Security Affairs

MARCH 14, 2024

Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited the Windows zero-day flaw CVE-2024-21412 using fake software installers.

Phishing 105

Phishing Malware Software Internet 105

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices.

Malware 101

Malware Cybercrime Hacking Cyber threats 101

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 109

VPN Cybercrime Ransomware Hacking 109

Security Affairs

MARCH 17, 2024

France Travail data breach impacted 43 Million people Scranton School District in Pennsylvania suffered a ransomware attack Lazarus APT group returned to Tornado Cash to launder stolen funds Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case UK Defence Secretary jet hit by an electronic warfare attack in Poland Cisco (..)

Data breaches 107

Data breaches Computers and Electronics Cybercrime Ransomware 107

Security Affairs

APRIL 29, 2024

FBCS, a third-party debt collection agency, collects personal information from its clients to facilitate debt collection activities on behalf of those clients. According to the agency, compromised information may include names, dates of birth, Social Security numbers, and account information.

Data breaches 108

Data breaches Hacking Accountability Cybercrime 108

Security Affairs

FEBRUARY 18, 2024

CISA: hackers breached a state government organization Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs US Gov dismantled the Moobot botnet controlled by Russia-linked APT28 A cyberattack halted operations at Varta production plants North Korea-linked actors breached the emails of a Presidential Office member Nation-state (..)

Cybercrime 98

Cybercrime Ransomware Malware Data breaches 98

Security Affairs

JANUARY 3, 2024

pic.twitter.com/fKUi7bdHyk — ChainLight (@ChainLight_io) January 1, 2024 Urgent Dear Orbit Bridge Users, An unidentified access to Orbit Bridge, a decentralized Cross-chain protocol, was confirmed on Dec-31-2023 08:52:47 PM +UTC. Further information regarding the issue will be updated. We are actively investigating this issue.

Cryptocurrency 127

Cryptocurrency Internet Internet Cybercrime 127

Security Affairs

FEBRUARY 25, 2024

Apple created post-quantum cryptographic protocol PQ3 for iMessage Russian hacker is set to face trial for the hack of a local power grid Microsoft released red teaming tool PyRIT for Generative AI CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week FTC charged Avast with selling users’ browsing data to advertising companies (..)

Spyware 96

Spyware Cyber Insurance Hacking Advertising 96

Security Affairs

APRIL 14, 2024

The threat actor responsible for the post claims to have uploaded the complete database of the company that was stolen in March 2024. The threat actor behind the post claims to have uploaded the “full” database of Giant Tiger customer records stolen in March 2024. Financial data was not impacted in the alleged incident.

Retail 121

Retail Data breaches Hacking Cybercrime 121

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 102

Data breaches Small Business Hacking Malware 102

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 99

Data breaches Phishing Ransomware Malware 99

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 106

Data breaches Social Engineering Malware Hacking 106

Security Affairs

MAY 11, 2024

“After an extensive forensic investigation and our manual document review, we learned on April 5, 2024 that certain files containing your personal information was subject to unauthorized access.” The incident did not impact the gaming network,” reads the notice of data breach sent to the impacted individuals.

Data breaches 66

Data breaches Identity Theft Cybercrime Cyber Attacks 66

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported.

Data breaches 135

Data breaches Telecommunications Cybercrime Hacking 135

Security Affairs

MAY 9, 2024

Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. x and Ivanti Policy Secure. The second flaw, tracked as CVE-2024-21887 (CVSS score 9.1)

Authentication 97

Authentication Backups Cyber threats Malware 97

Security Affairs

MARCH 13, 2024

In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. pic.twitter.com/SXDeZ3I27B — Acer Philippines (@AcerPhils) March 12, 2024 Acer Inc.

Data breaches 111

Data breaches Computers and Electronics Hacking Cybercrime 111

Security Affairs

APRIL 5, 2024

Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores. Sansec researchers observed threat actors are exploiting the recently disclosed Magento vulnerability CVE-2024-20720 to deploy a persistent backdoor on e-stores. The vulnerability CVE-2024-20720 (CVSS score of 9.1)

Malware 122

Malware Hacking Cybercrime Information Security 122

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats. ” The Finnish daily yle.fi

Cybercrime 209

Cybercrime Hacking Data breaches Banking 209

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. ” reads the advisory published by Okta.

VPN 111

VPN Accountability Firewall Data breaches 111

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 88

Spyware Data breaches Hacking Ransomware 88

Security Affairs

DECEMBER 31, 2023

INC RANSOM ransomware gang claims to have breached Xerox Corp Spotify music converter TuneFab puts users at risk Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania Russia-linked APT28 used new malware in a recent phishing campaign Clash of Clans gamers at risk while using third-party app New Version of Meduza (..)

