Security Affairs

NOVEMBER 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. million patients in the U.S. million patients in the U.S.

Data breaches 81

Data breaches Surveillance Cryptocurrency Ransomware 81

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 99

Social Engineering Spyware Data breaches Surveillance 99

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 84

Data breaches DDOS Artificial Intelligence Ransomware 84

CyberSecurity Insiders

SEPTEMBER 10, 2021

Cybersecurity firm Resecurity has confirmed that a hacker/s have breached the systems related to United Nations leading to the data breach. Gene Yoo, the CEO of Resecurity says that organizations such as UN are likely to be hit by a cyber attack as they have data that has immense value on the dark web.

Cyber Attacks 134

Cyber Attacks Surveillance Encryption Data breaches 134

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Will Enable Mass Spying Reddit Says Leaked U.S.-U.K.

Data breaches 83

Data breaches Ransomware Hacking Financial Services 83

Security Affairs

FEBRUARY 19, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

DDOS 79

DDOS Data breaches Surveillance Ransomware 79

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. Reached by phone today, Jansson said he quit the company in August, right around the time Gunnebo disclosed the thwarted ransomware attack.

Hacking 345

Hacking Ransomware Banking Accountability 345

Security Affairs

SEPTEMBER 3, 2022

Google rolled out emergency fixes to address actively exploited Chrome zero-day Samsung discloses a second data breach this year The Prynt Stealer malware contains a secret backdoor. users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M

Data breaches 63

Data breaches Malware Surveillance Ransomware 63

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 80

Spyware Surveillance Artificial Intelligence Data breaches 80

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 86

Spyware Surveillance Identity Theft DDOS 86

Security Affairs

AUGUST 29, 2021

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs Memorial Health System forced to cancel surgeries after ransomware attack Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP. Be sure it is up to date! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware 101

Spyware Data breaches Surveillance Hacking 101

Schneier on Security

MARCH 5, 2020

To do so, they are using a variety of digital communications and surveillance systems. By hacking these systems and corrupting medical data, states with formidable cybercapabilities can change and manipulate data right at the source. This includes cybersecurity, security, risk management, surveillance, and containment measures.

Surveillance 338

Surveillance Hacking Government Risk 338

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 69

Data breaches Spyware Retail Surveillance 69

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 90

Data breaches Malware Mobile Spyware 90

Security Affairs

NOVEMBER 24, 2019

Crooks use carding bots to check stolen card data ahead of the holiday season. New NextCry Ransomware targets Nextcloud instances on Linux servers. CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance. Ransomware infected systems at state government of Louisiana. Google will pay up to $1.5m

Data breaches 83

Data breaches Wireless Banking Advertising 83

Security Affairs

MARCH 26, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches 73

Data breaches DDOS Backups Ransomware 73

DoublePulsar

APRIL 20, 2023

Russian hackers exfiltrated data from from Capita over a week before outage Capita have finally admitted a data breach , but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. Previously, they said 31st March — the date of the “IT Incident”.

Ransomware 126

Ransomware Government Data breaches Media 126

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 78

Cyber Attacks Firewall Data breaches Telecommunications 78

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5 Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Small Business 74

Small Business Spyware Data breaches Surveillance 74

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 US seizes $3.6

Spyware 69

Spyware Surveillance Ransomware Hacking 69

Security Affairs

APRIL 17, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Wireless 71

Wireless Data breaches Hacking Surveillance 71

Security Affairs

MAY 10, 2020

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data. SecurityAffairs – hacking, ransomware).

Manufacturing 105

Manufacturing Malware Data breaches Backups 105

Malwarebytes

OCTOBER 11, 2021

Police take a piece out of a ransomware gang , but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Last week on Malwarebytes Labs. Does Cybersecurity Awareness Month actually improve security? Is it any good for security?

Surveillance 65

Surveillance Data breaches Ransomware Cybercrime 65

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 68

Spyware Ransomware Malware Data breaches 68

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Every week the best security articles from Security Affairs free for you in your email box.

Spyware 115

Spyware Manufacturing Small Business Surveillance 115

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 86

Spyware Hacking Data breaches Mobile 86

Schneier on Security

FEBRUARY 27, 2023

If we want to address the real problem, we need to enact serious privacy laws, not security theater, to stop our data from being collected, analyzed, and sold—by anyone. And the Chinese government regularly steals data from US organizations for its own use: Equifax , Marriott Hotels , and the Office of Personnel Management are examples.

Internet 345

Internet Internet Firewall Government 345

Malwarebytes

FEBRUARY 28, 2024

Ongoing surveillance and response The implementation of ThreatDown MDR services on January 18th, 2024, was a strategic move by the MSP to gain deeper insights into the attackers’ movements. In this example, if the attack had been allowed to continue, the MSP could have suffered a ransomware attack, data breach, or both.

Malware 85

Malware DNS Surveillance Backups 85

Security Affairs

FEBRUARY 14, 2021

COMB breach: 3.2B COMB breach: 3.2B

Spyware 84

Spyware Phishing Data breaches Surveillance 84

Security Affairs

JULY 18, 2021

If you want to also receive for free the international press subscribe here.

Spyware 54

Spyware Surveillance Ransomware Retail 54

Security Affairs

SEPTEMBER 6, 2020

Is the Belarusian government behind the surveillance Android app banned by Google? The Twitter account of Indian Prime Minister Modi was hacked Evilnum APT used Python-based RAT PyVil in recent attacks SunCrypt Ransomware behind North Carolina school district data breach U.S.

Wireless 71

Wireless Surveillance Advertising Hacking 71

Security Affairs

APRIL 12, 2020

hacked, data of 600k users available for sale Updated: Italian email provider Email.it supports the Secure Boot Fake Cisco ‘Critical Update used in phishing campaign to steal WebEx credentials Hackers accessed staff mailboxes at Italian bank Monte dei Paschi SFO discloses data breach following the hack of 2 of its websites.

Hacking 85

Hacking Advertising Surveillance Phishing 85

Security Affairs

NOVEMBER 3, 2019

Ransomware hit TrialWorks, law firms and lawyers were not able to access court documents. New FuxSocy Ransomware borrows code from defunct Cerber. UniCredit bank discloses a data breach that impacted 3 million of Italian clients. Emsisoft released a free decryption tool for Paradise ransomware. NCSC Report: U.K.

Data breaches 42

Data breaches Cyber Attacks Telecommunications Advertising 42

Security Affairs

SEPTEMBER 1, 2019

Hostinger disclosed a data breach that affects 14 Million customers. Binance says that leaked KYC Data are from third-party vendor. Nemty Ransomware, a new malware appears in the threat landscape. Imperva data Breach: WAF customers data exposed. Code Execution and DoS flaw addressed in QEMU.

eCommerce 47

eCommerce Data breaches Malware Advertising 47

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 86

Spyware Surveillance Insurance Malware 86

SecureWorld News

SEPTEMBER 28, 2022

Russia moved ahead of the United Kingdom into third place (China remains second), "largely as a result of greater demonstrations of intent and capability in the fields of espionage, destructive attacks, and domestic surveillance," according to the announcement of the NCPI's release. Surveillance – 4th behind China, Vietnam, and Iran.

Surveillance 110

Surveillance Technology Government Data breaches 110

Security Affairs

JULY 23, 2023

Multiple DDoS botnets were observed targeting Zyxel devices CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices Experts believe North Korea behind JumpCloud supply chain attack Nice Suzuki, sport: shame dealer left your data up for grabs Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group ALPHV/BlackCat and (..)

DDOS 84

DDOS Hacking Spyware Surveillance 84