Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. reads the SonicWall’s advisory.

VPN 129

VPN Ransomware Firewall Internet 129

Security Affairs

MARCH 10, 2025

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. The flaw CVE-2024-4577 (CVSS score: 9.8) Over 1,000 attacks detected globally. is a PHP-CGI OS Command Injection Vulnerability.

DDOS 104

DDOS Security Intelligence Hacking Malware 104

Security Affairs

OCTOBER 24, 2024

On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24. On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event.

Hacking 128

Hacking Information Security 128

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. A post about the Change breach from RansomHub on April 8, 2024.

Healthcare 300

Healthcare Insurance Computers and Electronics Data breaches 300

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability CVE-2024-38814 impacts multiple versions of the HCX platform, including versions 4.8.x, x, and 4.10.x. The vulnerability was fixed with versions 4.8.3, and 4.10.1.

Authentication 131

Authentication Mobile Hacking Information Security 131

Security Affairs

APRIL 29, 2025

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. In 2024, over half of zero-days enabled remote code execution or privilege escalation.

Surveillance 109

Surveillance Mobile Software Hacking 109

Security Affairs

JANUARY 15, 2025

Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ). SIP in macOS safeguards the system by blocking the execution of unauthorized code.

Malware 113

Malware Hacking Information Security 113

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence. “Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.”

Phishing 115

Phishing Authentication Telecommunications Accountability 115

SecureList

FEBRUARY 20, 2025

Security incident statistics for 2024 In 2024, the MDR infrastructure received and processed on average 15,000 telemetry events per host every day, generating security alerts as a result. Users are still the weakest link, making Security Awareness training an important focus for corporate information security planning.

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 114

Ransomware Identity Theft Data breaches Cyber threats 114

Security Affairs

OCTOBER 23, 2024

He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy. About Author: Anas Baig With a passion for working on disruptive products, Anas Baig is currently working as a Product Manager at the Silicon Valley based company – Securiti.ai.

Data privacy 126

Data privacy Unstructured Data Risk Data breaches 126

Security Affairs

MAY 27, 2025

A new Russia-linked APT group, tracked as Laundry Bear, has been linked to a Dutch police security breach in September 2024. In October 2024, the Dutch police blamed a state actor for the recent data breach that exposed officers contact details, the justice minister told lawmakers.

Data breaches 77

Data breaches Government Hacking Manufacturing 77

Security Affairs

JANUARY 23, 2025

A CISA and FBI published a joint advisory warning that Chinese hackers exploited four Ivanti flaws ( CVE-2024-8963 , CVE-2024-9379 , CVE-2024-8190 , CVE-2024-9380 ) to achieve remote code execution, steal credentials, and deploy webshells. In one confirmed compromise, the actors moved laterally to two servers.”

Hacking 116

Hacking Government Cybersecurity Information Security 116

Krebs on Security

AUGUST 27, 2024

In a security advisory published Aug. 26, Versa urged customers to deploy a patch for the vulnerability ( CVE-2024-39717 ), which the company said is fixed in Versa Director 22.1.4 ISP on June 12, 2024. In January 2024, the U.S. victims and one non-U.S. ”

Internet 342

Internet Internet Technology Engineering 342

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

OCTOBER 10, 2024

Mozilla released an emergency security update for its Firefox browser to address a critical use-after-free vulnerability, tracked as CVE-2024-9680, that is actively exploited in attacks. The vulnerability CVE-2024-9680 resides in Animation timelines. Experts urge users to upgrade to the latest version as soon as possible.

Hacking 138

Hacking Information Security 138

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn.

Firmware 121

Firmware Manufacturing IoT Healthcare 121

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 132

Backups Ransomware VPN Accountability 132

Security Affairs

OCTOBER 20, 2024

F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system.

