking Accountability 80

Security Affairs

APRIL 10, 2023

Both vulnerabilities were reported by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab. The zero-day CVE-2023-28205 is a use after free issue that resides in the WebKit, its exploitation may lead to arbitrary code execution. reads the advisory. reads the advisory.

Education 84

Education Media Cybersecurity Accountability 84

Security Affairs

APRIL 25, 2023

A flaw in the Service Location Protocol (SLP), tracked as CVE-2023-29552, can allow to carry out powerful DDoS attacks. A high-severity security vulnerability (CVE-2023-29552, CVSS score: 8.6) impacting the Service Location Protocol ( SLP ) can be exploited by threat actors to conduct powerful volumetric DDoS attacks.

DDOS 79

DDOS Internet Internet Firewall 79

Security Affairs

APRIL 8, 2023

The CVE-2023-26083 flaw in the Arm Mali GPU driver is chained with other issues to install commercial spyware, as reported by Google’s Threat Analysis Group (TAG) in a recent report. CISA orders federal agencies to fix this flaw by April 28, 2023.

Backups 76

Backups Spyware Ransomware Education 76

Security Affairs

APRIL 11, 2023

On January 13, 2023, Yum! Now the company, which owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach and revealed that ransomware actors have stolen personally identifiable information (PII) of an unspecified number of individuals. “As we announced publicly in mid-January, Yum!

Data breaches 89

Data breaches Identity Theft Education Ransomware 89

Security Affairs

APRIL 24, 2023

Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351 ) in attacks in the wild. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability.

Authentication 91

Authentication Software Education Malware 91

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Identity Theft 82

Identity Theft Ransomware Scams Education 82

Security Affairs

APRIL 7, 2023

The group published a series of screenshots of the company’s CTMS and ERP databases The Money Message group threatens to publish the stolen files by Wednesday, April 12, 2023, if the company will not pay the ransom. Today MSI confirmed the security breach, it confirmed that threat actors had access to some of its information service systems.

Ransomware 82

Ransomware Firmware Hacking Manufacturing 82

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 80

Spyware Surveillance Artificial Intelligence Data breaches 80

Security Affairs

JANUARY 15, 2024

The researchers noticed that the number of Balada Injector infections has doubled compared with August 2023. On December 11, 2023 WPScan published a report on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was addressed in version 4.2.3. ” concludes the report.

Malware 105

Malware Hacking Accountability Information Security 105

Security Affairs

FEBRUARY 2, 2024

The incident took place on Thanksgiving Day, November 23, 2023, and Cloudflare immediately began an investigation with the help of CrowdStrike. The company pointed out that no customer data or systems were impacted by this security breach. . ” reads the blog post published by the company.

Authentication 100

Authentication Hacking Accountability Information Security 100

Security Affairs

MAY 4, 2023

Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. The company also warned that there are no workarounds for the CVE-2023-20126 vulnerability. The company product has reached end-of-life (EoL). ” continues the advisory.

Firmware 80

Firmware Education Media Authentication 80