Security Affairs

MAY 30, 2023

PyPI is going to enforce two-factor authentication (2FA) for all project maintainers by the end of this year over security concerns. Due to security concerns, PyPI will be mandating the use of two-factor authentication (2FA) for all project maintainers by the end of this year. ” reads the announcement.

Authentication 83

Authentication Accountability Hacking Malware 83

Security Affairs

AUGUST 25, 2022

Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.

Malware 119

Malware Authentication Telecommunications Government 119

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 95

Hacking Firmware Authentication DNS 95

Security Affairs

AUGUST 10, 2023

Experts warn that a new info-stealer named Statc Stealer is infecting Windows devices to steal a broad range of sensitive information. Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices.

Malware 84

Malware Encryption Advertising Cryptocurrency 84

Security Affairs

JULY 7, 2022

Cybersecurity researchers warn of new malware, tracked as OrBit, which is a fully undetected Linux threat. Cybersecurity researchers at Intezer have uncovered a new Linux malware, tracked as OrBit, that is still undetected. The malware can be installed as a volatile implant either by achieving persistence on the compromised systems.

Malware 124

Malware Authentication Hacking Cybersecurity 124

Security Affairs

JANUARY 9, 2023

The crypto-miner Kinsing was first spotted by security firm Aqua Security in April 2020, at the time the experts spotted threat actors scanning the Internet for Docker servers running API ports exposed without a password. The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency.

Malware 90

Malware Authentication Cryptocurrency Internet 90

Security Affairs

AUGUST 22, 2023

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

VPN 87

VPN Ransomware Hacking Education 87

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Below are the job descriptions used to recruit the hackers.

Accountability 125

Accountability Malware Phishing Social Engineering 125

Security Affairs

NOVEMBER 24, 2020

Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major security issue in cPanel , a popular software suite that facilitates the management of a web hosting server.

Hacking 136

Hacking Authentication Accountability Software 136

Security Affairs

APRIL 1, 2021

VMware has addressed a critical authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. VMware has addressed a critical vulnerability, tracked as CVE-2021-21982 , in the VMware Carbon Black Cloud Workload appliance that could be exploited by attackers to bypass authentication. Pierluigi Paganini.

Authentication 102

Authentication Malware Hacking Technology 102

Security Affairs

JUNE 29, 2022

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. solutions. .

Malware 96

Malware Authentication Software Accountability 96

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. ” reads CISA’s advisory.

Malware 129

Malware VPN Authentication Hacking 129

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 101

Malware Encryption Telecommunications Authentication 101

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. “Of these, three were found to be activated during the longer vacations of the Christmas season. In addition, during Christmas, there was one incident caused by another ransomware malware family.” concludes the alert.

Ransomware 109

Ransomware Backups VPN Authentication 109

Security Affairs

APRIL 23, 2024

North Korea-linked APT groups Lazarus , Andariel , and Kimsuky hacked multiple defense companies in South Korea, reported the National Police Agency. The state-sponsored hackers hacked into the subcontractors of defense companies by exploiting vulnerabilities in the targeted systems and deployed malware. concludes the advisory.

Hacking 80

Hacking Malware Accountability Technology 80

Security Affairs

FEBRUARY 27, 2021

A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). “An attacker who is able to extract the secret key would be able to authenticate to any Rockwell Logix controller.” SecurityAffairs – hacking, PLC). Pierluigi Paganini.

Authentication 122

Authentication Software Engineering Manufacturing 122

Security Affairs

JANUARY 16, 2023

Netlab 360 observed unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. Researchers from Qihoo Netlab 360 reported that unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. SecurityAffairs – hacking, malware).

Malware 92

Malware Encryption Authentication Hacking 92

Security Affairs

MAY 13, 2024

Password Management : Use strong, unique passwords and implement multi-factor authentication (MFA) whenever possible, prioritizing authentication apps or hardware tokens over SMS text-based codes. Endpoint Security : Install endpoint security solutions to fortify defenses against malware attacks.

Phishing 102

Phishing Ransomware Security Awareness Authentication 102

Security Affairs

SEPTEMBER 27, 2022

Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. The Erbium info-stealing malware was first spotted by researchers at threat intelligence firm Cluster25 on July 21, 2022.

