2023, Blog, Hacking and Information Security

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

The Last Watchdog

JULY 7, 2023

Budapest, Hungary, July 07, 2023 — Silent Signal, a leading technology provider of state-of-the-art ethical hacking services and solutions, discovered and reported a vulnerability to IBM, that has been confirmed and identified under CVE-2023-30990. Affected product(s) and version(s) are IBM i 7.2, IBM i 7.3, and IBM i 7.5

Architecture

Architecture Hacking Media Government

Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748

Security Affairs

NOVEMBER 1, 2023

Experts warn that threat actors started exploiting the critical flaw CVE-2023-46747 in F5 BIG-IP installs less than five days after PoC exploit disclosure. F5 this week warned customers about a critical security vulnerability, tracked as CVE-2023-46747 (CVSS 9.8), that impacts BIG-IP and could result in unauthenticated remote code execution.

Authentication

Authentication Hacking Cybersecurity Information Security

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

OCTOBER 18, 2023

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day. ” reported Google TAG.

Cybercrime

Cybercrime Malware Software Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023

Security Affairs

APRIL 25, 2023

VMware released security updates to address two zero-day vulnerabilities ( CVE-2023-20869, CVE-2023-20870 ) that were chained by the STAR Labs team during the Pwn2Own Vancouver 2023 hacking contest against Workstation and Fusion software hypervisors. They earned $80,000 and 8 Master of Pwn points.

Hacking

Hacking Education Software Media

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

SecureList

JANUARY 18, 2023

Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023. The trend for personal data leaks grew rapidly in 2022 and will continue into 2023. The number of posts in those blogs grew in 2022, both in open sources and on the dark web.

Media

Media Social Engineering Ransomware Hacking

SAP April 2023 security updates fix critical vulnerabilities

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. CVE-2023-28765 : An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) – versions 420, 430, can exploit the issue to access to lcmbiar file and further decrypt the file.

Education

Education Media Authentication Passwords

Google fixed the second actively exploited Chrome zero-day of 2023

Security Affairs

APRIL 19, 2023

Google rolled out emergency fixes to address another actively exploited high-severity zero-day flaw, tracked as CVE-2023-2136 , in its Chrome web browser. The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023.

Education

Education Media Engineering Hacking

Google fixed the first Chrome zero-day of 2023

Security Affairs

APRIL 14, 2023

Google released an emergency security update to address the first Chrome zero-day vulnerability (CVE-2023-2033) in 2023, the company is aware of attacks in the wild exploiting the issue. The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11. “Type Confusion in V8.

Education

Education Media Engineering Hacking

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking

Hacking Firmware Authentication DNS

Barracuda Email Security Gateway (ESG) hacked via zero-day bug

Security Affairs

MAY 24, 2023

The vulnerability, tracked as CVE-2023-2868, resides in the module for email attachment screening, the issue was discovered on May 19 and the company fixed it with the release of two security patches on May 20 and 21. “Barracuda identified a vulnerability ( [link] ) in our Email Security Gateway appliance (ESG) on May 19, 2023.

Hacking

Hacking Network Security Cybersecurity Information Security

New ransomware trends in 2023

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. A few months after last year’s blog post came out, we stumbled across a new multi-platform ransomware family, which targeted both Linux and Windows. In 2022, Kaspersky solutions detected over 74.2M

Ransomware

Ransomware Malware Architecture Telecommunications

Microsoft Patch Tuesday for May 2023 fixed 2 actively exploited zero-day flaws

Security Affairs

MAY 9, 2023

Microsoft Patch Tuesday Security updates for May 2023 address a total of 40 vulnerabilities, including two zero-day actively exploited in attacks. Microsoft’s May 2023 security updates address 40 vulnerabilities, including two zero-day flaws actively exploited in attacks. ” reads the advisory. We are in the final!

Antivirus

Antivirus Malware Hacking Cybersecurity

T-Mobile suffered the second data breach in 2023

Security Affairs

MAY 1, 2023

T-Mobile disclosed the second data breach of 2023, threat actors had access to the personal information of hundreds of customers since February. T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information of hundreds of customers starting in late February 2023.

Data breaches

Data breaches Mobile Identity Theft Accountability

Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035

Security Affairs

AUGUST 24, 2023

Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). The vulnerability CVE-2023-38035 impacts Sentry versions 9.18

Internet

Internet Internet Authentication Risk

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Ransomware gang Money Message claims to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Hacking

Hacking Ransomware Manufacturing Education

Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware

Ransomware Cybercrime Cybersecurity Hacking

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Security Affairs

JUNE 1, 2023

The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. pic.twitter.com/g5jpz2Rtm6 — Dominic Alvieri (@AlvieriD) May 30, 2023 The gang claims to have stolen 2TB of sensitive data, belonging to lawyers, SEC, DoD, FBI, Police and more.

