Security Affairs

OCTOBER 24, 2024

The “FortiJump” flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant. A new report published by Mandiant states that the recently disclosed Fortinet FortiManager flaw “FortiJump” CVE-2024-47575 (CVSS v4 score: 9.8)

Authentication 134

Authentication Internet Internet Hacking 134

Security Affairs

JANUARY 23, 2025

A CISA and FBI published a joint advisory warning that Chinese hackers exploited four Ivanti flaws ( CVE-2024-8963 , CVE-2024-9379 , CVE-2024-8190 , CVE-2024-9380 ) to achieve remote code execution, steal credentials, and deploy webshells. The advisory details hacking activities exploiting the mentioned vulnerabilities.

Hacking 119

Hacking Government Cybersecurity Information Security 119

Security Affairs

OCTOBER 31, 2024

QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387 , which was exploited by security researchers during the recent Pwn2Own Ireland 2024.

Backups 121

Backups Manufacturing Hacking Information Security 121

Security Affairs

OCTOBER 30, 2024

QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. On Day three of the Pwn2Own Ireland 2024 competition, Ha The Long with Ha Anh Hoang of Viettel Cyber Security (@vcslab) used a single command injection bug to exploit the QNAP TS-464 NAS.

Backups 122

Backups Manufacturing Hacking 122

Security Affairs

OCTOBER 24, 2024

On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24. On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event.

Hacking 130

Hacking Information Security 130

Security Affairs

NOVEMBER 9, 2024

Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. CVE-2024-8358 : Command injection in UPDATES_ExtractFile , enabling command execution via file paths during updates. ” concludes the report.

Hacking 132

Hacking Firmware Software Manufacturing 132

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post.

Ransomware 126

Ransomware Hacking Accountability Cyber Attacks 126

Security Affairs

APRIL 29, 2025

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. In 2024, over half of zero-days enabled remote code execution or privilege escalation.

Surveillance 111

Surveillance Mobile Software Hacking 111

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability CVE-2024-38814 impacts multiple versions of the HCX platform, including versions 4.8.x, x, and 4.10.x. The vulnerability was fixed with versions 4.8.3, and 4.10.1.

Authentication 134

Authentication Mobile Hacking Information Security 134

Security Affairs

MARCH 10, 2025

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. The flaw CVE-2024-4577 (CVSS score: 9.8) Over 1,000 attacks detected globally. is a PHP-CGI OS Command Injection Vulnerability.

DDOS 106

DDOS Security Intelligence Malware Hacking 106

Google Security

MARCH 7, 2025

Posted by Dirk Ghmann In 2024, our Vulnerability Reward Program confirmed the ongoing value of engaging with the security research community to make Google and its products safer. This year, we had a heightened focus on Android Automotive OS and WearOS, bringing actual automotive devices to multiple live hacking events and conferences.

Mobile 102

Mobile Hacking Engineering Technology 102

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government 144

Government Hacking Ransomware Insurance 144

Security Boulevard

DECEMBER 20, 2024

billion in cryptocurrency in 2024, more than half of the $2.2 billion stolen in all crypto hacks, and the attacks by threat groups linked to the rogue nation are becoming more frequent and are happening more quickly. Billion in Crypto in 2024 appeared first on Security Boulevard. North Korean hackers stole $1.34

Cryptocurrency 123

Cryptocurrency Hacking Scams Security Awareness 123

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July.

Hacking 133

Hacking Internet Internet Malware 133

Security Affairs

NOVEMBER 14, 2024

The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure. Days after D-Link announced it wouldn’t patch a critical vulnerability, tracked as CVE-2024-10914 (CVSS score of 9.8), in legacy D-Link NAS devices, that threat actors started attempting to exploit.

DNS 117

DNS Internet Internet Hacking 117

Security Boulevard

DECEMBER 30, 2024

Car and truck dealers fall back on pen and paper as huge SaaS provider gets hacked (again). The post Best of 2024: 30,000 Dealerships Down Ransomware Outage Outrage no. Spend more on security! 2 at CDK Global appeared first on Security Boulevard.

