Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 97

Data breaches VPN Cloud Migration Cybercrime 97

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising 120

Advertising Cybercrime Malware Cryptocurrency 120

Security Affairs

APRIL 20, 2021

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 115

VPN Hacking Authentication Government 115

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. ” reads the post published by Kaspersky.

VPN 100

VPN Ransomware Antivirus Firmware 100

Security Affairs

MAY 3, 2021

Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are actively exploiting in the wild. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “In A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 110

VPN Government Authentication Cybersecurity 110

Security Affairs

JUNE 17, 2021

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Experts also spotted a tainted version of the Psiphon tool, an open-source VPN software used to evade internet censorship. Pierluigi Paganini.

VPN 125

VPN Internet Internet Software 125

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. Pierluigi Paganini.

Malware 127

Malware VPN Authentication Hacking 127

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 113

Ransomware Backups VPN Authentication 113

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 110

VPN Cybercrime Ransomware Hacking 110

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. The hackers used fake collaboration opportunities (i.e. Pierluigi Paganini.

Accountability 129

Accountability Malware Phishing Social Engineering 129

Security Affairs

JANUARY 13, 2024

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country.

Ransomware 89

Ransomware Backups VPN Authentication 89

Security Affairs

APRIL 8, 2022

Which are the most important cybersecurity measures that businesses can take to protect themselves in the cloud era? This ubiquity has led to increased concerns about data security, as more and more sensitive information is stored online. In this article, we will discuss 15 of the most important cybersecurity measures.

Cybersecurity 103

Cybersecurity Passwords Penetration Testing Encryption 103

Security Affairs

JANUARY 21, 2024

Patch it now! million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Artificial Intelligence 100

Artificial Intelligence VPN Hacking Firewall 100

Security Affairs

MAY 12, 2024

Ohio Lottery data breach impacted over 538,000 individuals Notorius threat actor IntelBroker claims the hack of the Europol A cyberattack hit the US healthcare giant Ascension Google fixes fifth actively exploited Chrome zero-day this year Russia-linked APT28 targets government Polish institutions Citrix warns customers to update PuTTY version installed (..)

Data breaches 83

Data breaches VPN Hacking Banking 83

CyberSecurity Insiders

SEPTEMBER 24, 2021

Even with high-level security measures, no one is safe from such threats. That is why most companies hire professional information security services to mitigate the risks arising from data breaches. Thus, it would be best if you secured all networks by incorporating firewalls and advanced encryption technology.

Cybersecurity 90

Cybersecurity Data breaches Backups Firewall 90

Security Affairs

JUNE 30, 2022

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware , the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 107

Ransomware Cybersecurity Encryption VPN 107

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 104

Data breaches Small Business Hacking Malware 104

Security Affairs

OCTOBER 13, 2020

IoT devices are exposed to cybersecurity vulnerabilities. However, if you know where the dangers lurk, there is a way to minimize the cybersecurity risks. Here are five significant cybersecurity vulnerabilities with IoT in 2020. A hacker managed to identify a weak spot in a security camera model. Poor credentials.

IoT 133

IoT Cybersecurity Manufacturing Internet 133

Security Affairs

FEBRUARY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. The vulnerability CVE-2020-3259 is an information disclosure issue that resides in the web services interface of ASA and FTD. This week the U.S.

Ransomware 129

Ransomware VPN Education Hacking 129

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 108

Ransomware Encryption Antivirus VPN 108

Security Affairs

JANUARY 24, 2024

In January 2024, the Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. According to the NCSC-FI, six out of seven infections were caused by Akira family malware. .” concludes the update. Threat actors are wiping NAS and backup devices.

Ransomware 111

Ransomware VPN Government Retail 111

Security Affairs

JANUARY 3, 2022

SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket. . At the end of the year, gaming giant SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket, cybersecurity firm VPN Overview reported.

VPN 128

VPN Malware Passwords Hacking 128

Malwarebytes

NOVEMBER 22, 2021

FatPipe VPN zero-day actively exploited Malwarebytes CrackMe – contest summary. Other cybersecurity news. Netgear vulnerability patched Phishers target TikTok influencers with verification promises and copyright threats Patch now! Fears escalate as Iranian APT hackers continue to hammer IT service sectors.

Identity Theft 74

Identity Theft VPN Ransomware Banking 74

Security Affairs

SEPTEMBER 25, 2020

Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and exfiltrated data. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and threat actors exfiltrated data. ” continues the report.

VPN 96

VPN Malware Cyber threats Accountability 96

Security Affairs

APRIL 21, 2024

Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 100

Data breaches Phishing Ransomware Malware 100

The Last Watchdog

JUNE 4, 2019

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” The foundation of Silicon Valley was set, and today comparable technology development pieces are being laid in Maryland on the cybersecurity front.

Cybersecurity 193

Cybersecurity Computers and Electronics Technology Marketing 193

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT.

Malware 95

Malware Phishing VPN Accountability 95

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 95

Spyware Data breaches VPN Hacking 95

eSecurity Planet

MAY 20, 2024

Microsoft Patch Tuesday takes center stage in this week’s vulnerability news, with a notable SharePoint Server vulnerability that’s been seen alongside Qakbot malware. This one has been active in the wild; SecureList found it to be in use with Qakbot and other strains of malware.

VPN 62

VPN Firmware Malware Software 62

Security Affairs

MAY 17, 2022

Most of the malicious apps were VPN software (42), followed by Camera (20), and Photo Editing (13). “Facestealer apps are disguised as simple tools — such as virtual private network (VPN), camera, photo editing, and fitness apps — making them attractive lures to people who use these types of apps. To nominate, please visit:?

Spyware 93

Spyware Cryptocurrency VPN Malware 93

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers.

Ransomware 101

Ransomware DDOS Passwords Backups 101

Security Affairs

MAY 9, 2023

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. The new ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Ransomware 79

Ransomware VPN Antivirus Encryption 79

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. ” reads the analysis published by Cisco Talos.

Ransomware 123

Ransomware Hacking VPN Phishing 123

Security Affairs

JULY 29, 2020

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers. ” The botnet is scanning the Internet for misconfigured Docker API endpoints, Experts noticed that the Ngrok malware has already infected many vulnerable servers.

Cryptocurrency 140

Cryptocurrency Malware Advertising VPN 140

Security Affairs

APRIL 8, 2020

The memo was obtained by the website SpaceRef, it warns of both phishing attacks and malware-based attacks. According to the advisory issued by NASA, the number of phishing attempts doubled in the past few days, at the same time the number of malware attacks on its systems has grown exponentially. ” reads the memo.

Cyber Attacks 145

Cyber Attacks Computers and Electronics VPN Phishing 145

Security Affairs

JANUARY 23, 2022

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. from the Lympo NTF platform. from the Lympo NTF platform. Follow me on Twitter: @securityaffairs and Facebook.

VPN 83

VPN Ransomware Spyware DDOS 83

Security Affairs

MAY 1, 2021

. “To further secure your device, do not expose your NAS to the internet. If you must connect your NAS to the internet, we highly recommend using a trusted VPN or a myQNAPcloud link.” The malware was designed to abuse NAS resources and mine cryptocurrency.

Ransomware 116

Ransomware Cryptocurrency Malware Internet 116