Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. .” reads the advisory published by Okta.

VPN 113

VPN Accountability Firewall Data breaches 113

Security Affairs

APRIL 16, 2024

Cisco Talos researchers warn of large-scale credential brute-force attacks targeting multiple targets, including Virtual Private Network (VPN) services, web application authentication interfaces and SSH services since at least March 18, 2024.

VPN 125

VPN Firewall Authentication Hacking 125

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 110

VPN Cybercrime Ransomware Hacking 110

Security Affairs

JANUARY 21, 2024

Patch it now! million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Artificial Intelligence 100

Artificial Intelligence VPN Hacking Firewall 100

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 107

Data breaches Social Engineering Malware Hacking 107

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Firewall 104

Firewall Government Malware Hacking 104

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 126

Ransomware Backups Healthcare Firewall 126

Security Affairs

MARCH 4, 2024

3/n)) pic.twitter.com/hAKRJR1KFp — HaxRob (@haxrob) February 28, 2024 Both binaries targeted a very old Red Hat Linux version. An intriguing aspect of GTPDOOR is its minimal impact on ingress firewall configurations. Someone hasn't been keeping their systems up to date. (3/n))

Telecommunications 131

Telecommunications Firewall Mobile Malware 131

SecureWorld News

MAY 7, 2024

The increase of attacks on critical assets and infrastructure is requiring the cybersecurity profession to draw a stronger connection between commercial business and national security," said Henryk Ciejek , VP of Information Security at PayScale. "As

Passwords 80

Passwords Manufacturing Technology Authentication 80

Security Affairs

JANUARY 23, 2024

As of January 18, 2024 VMware is aware of exploitation “in the wild.”” reads the advisory. VIBs are collections of files that are designed to manage virtual systems, they can be used to create startup tasks, custom firewall rules, or deploy custom binaries upon the restart of an ESXi machine.

Firewall 117

Firewall Malware Hacking Cybersecurity 117

Security Affairs

MAY 8, 2024

TunnelVision exploits the vulnerability CVE-2024-3661, which is a DHCP design flaw where messages such as the classless static route (option 121) are not authenticated and for this reason can be manipulated by the attackers. The technique manipulates routing tables that used to send network traffic through the VPN tunnel.

VPN 114

VPN Firewall Marketing Encryption 114

Security Affairs

FEBRUARY 13, 2024

Hipocrate Information System (HIS) is a software suite designed to manage the medical and administrative activities of hospitals and other healthcare institutions. “During the night of February 11 to 12, 2024, a massive cyber ransomware attack took place on the production servers on which the HIS IT system runs.

Ransomware 115

Ransomware Backups Encryption Healthcare 115

Security Affairs

FEBRUARY 28, 2024

” In February 2024, a court order allowed US authorities to neutralize the Moobot botnet, a network of hundreds of small office/home office (SOHO) routers under the control of the Russia-linked group APT28. The operation reversibly modified the routers’ firewall rules to block remote management access to the devices.

Energy and Utilities 100

Energy and Utilities Government Firewall Malware 100

The Security Ledger

MAY 2, 2024

Jim and I talk about the findings of DirectDefense’s latest Security Operations Threat Report and dig into the intriguing ways artificial intelligence (AI) is shaping both cyberattack and defense automation strategies. Jim Broome is the President and CTO at DirectDefense.

Cyber threats 52

Cyber threats Artificial Intelligence Threat Reports Technology 52

Security Affairs

JANUARY 19, 2024

The company updated its advisory on January 18, 2023, revealing that it is aware of exploitation “in the wild.” “As of January 18, 2024 VMware is aware of exploitation “in the wild.”” In October, VMware addressed a critical out-of-bounds write vulnerability, tracked as CVE-2023-34048 (CVSS score 9.8), that impacts vCenter Server.

Firewall 115

Firewall Accountability Malware Authentication 115

Security Affairs

APRIL 15, 2024

Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2024-3400 PAN-OS flaw and discovered that threat actors have been exploiting it since March 26, 2024. This flaw impacts PAN-OS 10.2,

Firewall 122

Firewall Authentication Hacking Software 122

Security Affairs

APRIL 16, 2024

Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. CVE-2024-3400 (CVSS score of 10.0) An unauthenticated attacker can exploit the flaw to execute arbitrary code with root privileges on affected firewalls. This flaw impacts PAN-OS 10.2, PAN-OS 11.0,

Firewall 123

Firewall Hacking Software Cybersecurity 123

Centraleyes

DECEMBER 17, 2023

in March of 2024. The 12 technical and operational control requirements of the PCI DSS were established to ensure data security competence and are accepted as a benchmark for information security. Important Note: PCI DSS current version, Version 3.2.1, On that date, PCI DSS v4.0

Passwords 52

Passwords Computers and Electronics Software Risk 52

Security Affairs

APRIL 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog. An unauthenticated attacker can exploit the flaw to execute arbitrary code with root privileges on affected firewalls. This flaw impacts PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1

Firewall 125

Firewall Cybersecurity Hacking Software 125

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 260

Government Hacking Cyber threats Mobile 260

Security Affairs

MARCH 3, 2024

Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl. Private Plane Owners’ Data Linked to LA Intl.

Cybercrime 107

Cybercrime Retail Artificial Intelligence Hacking 107

Centraleyes

JANUARY 14, 2024

Obtaining PCI DSS certification is not impossible and usually takes companies between one day and two weeks to complete, depending on the complexity of payments within the company and the state of information security. which gracefully exits in March 2024, making way for the solo performance of v4.0.

Computers and Electronics 52

Computers and Electronics Risk Software Information Security 52

Security Affairs

MARCH 31, 2024

Expert found a backdoor in XZ tools used many Linux distributions German BSI warns of 17,000 unpatched Microsoft Exchange servers Cisco warns of password-spraying attacks targeting Secure Firewall devices American fast-fashion firm Hot Topic hit by credential stuffing attacks Cisco addressed high-severity flaws in IOS and IOS XE software Google: China (..)

Artificial Intelligence 98

Artificial Intelligence Scams Hacking Cybercrime 98

Cisco Security

AUGUST 28, 2023

For example, an IP tried AndroxGh0st Scanning Traffic against the Registration server, blocked by Palo Alto Networks firewall. With this information, the NOC leadership approved the shunning of the IP. In addition to the SPAN, we requested that Palo Alto send NetFlow from their Firewalls to CTB.

Wireless 63

Wireless DNS Mobile Technology 63

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 99

Cybercrime Spyware Data breaches Antivirus 99

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 92

Data breaches Ransomware Hacking Financial Services 92