Ransomware 115

Ransomware Hacking Software 115

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. The experts reported the vulnerability to the carmaker on November 20, 2024, and the company fixed it within 24 hours after receiving the report. Admin panel access exposed vehicle data (e.g., ” added Curry.

Hacking 128

Hacking Accountability Passwords Authentication 128

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. In 2024, its U.S.

Spyware 111

Spyware Hacking Surveillance Malware 111

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data. Ransomware attacks on U.S.

Hacking 118

Hacking Healthcare Backups Ransomware 118

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Phishing 117

Phishing Authentication Telecommunications Accountability 117

Security Affairs

JANUARY 15, 2025

Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ). SIP in macOS safeguards the system by blocking the execution of unauthorized code.

Malware 115

Malware Hacking Information Security 115

Security Affairs

DECEMBER 9, 2024

The Brain Cipher ransomware group has been active since at least April 2024.On On June 20, 2024, the group targeted an Indonesian data center causing the disruption of around 210 critical government services, including customs and immigration. Deloitte has faced hacking claims twice recently.

Hacking 126

Hacking Ransomware Accountability Architecture 126

Security Affairs

JANUARY 12, 2025

Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024. The expert discovered the flaw in October 2024 while probing Facebooks ad platform. He exploited the bug to execute commands on an internal company server, effectively taking control of it.

Hacking 115

Hacking Media Information Security 115

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. In January 2024, KrebsOnSecurity broke the news that Urban had been arrested in Florida in connection with multiple SIM-swapping attacks.

Identity Theft 265

Identity Theft Phishing Cryptocurrency Accountability 265

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 117

Ransomware Identity Theft Data breaches Cyber threats 117

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Oracle) reported Bloomberg. This is not okay.

Hacking 122

Hacking Data breaches Encryption Passwords 122

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. effective July 20, 2024. Image: Intrinsec.

Malware 257

Malware Antivirus Software DDOS 257

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. In case you missed any of them, here’s a recap of 2024’s most-read stories.

Scams 238

Scams Cybercrime Cryptocurrency Social Engineering 238

Security Affairs

FEBRUARY 28, 2025

In August 2024, Bitdefender found a major bug in Solarman PVs software, exposing all client connections. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,smart solar systems) They demonstrated how to get access to systems in the United States.

Hacking 104

Hacking Passwords Risk Cyber threats 104

Krebs on Security

MARCH 14, 2025

In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. An alert (PDF) released in October 2024 by the U.S.

Phishing 281

Phishing Malware Scams Passwords 281

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. In January 2024, U.S.

Hacking 342

Hacking Cybercrime Phishing Passwords 342

Security Affairs

NOVEMBER 6, 2024

Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest.

Firmware 127

Firmware Manufacturing Hacking Media 127

Adam Shostack

JANUARY 2, 2025

Image by Midjourney: robot reading many books::2 , while being hacked. Strategie per costruire sistemi sicuri per team di lavoro di grandi dimensioni. Strategie usate dagli hacker per violare sistemi. The robot is sitting on a bench in front of the white house. There is a stack of books on the bench.

Software 130

Software Advertising Hacking 130

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. million print materials, 13 million videos, 1.2 54% were already in @haveibeenpwned.

Data breaches 124

Data breaches Internet Internet DDOS 124

Krebs on Security

APRIL 30, 2025

prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024.

Identity Theft 192

Identity Theft Phishing Cryptocurrency Cybercrime 192

Krebs on Security

NOVEMBER 14, 2024

Nor did he respond to reporting here in January 2024 that he ran an IT company with a 34-year-old Russian man named Aleksandr Ermakov , who was sanctioned by authorities in Australia, the U.K. Shefel says he is now flat broke, and that he currently has little to show for a storied hacking career.

Retail 270

Retail Advertising Cryptocurrency Cybercrime 270