Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware.

Cybercrime 127

Cybercrime Ransomware DDOS Encryption 127

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. The months of May, June, July, and August each presented unique challenges in the realm of cybersecurity. Let us now delve into the detailed breakdown of the days.

Ransomware 115

Ransomware Data collection Hacking Cybersecurity 115

Security Affairs

OCTOBER 4, 2023

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. Ransomware, a menace that has evolved into a formidable adversary, takes center stage in our examination of the cyber threat landscape during the second quarter of 2023.

Ransomware 116

Ransomware Data collection Cyber threats Hacking 116

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. of attacks in 2023), while summer was the most active for ransomware attacks (30.4%). The top 10 groups, based on the number of victims, collectively account for 59% of the total victims in 2023.

Ransomware 129

Ransomware Manufacturing Retail Insurance 129

Security Affairs

MAY 15, 2023

DRM Dashboard Ransomware Monitor released the first quarterly report for the year 2023 about the activities of ransomware groups globally. DRM Dashboard Ransomware Monitor, an independent platform of cybersecurity monitoring, is pleased to release the quarterly the DRM-Report for the first quarter of 2023.

Ransomware 90

Ransomware Cybercrime Cybersecurity Hacking 90

Security Affairs

APRIL 24, 2023

Print management software provider PaperCut confirmed ongoing active exploitation of CVE-2023-27350 vulnerability. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability. ” The CVE-2023-27350 (CVSS score – 9.8)

Cybercrime 87

Cybercrime Software Education Ransomware 87

BH Consulting

NOVEMBER 22, 2023

In front of its largest ever attendance, the annual Irish cybersecurity conference IRISSCON tackled some big themes. Among them were: attacks against critical infrastructure, increasing regulation, the need for empathy from security pros, and – naturally – AI. From the off, 2023 struck a more downbeat tone than last year’s edition.

Cybercrime 64

Cybercrime Technology Cybersecurity Engineering 64

SecureWorld News

MARCH 21, 2023

In Q&A format, they share about their professional journeys, unique experiences, and hopes for the future of cybersecurity—along with some personal anecdotes. He has been working in cybersecurity for the last 20 years and teaching the next generation of InfoSec pros. A : Seeing all the security tribe in the area.

Cybersecurity 77

Cybersecurity InfoSec CISO Cybercrime 77

SecureWorld News

JUNE 13, 2023

Critical Start today released its biannual Cyber Intelligence Report, featuring the top threats observed in the first half of 2023 and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government industries. It's estimated LockBit had nearly 1,100 victims in 2022 alone.

Cyber threats 72

Cyber threats Malware Phishing Penetration Testing 72

Security Affairs

FEBRUARY 2, 2024

Operation Synergia was led by Interpol and ran from September to November 2023 involving law enforcement agencies from 50 countries. The international law enforcement operation was launched to curb the escalation and professionalisation of transnational cybercrime. ” reads the press release published by Interpol.

Cybercrime 105

Cybercrime Banking Phishing Malware 105

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 116

VPN Cybercrime Ransomware Hacking 116

Security Affairs

MAY 12, 2024

The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Advisory (CSA) regarding the Black Basta ransomware activity as part of the StopRansomware initiative. It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.”

Ransomware 124

Ransomware Hacking Healthcare Retail 124

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. Regularly conduct cybersecurity training and simulated phishing exercises to raise awareness and reinforce good security habits. How can just one employee mishap cost a company millions?

Social Engineering 122

Social Engineering Ransomware Engineering Phishing 122

CyberSecurity Insiders

APRIL 7, 2023

Here are the latest threats and advisories for the week of April 7, 2023. By John Weiler Threat Advisories and Alerts Websites Built with Elementor Pro and WooCommerce under Attack Millions of WordPress websites using the popular Elementor Pro website builder and the WooCommerce plugin have been exposed to a serious security vulnerability.

Encryption 52

Encryption Ransomware Marketing Cybercrime 52

Security Affairs

OCTOBER 8, 2023

QakBot threat actors are still operational after the August takedown Ransomware attack on MGM Resorts costs $110 Million Cybersecurity, why a hotline number could be important? Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 111

Data breaches Cybercrime Ransomware Hacking 111

Security Affairs

MAY 12, 2023

Email-based threats have become increasingly sophisticated, how is changing the Email Security Landscape? For over a decade, email has been a common source of cybersecurity threats. What Can We Expect in 2023? As part of their report, the team at VIPRE made three predictions for the email security landscape this year. #1

Phishing 96

Phishing Social Engineering Small Business B2B 96

Security Affairs

MAY 11, 2024

Attackers gained access to names or other personal identifiers in combination with Social Security Numbers of the impacted individuals. “After an extensive forensic investigation and our manual document review, we learned on April 5, 2024 that certain files containing your personal information was subject to unauthorized access.”

