Security Affairs

JUNE 10, 2022

The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the IT admins to shut down its infrastructure. The Vice Society ransomware group has claimed responsibility for the recent cyber attack that hit the city of Palermo in the South of Italy.

Ransomware 104

Ransomware Data breaches Cyber Attacks Surveillance 104

Hot for Security

APRIL 5, 2021

But regular consumers are equally affected by cybercrime, directly or indirectly. A key stat: cybercrime in 2020 was marked by a visible and aggressive targeting of the human layer. A key stat: cybercrime in 2020 was marked by a visible and aggressive targeting of the human layer. Aligned efforts to capitalize on COVID-19.

Cybercrime 116

Cybercrime Ransomware Cyber threats Surveillance 116

CyberSecurity Insiders

SEPTEMBER 2, 2022

Hospital authorities suggest that LockBit ransomware hackers were involved in the incident and the negotiations were being conducted to gain time to track down the criminals. Interestingly, the hospital authorities have disclosed that they will not pay any ransom to the cyber criminals and will instead recover data from a backup plan.

Surveillance 104

Surveillance Backups Healthcare Cybercrime 104

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 88

Artificial Intelligence Data breaches Scams Insurance 88

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities.

Government 107

Government Surveillance Cybercrime Ransomware 107

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 83

Spyware Surveillance Artificial Intelligence Data breaches 83

Security Affairs

JULY 30, 2023

Now Abyss Locker also targets VMware ESXi servers Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency Monitor Insider Threats but Build Trust First Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS DepositFiles exposed (..)

Surveillance 76

Surveillance Cryptocurrency Cyber Attacks Hacking 76

Security Affairs

DECEMBER 10, 2023

Will Enable Mass Spying Reddit Says Leaked U.S.-U.K. billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 85

Data breaches Ransomware Hacking Financial Services 85

Security Affairs

JULY 23, 2023

Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Experts believe North Korea behind JumpCloud supply chain attack Nice Suzuki, sport: shame dealer left your data up for grabs Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group ALPHV/BlackCat and (..)

DDOS 87

DDOS Hacking Spyware Surveillance 87

Security Affairs

APRIL 16, 2023

New Android malicious library Goldoson found in 60 apps +100M downloads Siemens Metaverse exposes sensitive corporate data CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Volvo retailer leaks sensitive files A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays Google fixed (..)

Data breaches 71

Data breaches Spyware Retail Surveillance 71

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 80

Cyber Attacks Firewall Data breaches Telecommunications 80

Security Affairs

SEPTEMBER 3, 2022

users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M Pierluigi Paganini.

Data breaches 65

Data breaches Malware Surveillance Ransomware 65

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 87

Data breaches DDOS Artificial Intelligence Ransomware 87

Malwarebytes

OCTOBER 11, 2021

Police take a piece out of a ransomware gang , but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Last week on Malwarebytes Labs. Does Cybersecurity Awareness Month actually improve security? Is it any good for security?

Surveillance 65

Surveillance Data breaches Ransomware Cybercrime 65

Security Affairs

APRIL 17, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Wireless 74

Wireless Data breaches Hacking Surveillance 74

Security Affairs

NOVEMBER 25, 2021

The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. “The adversary might be tied to Iran’s Islamic regime since the Telegram surveillance usage is typical of Iran’s threat actors like Infy, Ferocious Kitten, and Rampant Kitten. fn= hxxp://hr.dedyn.io/upload2.aspx

Surveillance 86

Surveillance Social Engineering Cybercrime Phishing 86

Krebs on Security

MARCH 2, 2023

FIGHTING BADNESS IN THE CLOUD One could convincingly make the case that the world has witnessed yet another historic transfer of wealth and trade secrets over the past decade — in the form of ransomware and data ransom attacks by Russia-based cybercriminal syndicates, as well as Russian intelligence agency operations like the U.S.

Cybersecurity 242

Cybersecurity Insurance Cyber Insurance Government 242

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 71

Spyware Ransomware Malware Data breaches 71

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Security Affairs

FEBRUARY 19, 2023

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy discloses a new data breach Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb German airport websites hit by DDos attacks once again Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine CISA adds Cacti, Office, Windows (..)

DDOS 82

DDOS Data breaches Surveillance Ransomware 82

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5%

Spyware 118

Spyware Manufacturing Small Business Surveillance 118

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 88

Spyware Hacking Data breaches Mobile 88

Malwarebytes

SEPTEMBER 27, 2021

Insecure Hikvision security cameras can be taken over remotely MSHTML attack targets Russian state rocket centre and interior ministry Italian mafia cybercrime sting leads to 100+ arrests How to clear your cache Microsoft exchange autodiscover flaw reveals users’ passwords Parents and teachers believe digital surveillance of kids outweighs risks SonicWall (..)

Phishing 59

Phishing Surveillance Malware Backups 59

Security Affairs

MARCH 26, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches 76

Data breaches DDOS Backups Ransomware 76

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Firmware 70

Firmware Surveillance Malware DDOS 70

Security Affairs

AUGUST 29, 2021

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs Memorial Health System forced to cancel surgeries after ransomware attack Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP. Be sure it is up to date! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware 102

Spyware Data breaches Surveillance Hacking 102

Security Affairs

JANUARY 16, 2022

US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns. Threat actors stole $18.7M Threat actors stole $18.7M Threat actors stole $18.7M Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 73

Surveillance Ransomware Malware Hacking 73

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. 2023 cybersecurity issues will continue: Weak IT fundamentals, poor cybersecurity awareness, and ransomware will still cause problems and make headlines.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

Security Affairs

DECEMBER 10, 2019

Experts spotted a new piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions. Researchers discovered a new strain of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions and encrypt files on the system.

Ransomware 64

Ransomware Encryption Malware Advertising 64

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 US seizes $3.6 Pierluigi Paganini.

Spyware 71

Spyware Surveillance Ransomware Hacking 71

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. Demanding money ‘with menaces’ ‘Enhanced’ ransomware tactics that have been in place since 2019 have proven effective enough to become an integral part of the criminal playbook. More disruptive attacks.

Mobile 134

Mobile Surveillance Ransomware Government 134

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 89

Spyware Surveillance Insurance Malware 89

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Ultimately, Penchukov’s political connections helped him evade prosecution by Ukrainian cybercrime investigators for many years. This was enough to positively identify Tank as Penchukov, Warner said.

Banking 277

Banking Small Business Accountability Cybercrime 277

Security Affairs

JULY 18, 2021

If you want to also receive for free the international press subscribe here.

Spyware 54

Spyware Surveillance Ransomware Retail 54

Security Affairs

FEBRUARY 20, 2022

Follow me on Twitter: @securityaffairs and Facebook.

Banking 82

Banking Spyware Surveillance Ransomware 82

SecureWorld News

AUGUST 8, 2022

Cybercriminals often use malware to gain access to a computer or mobile device to deploy viruses, worms, Trojans, ransomware, spyware, and rootkits. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware. MOUSEISLAND may be the initial phase of a ransomware attack.

Malware 82

Malware Banking Healthcare Penetration Testing 82

Security Affairs

APRIL 19, 2020

April 14 – Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware. Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Below a list of attacks detected this week.

Scams 102

Scams Malware Phishing Surveillance 102