Technology

Technology Hacking Ransomware Manufacturing

What the Email Security Landscape Looks Like in 2023

Security Affairs

MAY 12, 2023

What started as notes from Nigerian princes that needed large sums of money to help them get home has evolved into bad actors that use refined social engineering tactics to convince the receiver to unknowingly share important information. What Can We Expect in 2023? It’s not likely to stop there. QR code spoofing.

Phishing

Phishing Social Engineering Small Business B2B

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. “Shevlyakov also attempted to acquire computer hacking tools.” hacking tools and electronics appeared first on Security Affairs. ” reads a press release published by DoJ.

Computers and Electronics

Computers and Electronics Hacking Penetration Testing Manufacturing

VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root

Security Affairs

APRIL 20, 2023

VMware fixed two severe flaws, tracked as CVE-2023-20864 and CVE-2023-20865, impacting the VMware Aria Operations for Logs product. The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8)

Education

Education Media Hacking Accountability

Kubernetes flaws could lead to remote code execution on Windows endpoints

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered three security flaws in Kubernetes that can lead to remote code execution on Windows endpoints. Akamai researchers recently discovered a high-severity vulnerability in Kubernetes tracked as CVE-2023-3676 (CVSS 8.8). Below is the disclosure timeline: 07/13/2023 — Vulnerability disclosed to Kubernetes team.

Hacking

Hacking Information Security

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. .

Firewall

Firewall Firmware VPN Authentication

CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 1, 2023

US CISA added two vulnerabilities, tracked as CVE-2023-46747 and CVE-2023-46748, in BIG-IP to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities CVE-2023-46747 and CVE-2023-46748 in BIG-IP to its Known Exploited Vulnerabilities catalog.

Authentication

Authentication Hacking Risk Cybersecurity

LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

CyberSecurity Insiders

APRIL 7, 2023

Here are the latest threats and advisories for the week of April 7, 2023. By John Weiler Threat Advisories and Alerts Websites Built with Elementor Pro and WooCommerce under Attack Millions of WordPress websites using the popular Elementor Pro website builder and the WooCommerce plugin have been exposed to a serious security vulnerability.

Encryption

Encryption Ransomware Marketing Cybercrime

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

By that time, Kivimäki was no longer in Finland, but the Finnish government nevertheless charged Kivimäki in absentia with the Vastaamo hack. Another domain hosted a fake blog that besmirched the reputation of a Tulsa, Okla. ” Antti Kurittu is an information security specialist and a former criminal investigator.

Cybercrime

Cybercrime Hacking Data breaches Banking

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 22, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability. CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability.

Education

Education Media Authentication Cybersecurity

Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now!

Security Affairs

OCTOBER 24, 2023

VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass vulnerability, tracked as CVE-2023-34051 , in VMware Aria Operations for Logs (formerly known as vRealize Log Insight). The vulnerability CVE-2023-34051 (CVSS score 8.1) See blog above for more details.

Authentication

Authentication Hacking Cybersecurity Information Security

Hackers are taking advantage of the interest in generative AI to install Malware

Security Affairs

MAY 3, 2023

” reads the Meta’s Q1 2023 Security Reports. ” said Meta Chief Information Security Officer Guy Rosen. For example, we’ve seen threat actors create malicious browser extensions available in official web stores that claim to offer ChatGPT-related tools.” “ChatGPT is the new crypto.”

Malware

Malware Education Accountability Media

CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 15, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-20963 – Android Framework Privilege Escalation Vulnerability. CISA orders federal agencies to fix this flaw by May 4, 2023.

Education

Education Accountability Media Cybersecurity

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity! .

Cybercrime

Cybercrime Advertising IoT Malware

Cybercrime group exploits Windows zero-day in ransomware attacks

Security Affairs

APRIL 11, 2023

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252 , in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for April 2023.

Cybercrime

Cybercrime Ransomware Education Media

Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical

Security Affairs

APRIL 10, 2023

Cybersecurity vendor Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw, tracked as CVE-2023-1671 (CVSS score of 9.8), that can lead to code execution. The CVE-2023-1671 flaw is a pre-auth command injection issue that resides in the warn-proceed handler, it affects appliances older than version 4.3.10.4.

Firewall

Firewall Education Media Hacking

HP would take up to 90 days to fix a critical bug in some business-grade printers

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 score 9.1), that affects tens of HP Enterprise LaserJet and HP LaserJet Managed Printers models.

