Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 108

Social Engineering Spyware Data breaches Surveillance 108

Security Affairs

OCTOBER 1, 2023

Patch your TeamCity instance to avoid server hack Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Artificial Intelligence 103

Artificial Intelligence Firmware Data breaches Hacking 103

Malwarebytes

OCTOBER 3, 2022

Local government cybersecurity: 5 best practices. Optus data breach "attacker" says sorry, it was a mistake. Spyware disguises itself as Zoom downloads. Last week on Malwarebytes Labs: Why (almost) everything we told you about passwords was wrong. Two new Exchange Server zero-days in the wild.

Spyware 58

Spyware Data breaches Passwords Phishing 58

Security Affairs

MARCH 24, 2024

Government’s Antitrust Case Against Apple Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ramadan ) Players hacked during the matches of Apex Legends Global Series.

Malware 102

Malware Cybercrime Hacking Cyber threats 102

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 97

Spyware Cyber Insurance Hacking Advertising 97

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Spyware 86

Spyware Data breaches Retail Ransomware 86

Security Affairs

APRIL 22, 2024

The threat actors shared a portion of the stolen data with TechCrunch as proof of the hack, it includes records on current and former government officials, diplomats, and politically exposed people. The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm.

Risk 117

Risk Spyware Hacking Accountability 117

Security Affairs

AUGUST 7, 2022

of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Spyware 124

Spyware Manufacturing Small Business Surveillance 124

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 53

Spyware Data breaches Ransomware Retail 53

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cyber Attacks 85

Cyber Attacks Firewall Data breaches Telecommunications 85

Security Affairs

JUNE 21, 2020

Maze ransomware gang hacked M&A firm Threadstone Advisors LLP Ransomware attack disrupts operations at Australian beverage company Lion Tech firms suspend use of ‘biased facial recognition technology Accessories giant Claires is the victim of a Magecart attack, credit card data exposed Black Kingdom ransomware operators exploit Pulse VPN flaws (..)

DDOS 96

DDOS Spyware Mobile Advertising 96

Security Affairs

FEBRUARY 13, 2022

Organizations are addressing zero-day vulnerabilities more quickly, says Google CISA, FBI, NSA warn of the increased globalized threat of ransomware Croatian phone carrier A1 Hrvatska discloses data breach FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities (..)

Spyware 76

Spyware Surveillance Ransomware Hacking 76

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 84

Spyware Backups Manufacturing Data breaches 84

Security Affairs

JULY 13, 2019

Croatia government agencies targeted with news SilentTrinity malware. Cyberattack shuts down La Porte County government systems. Maryland Department of Labor discloses a data breach. UK ICO proposes a $123 million fine for Marriott 2014 data breach. Once again thank you!

Data breaches 51

Data breaches Spyware Advertising Government 51

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 91

DDOS Cybercrime Spyware Malware 91

Security Boulevard

MAY 3, 2021

The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles. You can check if your phone number or email address is part of this Facebook data leak and other data breaches on the Have I Been Pwned website. million of a £10.4

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

NOVEMBER 15, 2023

The Cybernews research team discovered that Strendus, a Mexican-licensed online casino, had left public access to 85GB of its authentication logs, with hundreds of thousands of entries containing private gamblers’ data. The open instance also contained data from another online casino, MustangMoney. Amount of leaked data.

Passwords 105

Passwords Identity Theft Social Engineering Spyware 105

Security Affairs

APRIL 24, 2022

Phishing attacks using the topic “Azovstal” targets entities in Ukraine Conti ransomware claims responsibility for the attack on Costa Rica Cyber Insurance and the Changing Global Risk Environment A stored XSS flaw in RainLoop allows stealing users’ emails QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS Pwn2Own Miami hacking contest (..)

Cyber Insurance 78

Cyber Insurance Spyware Firmware Insurance 78

Security Affairs

APRIL 21, 2019

Blue Cross of Idaho data breach, 5,600 customers affected. Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading. Hacker broke into super secure French Governments Messaging App Tchap hours after release. Adblock Plus filter can be exploited to execute arbitrary code in web pages.

Computers and Electronics 62

Computers and Electronics Spyware Data breaches Advertising 62

Security Affairs

AUGUST 25, 2019

At least 23 Texas local governments targeted by coordinated ransomware attacks. Capital One hacker suspected to have breached other 30 companies. App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice. million to allow towns to access encrypted data. Once again thank you!

Small Business 50

Small Business Spyware Data breaches Advertising 50

The Last Watchdog

MAY 2, 2019

Many SMBs lack the wherewithal to recover from the long-run consequences of a serious breach. High to very high threat Index contributors expressed a widely held belief that a data breach can put a company out of business. These stark realities are beginning to sink in.