Authentication 137

Authentication Hacking Technology Information Security 137

Security Affairs

NOVEMBER 27, 2024

The virtualization giant addressed the following vulnerabilities: Here are the details from VMware’s VMSA-2024-0022 bulletin : Local privilege escalation vulnerability (CVE-2024-38830) (CVSS 7.8) – A local admin on VMware Aria Operations can exploit a vulnerability to escalate privileges to root. Important 8.18.2

Hacking 116

Hacking Information Security 116

Security Affairs

OCTOBER 30, 2024

Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple. Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. 92 for Windows, Mac and 130.0.6723.91

Engineering 132

Engineering Architecture Hacking Information Security 132

Security Affairs

MAY 27, 2025

Sophos states that DragonForce ransomware operators chainedthe three vulnerabilities, tracked as CVE-2024-57727 , CVE-2024-57728 , and CVE-2024-57726 , for initial access. It enables technicians to remotely connect to and control computers for troubleshooting, maintenance, and support purposes.

Ransomware 104

Ransomware Software Retail Data breaches 104

Security Affairs

NOVEMBER 13, 2024

Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. The vulnerability CVE-2024-45421 (CVSS score of 8.5) The vulnerability CVE-2024-45419 (CVSS score of 8.5)

Authentication 115

Authentication Mobile Hacking Information Security 115

Security Affairs

NOVEMBER 9, 2024

Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. CVE-2024-8358 : Command injection in UPDATES_ExtractFile , enabling command execution via file paths during updates.

Hacking 129

Hacking Firmware Software Manufacturing 129

Security Affairs

NOVEMBER 6, 2024

Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest.

Firmware 124

Firmware Manufacturing Hacking Media 124

Security Affairs

NOVEMBER 18, 2024

On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. ” reads the notice of security incident published by the organization.

Ransomware 125

Ransomware Insurance Encryption Healthcare 125

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild.

Media 115

Media Authentication Hacking Accountability 115

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog. x, and 11.3.x.”

Encryption 123

Encryption Hacking Accountability Cybersecurity 123

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 HIBP permalink: [link] pic.twitter.com/Oc2Qvrh6Ov — HackManac (@H4ckManac) October 10, 2024 The threat actors that breached the popular website have shared a copy of the stolen data with the data breach notification service Have I Been Pwned data.

Data breaches 121

Data breaches Internet Internet DDOS 121

Security Affairs

APRIL 26, 2025

The man is accused of having installed the malware on the hospital computers on August 6, 2024. Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. Anthony Hospital.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

OCTOBER 16, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-30088 (CVSS score 7.0) Microsoft Windows Kernel TOCTOU Race Condition Vulnerability CVE-2024-9680 Mozilla Firefox Use-After-Free Vulnerability CVE-2024-28987 (CVSS score 9.1)

Software 118

Software Hacking Government Cybersecurity 118

Security Affairs

NOVEMBER 21, 2024

Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities ( CVE-2024-0012 and CVE-2024-9474 ) in PAN-OS. This access enables administrative actions, configuration tampering, or exploitation of other vulnerabilities like CVE-2024-9474.

Firewall 112

Firewall Hacking VPN Authentication 112

Security Affairs

JUNE 2, 2025

In October 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-43047 Qualcomm Multiple Chipsets Use-After-Free Vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. . “Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.”

Spyware 118

Spyware Hacking Cybersecurity Mobile 118

Security Affairs

MARCH 4, 2025

CVE-2024-50302 (CVSS score of 5.5) Google did now share details about the attacks exploiting the above vulnerabilities, however, in 2024, the Security Lab provided evidence of a Cellebrite zero-day exploit chain to industry partners, leading Google to identify three vulnerabilities.

Mobile 113

Mobile Hacking Cybersecurity Risk 113

Security Affairs

DECEMBER 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference ( CVE-2024-35250 ) and Adobe ColdFusion Improper Access Control ( CVE-2024-20767 ) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The attack complexity is labeled as low.

Hacking 108

Hacking Cybersecurity Ransomware Risk 108

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. The company also fixed a critical SQL injection vulnerability, tracked as CVE-2024-11772 (CVSS score of 9.1) ” reads the advisory published by the company.

Authentication 105

Authentication Software Hacking Information Security 105