Artificial Intelligence 104

Artificial Intelligence Cyber Attacks Malware Ransomware 104

Security Affairs

JANUARY 28, 2024

Pro-Ukraine hackers wiped 2 petabytes of data from Russian research center Participants earned more than $1.3M

Artificial Intelligence 97

Artificial Intelligence Hacking Malware Cyber Attacks 97

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches 64

Data breaches VPN Hacking Banking 64

Security Affairs

MARCH 26, 2024

In February 2019, CenturyLink Threat Research Labs collected evidence that botnet actor has sold this proxy botnet as a service to other cybercrime gangs that were using it for credential brute forcing, video advertisement fraud, general traffic obfuscation and more. ” reads the report published by Black Lotus Labs.

IoT 124

IoT Cybercrime Internet Internet 124

Security Affairs

APRIL 18, 2024

“As a result of the Australian arm of the investigation, led by the AFP’s Joint Policing Cybercrime Coordination Centre (JCP3), more than 200 officers from the AFP and state and territory police were yesterday (17 April, 2024) involved in executing 22 search warrants across five states. .” reported the AFP. ” The U.K.

Phishing 100

Phishing Cybercrime Passwords Banking 100

Security Affairs

APRIL 15, 2024

The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack. “More specifically, the threat actor downloaded message logs for SMS messages that were sent to certain users under your Duo account between March 1, 2024 and March 31, 2024.

Data breaches 117

Data breaches Social Engineering Engineering Authentication 117

Security Affairs

MARCH 16, 2024

The investigation conducted by France’s Cybermalveillance cybercrime prevention initiative revealed that threat actors stole the personal information of 43 million people between February 6 and March 5, 2024.

Data breaches 110

Data breaches Cybercrime Government Ransomware 110

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 Patch it now!

Artificial Intelligence 99

Artificial Intelligence VPN Hacking Firewall 99

Security Affairs

APRIL 27, 2024

“On February 9, 2024, BenefitsCal discovered that someone, that was not allowed, may have logged into accounts of some users of the BenefitsCal website using reused passwords taken from other websites. . Someone that was not allowed may have accessed your account between March 1, 2023 and February 13, 2024.

Accountability 107

Accountability Passwords Data breaches Hacking 107

Security Affairs

APRIL 30, 2024

Kivimäki was deported to Finland and his trial concluded in March 2024. Threat actors hacked the clinic and stole a database containing information of some 33,000 clients. .” The man was arrested near Paris on February 2023, where he was living under a false identity. ” reads the post published by Brian Krebs.

Hacking 100

Hacking Cybercrime Data breaches Information Security 100

Security Affairs

MARCH 11, 2024

In January 2023, security firm Avast released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. The threat actors behind the attack investigated by the researchers exploited TeamCity flaws CVE-2024-27198 or CVE-2023-42793 to gain initial access to the victim’s environment.

Ransomware 107

Ransomware Malware Manufacturing Healthcare 107

Security Affairs

FEBRUARY 27, 2024

Multiple threat actors have started exploiting the recently disclosed vulnerabilities , tracked as CVE-2024-1709 (CVSS score of 10) and CVE-2024-1708 (CVSS score of 8.4), in the ConnectWise ScreenConnect software.

Ransomware 117

Ransomware Malware Software Authentication 117

Security Affairs

MAY 1, 2024

The company discovered the security breach on March 10, 2024, the attack impacted some corporate systems. Panda Restaurant Group took immediate action to respond to the incident by securing its infrastructure and investigate the scope of the security breach with the help of third-party cybersecurity specialists.

Data breaches 114

Data breaches Identity Theft Hacking Accountability 114

Security Affairs

MAY 3, 2024

” During the investigation into a Linux botnet targeted in a partial takedown by the FBI in January 2024, the researchers discovered another Linux botnet running on some of the same EdgeRouters previously exploited by Pawn Storm. ” concludes the report.

Phishing 97

Phishing Cryptocurrency Internet Internet 97

Security Affairs

APRIL 29, 2024

The phishing attack occurred between February 19, 2024, and February 20, 2024. “A phishing e-mail tries to trick recipients into giving up important information. diagnosis/condition, treatment, test results, medications), and/or health plan information. Attackers obtained the credentials of 23 DHS employees.

Data breaches 117

Data breaches Phishing Hacking Cybercrime 117

Security Affairs

JANUARY 22, 2024

Resecurity has detected a noticeable increase in data leaks from consumer-focused platforms in Thailand, confirming that threat actors are actively targeting the personal data of citizens now at the beginning of 2024. But as we step into 2024, this trend might see a change.

Data breaches 117

Data breaches Government Technology Cybercrime 117

Security Affairs

JANUARY 4, 2024

El servicio está prácticamente restablecido — Orange España (@orange_es) January 3, 2024 The RIPE NCC (Réseaux IP Européens Network Coordination Centre) is one of the Regional Internet Registries (RIRs) responsible for the allocation and registration of IP addresses and autonomous system numbers (ASNs) in a specific geographical region. .”

Internet 111

Internet Internet Accountability Passwords 111