Risk 182

Risk Cyber Risk Cyber threats Banking 182

Security Affairs

MARCH 19, 2019

Group-IB specialists discovered 19 928 of Singaporean banks’ cards that have shown up for sale in the dark web in 2018 and found hundreds of compromised government portals’ credentials stolen by hackers throughout past 2 years. Users’ logins and passwords from the Government Technology Agency ( [link] [.] Have you been pwned?

Banking 80

Banking Government Passwords Marketing 80

Security Affairs

NOVEMBER 17, 2019

New TA2101 threat actor poses as government agencies to distribute malware. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. The Australian Parliament was hacked earlier this year. Two men arrested for stealing $550,000 in cryptocurrency with Sim Swapping. Checkra1n, a working iPhone Jailbreak, was released.

DDOS 51

DDOS Spyware Advertising Ransomware 51

Security Affairs

MAY 26, 2024

million individuals North Korea-linked Kimsuky used a new Linux backdoor in recent attacks International Press – Newsletter Cybercrime Healthcare company WebTPA discloses breach affecting 2.5 Fix it now!

Healthcare 103

Healthcare Spyware Data breaches Banking 103

SecureList

AUGUST 15, 2022

WinDealer’s man-on-the-side spyware. In addition to affecting most of the previously mentioned countries, the threat actor targeted military and government organizations in Indonesia, Uzbekistan and Kyrgyzstan. The code is unique, with no similarities to known malware, so it is unclear who is behind the attack.

Mobile 85

Mobile Ransomware Malware Encryption 85

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 88

Spyware Surveillance Artificial Intelligence Data breaches 88

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 95

Spyware Surveillance Identity Theft DDOS 95

Security Affairs

MAY 24, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches 68

Data breaches Spyware Advertising Manufacturing 68

Security Affairs

JULY 18, 2021

Biden discussed Russian ransomware gangs with Putin in a phone call Hackers accessed Mint Mobile subscribers data and ported some numbers Magecart hackers hide stolen credit card data into images and bogus CSS files Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack BIOPASS malware abuses OBS Studio to spy on victims (..)

Spyware 54

Spyware Surveillance Ransomware Retail 54

Security Affairs

JANUARY 10, 2021

Just where is the Global Cyber-defense Market going, and why is it failing so spectacularly to protect the data assets of the largest and most heavily protected government institutions and corporate companies in the world. For more information on this breach, see: Leonardo Data Breach.

Cyber Attacks 92

Cyber Attacks Government Surveillance Software 92

Krebs on Security

JULY 16, 2019

Those include a large number of cybercrime forums and stolen credit card shops, ransomware download sites, Magecart-related infrastructure , and a metric boatload of phishing Web sites mimicking dozens of retailers, banks and various government Web site portals. biz: -Based in Asia and Europe. -It

Cybercrime 185

Cybercrime Phishing Banking Malware 185

Security Affairs

JULY 7, 2019

Singapore Government will run its third bug bounty program. ViceLeaker Android spyware targets users in the Middle East. Israel blamed Russia for jamming at Israeli Ben Gurion airport. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. New variant of Dridex banking Trojan implements polymorphism.

Scams 48

Scams Spyware DNS Advertising 48

ForAllSecure

AUGUST 14, 2019

Reports suggest that smishing is one possible attack vector for the spyware. This effectively limits its market to government customers, and these, indeed, seem to have been NSO Group's principal buyers. Government agencies are also targeted. This is not a case of hoarding; this is stealing, the government argued.

Energy and Utilities 52

Energy and Utilities Penetration Testing Government Education 52

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Passwords 121

Security Affairs

APRIL 28, 2024

Companies and Government Agencies ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices Israel Tried to Keep Sensitive Spy Tech Under Wraps.

Cybercrime 99

Cybercrime Spyware Data breaches Antivirus 99

Adam Levin

JANUARY 7, 2021

A state-sponsored hacker and/or a member of a foreign government’s intelligence organization may have used the chaos to compromise the security of the Capitol with mechanical spyware or other exploits. Physical documents and print-outs of a potentially sensitive nature may have been stolen.

Computers and Electronics 342

Computers and Electronics Cybersecurity Social Engineering Spyware 342

ForAllSecure

AUGUST 14, 2019

Reports suggest that smishing is one possible attack vector for the spyware. This effectively limits its market to government customers, and these, indeed, seem to have been NSO Group's principal buyers. Government agencies are also targeted. This is not a case of hoarding; this is stealing, the government argued.

Energy and Utilities 40

Energy and Utilities Penetration Testing Government Education 40