Security Affairs

NOVEMBER 2, 2023

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. before 5.18.3 before 5.17.6

Ransomware 116

Ransomware Cybercrime Software Encryption 116

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 87

DDOS Cybercrime Spyware Malware 87

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains were the worst in the world for spam, botnet (attack infrastructure for DDOS etc.) US phishing domains.

Phishing 278

Phishing Telecommunications Malware Scams 278

Security Affairs

OCTOBER 15, 2023

FBI and CISA published a new advisory on AvosLocker ransomware More than 17,000 WordPress websites infected with the Balada Injector in September Ransomlooker, a new tool to track and analyze ransomware groups’ activities Apple releases iOS 16 update to fix CVE-2023-42824 on older devices Phishing, the campaigns that are targeting Italy A new (..)

DDOS 93

DDOS Data breaches Cybercrime Ransomware 93

Security Affairs

SEPTEMBER 17, 2023

Financial Company Geolocating a Traveler via OSINT techniques Telegram Hit by a DDoS Attack: What Is the Cause Behind It?

Spyware 91

Spyware DDOS Cybercrime Ransomware 91

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 102

DDOS VPN Data breaches Cybercrime 102

Security Affairs

OCTOBER 29, 2023

Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023 Lockbit ransomware gang claims to have stolen data from Boeing France agency ANSSI warns of Russia-linked APT28 attacks on French entities How to Collect Market Intelligence with Residential Proxies? Patch it now! How did the Okta Support breach impact 1Password?

Data breaches 93

Data breaches Artificial Intelligence DDOS Malware 93

SecureList

JULY 27, 2023

This is our latest installment, focusing on activities that we observed during Q2 2023. The most remarkable findings Early in June, we issued an early warning of a long-standing campaign that we track under the name Operation Triangulation , involving a previously unknown iOS malware platform distributed via zero-click iMessage exploits.

Malware 88

Malware Government Phishing Social Engineering 88

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 215

Cybercrime Banking Computers and Electronics DDOS 215

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 102

DDOS Data breaches Ransomware Marketing 102

Security Affairs

JUNE 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 86

Data breaches DDOS Backups Firewall 86

BH Consulting

OCTOBER 15, 2023

Ransomware an ongoing threat to industry as crime gangs organise Malware-based cyber-attacks are the most prominent threat to industry, Europol says. A companion to Europol’s IOCTA 2023 report , it digs deeper into malware – ransomware in particular – and DDoS attacks. MORE Have you signed up to our monthly newsletter?

Ransomware 52

Ransomware Data breaches CSO Cyber Attacks 52

Security Affairs

NOVEMBER 22, 2023

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. ” reads the analysis published by Akamai.

DDOS 109

DDOS Wireless Security Intelligence Authentication 109

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 87

Cybercrime Malware Hacking Accountability 87

CyberSecurity Insiders

MARCH 31, 2023

Here are the latest threats and advisories for the week of March 31, 2023. 's National Crime Agency (NCA) announced that it has been running several fake websites purporting to sell Distributed Denial-of-Service (DDoS) services. Threat Advisories and Alerts FBI Alerts U.S.

Malware 52

Malware Phishing DDOS Scams 52

Security Affairs

OCTOBER 19, 2023

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023.

Social Engineering 110

Social Engineering Artificial Intelligence Engineering Ransomware 110

Security Affairs

AUGUST 27, 2023

military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program N.

Cybercrime 77

Cybercrime Hacking Cryptocurrency Ransomware 77

Security Affairs

MAY 27, 2023

New Buhti ransomware operation uses rebranded LockBit and Babuk payloads New PowerExchange Backdoor linked to an Iranian APT group Dark Frost Botnet targets the gaming sector with powerful DDoS New CosmicEnergy ICS malware threatens energy grid assets D-Link fixes two critical flaws in D-View 8 network management suite Zyxel firewall and VPN devices (..)