Malware 80

Malware Password Management Authentication Passwords 80

Security Affairs

JULY 29, 2022

Threat actors used multiple npm packages to target Discord users with malware designed to steal their payment card data. A malicious campaign targeting Discord users leverages multiple npm packages to deliver malware that steals their payment card information, Kaspersky researchers warn. SecurityAffairs – hacking, Discord).

Malware 101

Malware Banking Authentication Passwords 101

Security Affairs

NOVEMBER 24, 2020

Microsoft released an out-of-band update for Windows to address authentication flaws related to a recently patched Kerberos vulnerability. Microsoft released an out-of-band update to address authentication issues in Windows related to a recently patched Kerberos vulnerability tracked as CVE-2020-17049. “An Pierluigi Paganini.

Authentication 126

Authentication Hacking Information Security Malware 126

Security Affairs

AUGUST 10, 2022

The user had enabled password syncing via Google Chrome and had stored their Cisco credentials in their browser, enabling that information to synchronize to their Google account.” SecurityAffairs – hacking, Yanluowang ransomware). The post Cisco was hacked by the Yanluowang ransomware gang appeared first on Security Affairs.

Ransomware 124

Ransomware Hacking VPN Phishing 124

SecureWorld News

FEBRUARY 23, 2023

The news was first reported by cybersecurity and malware research group vx-underground, which posted screenshots of data purportedly stolen from the company. The hacker reportedly tricked an employee into providing a two-factor authentication code delivered via SMS, which allowed them to access the Slack channel.

Hacking 86

Hacking Phishing Data breaches Information Security 86

Security Affairs

JULY 19, 2022

Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families. SecurityAffairs – hacking, Joker).

Malware 120

Malware Spyware Banking Mobile 120

Security Affairs

MARCH 5, 2022

Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. SecurityAffairs – hacking, Anonymous). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Hacking 144

Hacking Government Banking Media 144

Security Affairs

MAY 9, 2024

In early January, the software firm reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

Authentication 94

Authentication Backups Cyber threats Malware 94

Security Affairs

AUGUST 13, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Threat actors can also compromise a data center by establishing a backdoor and abuse systems and devices spread malware on a large scale. CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5)

Hacking 85

Hacking Firmware Authentication Software 85

Security Affairs

OCTOBER 28, 2021

AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu , with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e.

Malware 92

Malware Cybercrime Mobile Banking 92

Security Affairs

JANUARY 13, 2024

According to the NCSC-FI, six out of seven infections were caused by Akira family malware. In addition, during Christmas, there was one incident caused by another ransomware malware family.” Cisco investigated the hacking campaign with the help of Rapid7. ” reads the NCSC-FI’s alert. concludes the alert.

Ransomware 85

Ransomware Backups VPN Authentication 85

Security Affairs

OCTOBER 3, 2022

Documents belonging to the Italian luxury sports car manufacturer Ferrari are circulating online, the company confirmed their authenticity stating it is not aware of cyber attacks. SecurityAffairs – hacking, Log4Shell). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Hacking 111

Hacking Manufacturing Cyber Attacks Ransomware 111

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 86

Spyware Data breaches Hacking Ransomware 86

Security Affairs

JANUARY 18, 2023

The vulnerabilities discovered in the Netcomm routers are a a stack based buffer overflow and an authentication bypass, respectively tracked as CVE-2022-4873 and CVE-2022-4874. CVE-2022-4874 – Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content.

Hacking 86

Hacking Authentication Software Internet 86

Security Affairs

APRIL 8, 2021

The maintainers of the PHP programming language have provided an update regarding the security breach that took place on March 28. Unknown attackers hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a backdoor into the source code. SecurityAffairs – hacking, data breach).

Hacking 84

Hacking Passwords Authentication Data breaches 84

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. SecurityAffairs – North Korea, hacking).

Malware 115

Malware Advertising Government Cryptocurrency 115

Security Affairs

APRIL 20, 2021

According to coordinated reports published by FireEye and Pulse Secure , two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. ” reads the advisory published by Pulse Secure. .”

VPN 113

VPN Hacking Authentication Government 113

Security Affairs

JANUARY 18, 2021

It is not known how the account was accessed: the account had a good password, but did not have two-factor authentication enabled.” “The intruder was able to download a copy of the user list that contains email addresses, handles, and other statistical information about the users of the forum. .” Pierluigi Paganini.

Hacking 129

Hacking Data breaches Passwords Accountability 129

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. SecurityAffairs – hacking, Ukraine).

Malware 80

Malware Phishing Banking Government 80