Data breaches 112

Data breaches Identity Theft Cybercrime Cyber Attacks 112

Security Affairs

JANUARY 9, 2023

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web. Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. Pierluigi Paganini.

Marketing 98

Marketing Mobile Cybercrime DDOS 98

Security Affairs

JUNE 25, 2023

Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 425 by Pierluigi Paganini – International edition appeared first on Security Affairs.

DDOS 96

DDOS Cybercrime Spyware Malware 96

Security Affairs

MAY 27, 2024

Prescription service company Sav-Rx disclosed a data breach after 2023 cyberattack. The company is notifying 2,812,336 individuals impacted by the security breach in the United States. “On October 8, 2023, we identified an interruption to our computer network. million people in the United States.

Data breaches 118

Data breaches Identity Theft Insurance Technology 118

Security Affairs

MARCH 13, 2024

In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. The threat actor announced the hack on a popular cybercrime forum, he claimed the theft of about 2869 files.

Data breaches 120

Data breaches Computers and Electronics Hacking Cybercrime 120

Security Affairs

OCTOBER 19, 2023

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape.

Social Engineering 120

Social Engineering Artificial Intelligence Engineering Ransomware 120

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 89

Data breaches Cybercrime Firewall Artificial Intelligence 89

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 108

Artificial Intelligence VPN Hacking Firewall 108

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 96

Cybercrime Malware Hacking Accountability 96

Security Affairs

DECEMBER 31, 2023

INC RANSOM ransomware gang claims to have breached Xerox Corp Spotify music converter TuneFab puts users at risk Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania Russia-linked APT28 used new malware in a recent phishing campaign Clash of Clans gamers at risk while using third-party app New Version of Meduza (..)

Artificial Intelligence 111

Artificial Intelligence Cyber Attacks Malware Ransomware 111

Security Affairs

FEBRUARY 5, 2024

The attackers were collecting information on the cybersecurity division of the company and other functions. HPE became aware of the intrusion on December 2023 and immediately launched an investigation into the security breach with the help of external cybersecurity experts. Securities and Exchange Commission (SEC).

Data breaches 115

Data breaches Marketing Hacking Cybersecurity 115

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 108

Data breaches Banking Hacking Malware 108

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 97

Social Engineering Data breaches Ransomware Cybercrime 97

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 107

Ransomware Hacking Spyware Cybercrime 107

Security Affairs

MAY 19, 2024

WebTPA discovered suspicious activity on its network on December 28, 2023 and launched an investigation with the help of third-party cybersecurity experts. The investigation revealed that an unauthorized actor may have obtained personal information between April 18 and April 23, 2023.

Data breaches 118

Data breaches Healthcare Insurance Identity Theft 118

Security Affairs

MARCH 24, 2024

Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

Malware 109

Malware Cybercrime Hacking Cyber threats 109

Security Affairs

MARCH 17, 2024

France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware attack Lazarus APT group returned to Tornado Cash to launder stolen funds Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case UK Defence Secretary jet hit by an electronic warfare attack in Poland Cisco (..)

Data breaches 114

Data breaches Computers and Electronics Cybercrime Ransomware 114

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches 90

Data breaches VPN Hacking Banking 90

Security Affairs

AUGUST 6, 2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug Russian APT29 conducts phishing attacks through Microsoft Teams Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign Burger King forgets to put a password (..)

Malware 89

Malware Cybercrime Cryptocurrency Social Engineering 89

Security Affairs

JULY 26, 2023

FraudGPT is another cybercrime generative artificial intelligence (AI) tool that is advertised in the hacking underground. Generative AI models are becoming attractive for crooks, Netenrich researchers recently spotted a new platform dubbed FraudGPT which is advertised on multiple marketplaces and the Telegram Channel since July 22, 2023.

Artificial Intelligence 98

Artificial Intelligence Cybercrime Phishing Advertising 98

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 113

Social Engineering Spyware Data breaches Surveillance 113