Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 95

Artificial Intelligence VPN Hacking Firewall 95

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 99

Artificial Intelligence Firmware Data breaches Hacking 99

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 88

Social Engineering Data breaches Ransomware Cybercrime 88

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 89

Spyware Hacking Data breaches Mobile 89

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 72

Data breaches Spyware Retail Surveillance 72

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 71

Spyware Ransomware Malware Data breaches 71

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 93

Spyware Cyber Insurance Hacking Advertising 93

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 87

DDOS Cybercrime Spyware Malware 87

Security Affairs

NOVEMBER 28, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 81

Spyware Data breaches Cyber Attacks Ransomware 81

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 92

Spyware Data breaches VPN Hacking 92

Security Affairs

JANUARY 1, 2024

TWO SPYWARE SENDING DATA OF MORE THAN 1.5M million downloads have been discovered spying on users and sending data to China. DARKBEAM LEAKS BILLIONS OF EMAIL AND PASSWORD COMBINATIONS DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches.

Cybersecurity 106

Cybersecurity Spyware Data breaches Passwords 106

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Every week the best security articles from Security Affairs free for you in your email box.

Spyware 121

Spyware Manufacturing Small Business Surveillance 121

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 94

Ransomware Hacking Spyware Cybercrime 94

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 82

Cyber Attacks Firewall Data breaches Telecommunications 82

Security Affairs

JANUARY 30, 2022

QNAP force-installs update against the recent wave of DeadBolt ransomware infections US FCC bans China Unicom Americas telecom over national security risks NCSC warns UK entities of potential destructive cyberattacks from Russia Finnish diplomats’ devices infected with Pegasus spyware Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits (..)

Spyware 80

Spyware Data breaches Ransomware Cybercrime 80

Security Affairs

MARCH 4, 2023

FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0

Spyware 82

Spyware Data breaches Retail Ransomware 82

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 90

Spyware Surveillance Insurance Malware 90

Identity IQ

MAY 7, 2021

With more than 15 billion login credentials available on the dark web because of data breaches, millions of online accounts remain at risk of unauthorized access. While these individual prices seem low, it’s important to remember that data breaches usually compromise millions of accounts at a time which are then sold in bulk.

Accountability 105

Accountability Data breaches Passwords Social Engineering 105

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 80

Spyware Backups Manufacturing Data breaches 80

Security Affairs

JULY 23, 2023

Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Experts believe North Korea behind JumpCloud supply chain attack Nice Suzuki, sport: shame dealer left your data up for grabs Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group ALPHV/BlackCat and (..)

DDOS 88

DDOS Hacking Spyware Surveillance 88

Security Affairs

AUGUST 29, 2021

EskyFun data leak, over 1 million Android gamers impacted Boffins show PIN bypass attack Mastercard and Maestro contactless payments Phorpiex botnet shuts down and authors put source code for sale Atlassian released security patches to fix a critical flaw in Confluence An RCE in Annke video surveillance product allows hacking the device ChaosDB, a (..)

Spyware 102

Spyware Data breaches Surveillance Hacking 102

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 US seizes $3.6

Spyware 72

Spyware Surveillance Ransomware Hacking 72

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

SEPTEMBER 23, 2018

Amazon is investigating allegations that its staff is selling customer data. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. NSO mobile Pegasus Spyware used in operations in 45 countries. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer.

Computers and Electronics 54

Computers and Electronics Cryptocurrency Spyware Data breaches 54

Security Affairs

APRIL 21, 2019

Blue Cross of Idaho data breach, 5,600 customers affected. Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading. Analyzing OilRigs malware that uses DNS Tunneling. Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison. Broadcom WiFi Driver bugs expose devices to hack.

Computers and Electronics 61

Computers and Electronics Spyware Data breaches Advertising 61

Security Affairs

AUGUST 4, 2018

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency 41

Cryptocurrency Data breaches Spyware Surveillance 41

Security Affairs

NOVEMBER 17, 2019

TA505 Cybercrime targets system integrator companies. New TA2101 threat actor poses as government agencies to distribute malware. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure.

DDOS 51

DDOS Spyware Advertising Ransomware 51

Security Affairs

MARCH 14, 2019

We dubbed this JS Sniffer family GMO because the malware uses gmo[.]li 1 The screenshot shows a one-line code (line # 771) that downloads a JS Sniffer designed to steal customers’ data once a user lands on a checkout page. JS Sniffers is a type of malware that remains poorly researched. li host.”. Pierluigi Paganini.

eCommerce 85

eCommerce Marketing Data breaches Advertising 85

Security Affairs

SEPTEMBER 2, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 41

Spyware Banking Data breaches Mobile 41

BH Consulting

OCTOBER 6, 2022

The Verizon Data Breach Investigations Report tells us that 82 per cent of security incidents have a human component. . So with European Cybersecurity Month here, now’s a good time to familiarise ourselves again with a popular cybercrime tactic. spyware, ransomware).”.

Security Awareness 52

Security Awareness Phishing Scams Social Engineering 52

Security Affairs

MARCH 19, 2019

New malware in gang’s arsenal. In January 2019, Group-IB specialists obtained information about previously unknown malware sample used in this attack, dubbed by Group-IB RATv3.ps The malware spreader as part of this campaign was primarily aimed at collecting information from the victim’s computer according to various commands.

Banking 78

Banking Government Passwords Marketing 78

SecureWorld News

NOVEMBER 30, 2023

Consequences of browser-focused cybercrime Hackers are able to utilize browser vulnerabilities to install malware and spyware on devices, steal login credentials for other services, extract sensitive user data, and maintain persistence inside systems.

Spyware 94

Spyware Surveillance Malware Risk 94

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 84

Spyware Surveillance Artificial Intelligence Data breaches 84

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 104

DDOS Data breaches Ransomware Marketing 104

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 104

DDOS VPN Data breaches Cybercrime 104

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 91

Spyware Surveillance Identity Theft DDOS 91