Cybercrime 85

Cybercrime Ransomware Malware Hacking 85

Security Affairs

JULY 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

DDOS 88

DDOS Hacking Spyware Surveillance 88

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 87

Data breaches DDOS Artificial Intelligence Ransomware 87

Krebs on Security

MAY 22, 2023

Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform. Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. A DIRECT QUOT The domain quot[.]pw

Scams 252

Scams DDOS Cryptocurrency Accountability 252

Security Affairs

FEBRUARY 11, 2024

Now Cybersecurity expert says the next generation of identity theft is here: ‘Identity hijacking’ Were 3 Million Toothbrushes Really Used for a DDoS Attack? Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Spyware 89

Spyware Surveillance Identity Theft DDOS 89

Security Affairs

FEBRUARY 19, 2023

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy discloses a new data breach Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb German airport websites hit by DDos attacks once again Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine CISA adds Cacti, Office, Windows (..)

DDOS 82

DDOS Data breaches Surveillance Ransomware 82

Security Affairs

AUGUST 28, 2023

KmsdBot is an evasive Golang-based malware that was first detected by Akamai in November 2022, it infects systems via an SSH connection that uses weak login credentials. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. ” reads the report published by Akamai.

IoT 88

IoT DDOS Architecture Internet 88

Security Affairs

MARCH 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches 76

Data breaches DDOS Backups Ransomware 76

CyberSecurity Insiders

MARCH 21, 2023

By Joe Fay Microsoft Demonstrates How KillNet Is Bad for Our Healthcare Sector Microsoft has highlighted a rise in DDoS attacks on healthcare organizations, mapping a three-fold increase in attacks over three months. The post Cybersecurity Industry News Review – March 21, 2023 appeared first on Cybersecurity Insiders.

Cybersecurity 52

Cybersecurity Healthcare Scams Ransomware 52

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 86

Data breaches Cybercrime Ransomware Passwords 86

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. Mirai botnets are frequently used to conduct DDoS attacks.”

Firewall 90

Firewall Firmware VPN DDOS 90

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 81

Cyber Attacks Firewall Data breaches Telecommunications 81

Security Affairs

NOVEMBER 20, 2022

Ukraine Police dismantled a transnational fraud group that made €200 million per year Lockbit gang leaked data stolen from global high-tech giant Thales.

DDOS 84

DDOS Cybercrime Ransomware Phishing 84

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS 89

DDOS Engineering Firmware Architecture 89

Security Affairs

JUNE 22, 2023

Since March 2023, Unit 42 researchers have observed a variant of the Mirai botnet spreading by targeting tens of flaws in D-Link, Zyxel, and Netgear devices. Since March 2023, researchers at Palo Alto Networks Unit 42 have observed a new variant of the Mirai botnet targeting multiple vulnerabilities in popular IoT devices.

IoT 85

IoT Malware Encryption DDOS 85

SecureList

NOVEMBER 23, 2023

In our previous summary of consumer predictions , we delved into tactics that we expected scammers and cybercriminals to use in 2023. Despite the fact that our predictions regarding Metaverse did not fully materialize in 2023, we reiterate what we said earlier, as we consider this a long-term trend.

VPN 97

VPN Scams Education Internet 97

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Phishing 86

Phishing Education Accountability Telecommunications 86

Security Affairs

FEBRUARY 14, 2023

In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. The Sucuri SiteCheck detected redirects on over 2,500 sites during September and October, while PublicWWW results show nearly 15,000 websites affected by this malware.

Malware 76

Malware DDOS Cryptocurrency Hacking 76

SecureList

APRIL 13, 2023

In this blog post, we provide excerpts from the recent reports that focus on uncommon infection methods and describe the associated malware. The downloading of the actual malware is done via a variety of possible commands (for example, wget, curl, tftp and ftpget). Is able to do a “stealthy” infection. Evades EDR/AV.

Malware 104

Malware Engineering Advertising Phishing 104

Security Affairs

MAY 14, 2023

The bot borrows a large portion of its code from the original Mirai botnet, but unlike other IoT malware families, it implements a built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai. Then the malware terminates these processe and deletes the corresponding files.

IoT 94

IoT Malware Passwords Authentication 94