Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 105

VPN Cybercrime Ransomware Hacking 105

Krebs on Security

MAY 28, 2024

Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5 , an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. based startup that tracks proxy and VPN services.

156

156

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 95

Artificial Intelligence VPN Hacking Firewall 95

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 99

Data breaches Small Business Hacking Malware 99

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 95

Data breaches Phishing Ransomware Malware 95

Security Affairs

MAY 12, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 78

Data breaches VPN Hacking Banking 78

Security Affairs

FEBRUARY 27, 2024

Below is the list of the flaws addressed by the company: CVE-2023-6397 – A null pointer dereference vulnerability in some firewall versions could allow a LAN-based attacker to cause denial-of-service (DoS) conditions by downloading a crafted RAR compressed file onto a LAN-side host if the firewall has the “Anti-Malware” feature enabled.

Firewall 110

Firewall VPN Authentication Hacking 110

Security Affairs

FEBRUARY 17, 2024

The researchers analyzed eight incidents involving the Akira ransomware and confirmed that the flaw in Cisco Anyconnect SSL VPN was the entry point in at least six of the compromised devices. “When the vulnerability was made public in 2020, no known public exploits were available. ” continues the report.

Ransomware 127

Ransomware VPN Education Hacking 127

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 282

Malware Software Technology Accountability 282

Security Affairs

JANUARY 24, 2024

In January 2024, the Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. According to the NCSC-FI, six out of seven infections were caused by Akira family malware. ” concludes the update. Threat actors are wiping NAS and backup devices.

Ransomware 106

Ransomware VPN Government Retail 106

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 244

Scams DDOS Cryptocurrency Accountability 244

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. The same group was attributed to the attacks concentrating on the Philippines using the MISTCLOAK, BLUEHAZE, and DARKDEW malware families.

VPN 64

VPN Risk Architecture Firewall 64

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Email Threats: More than 75% of targeted attacks start with an email, delivering 94% of malware. RaaS usage is expected to increase by 25% in 2024. Shockingly, 96% of these attacks come through email.

Social Engineering 120

Social Engineering Cyber Attacks Cyber Insurance IoT 120

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft 104

Identity Theft VPN Malware Ransomware 104

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 91

Spyware Surveillance Identity Theft DDOS 91

Security Boulevard

JANUARY 2, 2024

Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024. This hack served as a stark reminder that the supply chain remains a critical vulnerability in enterprise security. The solution?

CISO 104

CISO Social Engineering Architecture Ransomware 104

Cisco Security

AUGUST 28, 2023

At each conference, we have a hack-a-thon: to create, prove, test, improve and finally put into production new or improved integrations. XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider.

Wireless 68

Wireless DNS Mobile Technology 68

Security Affairs

MARCH 31, 2024

Statistics for H2 2023 AT&T says personal data from 73 million current and former account holders leaked onto dark web US critical infrastructure cyberattack reporting rules inch closer to reality Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Artificial Intelligence 93

Artificial Intelligence Scams Hacking Cybercrime 93

eSecurity Planet

MARCH 4, 2024

February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal.

IoT 116

IoT Internet Internet Ransomware 116