Firmware

Firmware Education Media Hacking

Nexx bugs allow to open garage doors, and take control of alarms and plugs

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Improper Input Validation CWE-20 ( CVE-2023–1751 , CVSS3.0:

Manufacturing

Manufacturing Media Firewall Education

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Ransomware

Ransomware Firmware Hacking Manufacturing

Apple released emergency updates to fix recently disclosed zero-day bugs on older devices

Security Affairs

APRIL 11, 2023

Apple has released emergency updates to backport security patches that address two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. The zero-day CVE-2023-28205 is a use after free issue that resides in the WebKit, its exploitation may lead to arbitrary code execution. iPadOS 16.4.1, and Safari 16.4.1.

Education

Education Media Hacking Cybersecurity

A flaw in the Essential ‘Addons for Elementor’ WordPress plugin poses 1M sites at risk of hacking

Security Affairs

MAY 11, 2023

Researchers from PatchStack discovered that the plugin is affected by an unauthenticated privilege escalation issue, tracked as CVE-2023-32243, that can allow remote attackers to gain administrator rights on the website. The plugin has more than one million active installations.

Hacking

Hacking Risk Passwords Accountability

Balada Injector continues to infect thousands of WordPress sites

Security Affairs

JANUARY 15, 2024

The researchers noticed that the number of Balada Injector infections has doubled compared with August 2023. Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. The Balada injector is a malware family that has been active since 2017.

Malware

Malware Hacking Accountability Information Security

LockBit leaks data stolen from the South Korean National Tax Service

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Identity Theft

Identity Theft Ransomware Scams Education

Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware

Security Affairs

APRIL 27, 2023

Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505).

Ransomware

Ransomware Education Media Malware

Experts found the first LockBit encryptor that targets macOS systems

Security Affairs

APRIL 16, 2023

patrickwardle cc @cyb3rops pic.twitter.com/SMuN3Rmodl — MalwareHunterTeam (@malwrhunterteam) April 15, 2023 The discovery is disconcerting and demonstrates the effort of the group to expand its operation targeting also Apple systems. Anyway, the archive in which this sample was included shown bundled date as March 20.

Encryption

Encryption Architecture Ransomware Education

CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 2, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability. CVE-2023-21839 (CVSS score: 7.5) – Oracle WebLogic Server Unspecified Vulnerability.

Education

Education Media Cybersecurity Hacking

Apple addressed two actively exploited zero-day flaws

Security Affairs

APRIL 7, 2023

Apple released emergency security updates to address two actively exploited zero-day vulnerabilities impacting iPhones, Macs, and iPads. Apple has released emergency security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-28205 and CVE-2023-28206, impacting iPhones, Macs, and iPads.

Education

Education Media Hacking Accountability

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime

Cybercrime Malware Hacking Accountability

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748

Webinars

Trending Sources

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Webinars

VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

SAP April 2023 security updates fix critical vulnerabilities

Google fixed the second actively exploited Chrome zero-day of 2023

Google fixed the first Chrome zero-day of 2023

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Barracuda Email Security Gateway (ESG) hacked via zero-day bug

New ransomware trends in 2023

Microsoft Patch Tuesday for May 2023 fixed 2 actively exploited zero-day flaws

T-Mobile suffered the second data breach in 2023

Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035

Money Message ransomware group claims to have hacked IT giant MSI

Introducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

What the Email Security Landscape Looks Like in 2023

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root

Kubernetes flaws could lead to remote code execution on Windows endpoints

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog

LATEST CYBERTHREATS AND ADVISORIES – APRIL 7, 2023

Alleged Extortioner of Psychotherapy Patients Faces Trial

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now!

Hackers are taking advantage of the interest in generative AI to install Malware

CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Cybercrime group exploits Windows zero-day in ransomware attacks

Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical

HP would take up to 90 days to fix a critical bug in some business-grade printers

Nexx bugs allow to open garage doors, and take control of alarms and plugs

MSI confirms security breach after Money Message ransomware attack

Apple released emergency updates to fix recently disclosed zero-day bugs on older devices

A flaw in the Essential ‘Addons for Elementor’ WordPress plugin poses 1M sites at risk of hacking

Balada Injector continues to infect thousands of WordPress sites

LockBit leaks data stolen from the South Korean National Tax Service

Crooks use PaperCut exploits to deliver Cl0p and LockBit ransomware

Experts found the first LockBit encryptor that targets macOS systems

CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog

Apple addressed two actively exploited zero-day flaws

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Stay Connected