Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 96

Ransomware Hacking Spyware Cybercrime 96

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 95

Spyware Cyber Insurance Hacking Advertising 95

Security Affairs

JUNE 11, 2023

Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt.

Social Engineering 88

Social Engineering Data breaches Ransomware Cybercrime 88

Security Affairs

AUGUST 27, 2021

The Federal Bureau of Investigation (FBI) published a flash alert related to the operations of the Hive ransomware gang. The Federal Bureau of Investigation (FBI) has released a flaw alert on the Hive ransomware attacks that includes technical details and indicators of compromise associated with the operations of the gang.

Ransomware 97

Ransomware Encryption Spyware Backups 97

Security Affairs

MARCH 24, 2024

Cybersecurity US holds conference on military AI use with dozens of allies to determine ‘responsible’ use DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

Malware 99

Malware Cybercrime Hacking Cyber threats 99

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 88

DDOS Cybercrime Spyware Malware 88

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 97

Artificial Intelligence VPN Hacking Firewall 97

Security Affairs

FEBRUARY 21, 2023

Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost. The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. Very important!

Insurance 79

Insurance Ransomware Cyber Insurance Malware 79

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 72

Spyware Ransomware Malware Data breaches 72

Security Affairs

JUNE 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 87

Data breaches DDOS Backups Firewall 87

Security Affairs

OCTOBER 1, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 101

Artificial Intelligence Firmware Data breaches Hacking 101

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Spyware 123

Spyware Manufacturing Small Business Surveillance 123

Security Affairs

NOVEMBER 28, 2021

Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes IKEA hit by a cyber attack that uses stolen internal reply-chain emails Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware Threat actors target crypto and (..)

Spyware 82

Spyware Data breaches Cyber Attacks Ransomware 82

Security Affairs

JANUARY 1, 2024

LOCKBIT RANSOMWARE GANG DEMANDED AN 80 MILLION RANSOM TO CDW The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. TWO SPYWARE SENDING DATA OF MORE THAN 1.5M TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE 1.7

Cybersecurity 109

Cybersecurity Spyware Data breaches Passwords 109

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 89

Spyware Hacking Data breaches Mobile 89

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 77

Surveillance Malware Spyware Education 77

Security Affairs

JULY 23, 2023

Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Experts believe North Korea behind JumpCloud supply chain attack Nice Suzuki, sport: shame dealer left your data up for grabs Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group ALPHV/BlackCat and (..)

DDOS 88

DDOS Hacking Spyware Surveillance 88

Security Affairs

APRIL 16, 2023

New Android malicious library Goldoson found in 60 apps +100M downloads Siemens Metaverse exposes sensitive corporate data CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Volvo retailer leaks sensitive files A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays Google fixed (..)

Data breaches 72

Data breaches Spyware Retail Surveillance 72

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 91

Spyware Surveillance Insurance Malware 91

Security Affairs

JANUARY 30, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 80

Spyware Data breaches Ransomware Cybercrime 80

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Spyware 82

Spyware Data breaches Retail Ransomware 82

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 84

Cyber Attacks Firewall Data breaches Telecommunications 84

Security Affairs

AUGUST 29, 2021

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs Memorial Health System forced to cancel surgeries after ransomware attack Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP. Be sure it is up to date! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware 103

Spyware Data breaches Surveillance Hacking 103

Security Affairs

NOVEMBER 14, 2021

The post Security Affairs newsletter Round 340 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 54

Spyware Data breaches Ransomware Retail 54

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 81

Spyware Backups Manufacturing Data breaches 81

Security Affairs

MAY 29, 2022

If you want to also receive for free the newsletter with the international press subscribe here.

InfoSec 101

InfoSec Spyware DDOS Firewall 101

BH Consulting

NOVEMBER 15, 2022

He argued that security works when it costs €100,000 for spyware to hack into a politician’s iPhone. He analysed ten years of ransomware and found the problem, in terms of volume and frequency, was in 2014. “So So something good is already happening… We’ve already survived peak ransomware in the historical view,” he said.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

Security Affairs

DECEMBER 3, 2022

Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

Spyware 92

Spyware Data breaches VPN Hacking 92

Security Affairs

NOVEMBER 17, 2019

The best news of the week with Security Affairs. Boardriders and its subsidiarities QuikSilver and Billabong infected with ransomware. Major ASP.NET hosting provider SmarterASP hit by ransomware attack. Buran ransomware-as-a-service continues to improve. Mexican state-owned oil company Pemex hit by ransomware.

DDOS 52

DDOS Spyware Advertising Ransomware 52

Security Affairs

FEBRUARY 13, 2022

If you want to also receive for free the newsletter with the international press subscribe here. US seizes $3.6

Spyware 72

Spyware Surveillance Ransomware Hacking 72

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform. from the Lympo NTF platform.

VPN 79

VPN Ransomware Spyware DDOS 79

Security Affairs

OCTOBER 27, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. TA505 cybercrime group use SDBbot RAT in recent campaigns. German firm Pilz still down a week after getting infected with ransomware. Winnti APT group uses skip-2.0

Spyware 41

Spyware Advertising Hacking DDOS 41

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Extortion and ransomwaring of those able and willing to pay up. Actions of various attacker categories.

Spyware 102

Spyware Phishing Cybercrime Energy and Utilities 102

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 93

Spyware Surveillance Identity Theft DDOS 93

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 84

Spyware Surveillance Artificial Intelligence Data breaches 84

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6

DDOS 106

DDOS Data breaches Ransomware Marketing 106