Security Affairs

OCTOBER 29, 2023

IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine group have temporarily disabled internet services in some of the territories that have been occupied by the Russian army.

Internet 119

Internet Internet Telecommunications DDOS 119

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage.

Internet 109

Internet Internet Accountability Passwords 109

Security Affairs

DECEMBER 8, 2022

Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. North Korea-linked APT37 group (aka ScarCruft , Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128 , in attacks aimed at South Korean users.

Internet 98

Internet Internet Engineering Malware 98

Security Affairs

JUNE 26, 2023

The Internet Systems Consortium (ISC) addressed three denial-of-service (DoS) vulnerabilities in the DNS software suite BIND. The Internet Systems Consortium (ISC) released security updates to address three denial-of-service (DoS) vulnerabilities in the DNS software suite BIND.

Internet 95

Internet Internet DNS Software 95

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet. The experts found that 76% (178,637 of 233,984) of the Internet-facing firewalls are vulnerable to one or both issues. ” reads the advisory published by Bishop Fox.

Firewall 126

Firewall Hacking Firmware Internet 126

Security Affairs

MAY 4, 2020

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. The same vulnerabilities in the Salt platform have been exploited during the weekend to hack the infrastructure of Lineageos. Pierluigi Paganini.

Internet 111

Internet Internet Hacking Advertising 111

Security Affairs

NOVEMBER 6, 2022

The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The United Kingdom’s National Cyber Security Centre (NCSC) is scanning all Internet-exposed devices hosted in the United Kingdom for vulnerabilities. 35.177.10.231.

Internet 107

Internet Internet Hacking Information Security 107

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking 192

Hacking Accountability Data breaches Marketing 192

Security Affairs

MARCH 12, 2021

Experts at the NetBlocks Internet Observatory observed this week a temporary disruption of internet service in Russia due to new restrictions. On Wednesday 10 March 2021, researchers from Network data from the NetBlocks Internet Observatory observed the disruption of internet service provided by the Russian operator Rostelecom.

Internet 106

Internet Internet Mobile Hacking 106

Security Affairs

OCTOBER 20, 2023

Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks.” Cisco recommends admins to disable the HTTP server feature on systems exposed on the Internet. reads the advisory published by the company.

Hacking 121

Hacking Internet Internet Accountability 121

Security Affairs

FEBRUARY 1, 2023

Censys found 30,000 internet-facing QNAP appliances potentially impacted by a recently disclosed critical code injection flaw. On January 30, Taiwanese vendor QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices. and QuTS hero h5.0.1

Internet 98

Internet Internet Firmware IoT 98

Security Affairs

OCTOBER 20, 2022

While the Russian army is conducting coordinated missile and drone strikes in Ukraine experts observed Internet disruptions in the country. Global internet monitor NetBlocks reported widespread Internet disruptions in the country as a result of the attacks. SecurityAffairs – hacking, Ukraine). Pierluigi Paganini.

Internet 87

Internet Internet Banking Cyber Attacks 87

Security Affairs

DECEMBER 10, 2022

Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. SecurityAffairs – hacking, Pulse). Pierluigi Paganini.

Internet 107

Internet Internet VPN Mobile 107

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. SecurityAffairs – hacking, mining).

Cryptocurrency 96

Cryptocurrency Internet Internet Hacking 96

Security Affairs

AUGUST 15, 2022

Researchers from Cyber looked for VNC exposed over the internet and discovered over 8000 VNC instances with authentication disabled, most of them in China, Sweden, and the United States. Exposing VNCs to the internet, increases the likelihood of a cyberattack. connected via VNC and exposed over the internet. Pierluigi Paganini.

Internet 95

Internet Internet Risk Cybercrime 95

Security Affairs

DECEMBER 2, 2021

Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia. Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. SecurityAffairs – hacking, VPN services). Pierluigi Paganini.

VPN 116

VPN Internet Internet Media 116

Security Affairs

SEPTEMBER 23, 2020

The Internet was shutdown several days and more than 80 websites, most of them news and political sites, were blocked. Qurium forensics report: Internet blocking in Belarus. SecurityAffairs – hacking, Internet). The post HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? They still remain blocked.

Internet 118

Internet Internet DNS Advertising 118

Security Affairs

FEBRUARY 9, 2020

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%. Pierluigi Paganini.

DDOS 140

DDOS Internet Internet Telecommunications 140

Security Affairs

DECEMBER 12, 2023

The Ukrainian government’s military intelligence service announced the hack of the Russian Federal Taxation Service (FNS). The military intelligence service said that the hack was the result of a successful special operation on the territory of Russia. At the same time, the Russian IT company Office.ed-it.ru,

Hacking 99

Hacking Cyber Attacks Backups Government 99

Security Affairs

AUGUST 24, 2023

The North Korea-linked APT group Lazarus has been exploiting a critical vulnerability, tracked as CVE-2022-47966 , in Zoho’s ManageEngine ServiceDesk in attacks aimed at the Internet backbone infrastructure provider and healthcare organizations. The actors exploited a vulnerable ManageEngine ServiceDesk instance to gain initial access.”

Internet 84

Internet Internet Malware Healthcare 84

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. That identifying information was then used to establish a bank account to receive stolen BEC/EAC funds and then transferred to a cryptocurrency account.”

Internet 107

Internet Internet Scams Identity Theft 107

Security Affairs

SEPTEMBER 8, 2021

Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer that is actively exploited by threat actors to hijack vulnerable Windows systems. Pierluigi Paganini.

Internet 119

Internet Internet Engineering Hacking 119

Security Affairs

MARCH 12, 2022

Russian Internet watchdog Roskomnadzor is going to ban Instagram in Russia to prevent the spreading of info related to the Ukraine invasion. Russia will ban Instagram, the decision was announced by Russian Internet watchdog Roskomnadzor. SecurityAffairs – hacking, Russia). Follow me on Twitter: @securityaffairs and Facebook.

Internet 89

Internet Internet Media Hacking 89

Security Affairs

JUNE 27, 2023

Researchers at Censys have identified hundreds of devices deployed within federal networks that have internet-exposed management interfaces. The experts focused on roughly 1,300 of these hosts that were accessible online and discovered hundreds of devices with management interfaces exposed to the public internet.

Internet 79

Internet Internet Firewall Wireless 79

Security Affairs

SEPTEMBER 25, 2023

” According to Shodan, more than 3,000 on-premises servers are exposed to the Internet. ” The link for the Security patch plugin are for TeamCity 2018.2 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, RCE ) The post Alert!

Hacking 118

Hacking Software Authentication Internet 118

SecureList

AUGUST 14, 2023

Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation.

Phishing 73

Phishing Hacking Banking Scams 73

Security Affairs

NOVEMBER 2, 2021

Researchers from Rapid7 reported that of the 60,000 internet-facing GitLab installations: 21% of installs are fully patched against this issue. In addition, ideally, GitLab should not be an internet facing service. If you need to access your GitLab from the internet, consider placing it behind a VPN.” Pierluigi Paganini.

Internet 129

Internet Internet VPN Hacking 129

Security Affairs

SEPTEMBER 5, 2021

A massive DDoS hit New Zealand ‘s third-largest internet operator isolating parts of the country from the Internet. A massive DDoS hit Vocus ISP, New Zealand ‘s third-largest internet operator, isolating parts of the country from the Internet. SecurityAffairs – hacking, DDoS). Pierluigi Paganini.

DDOS 99

DDOS Internet Internet Telecommunications 99

Security Affairs

FEBRUARY 11, 2020

Dear readers, I decided to create a simple Infographic that shows Cybercrime facts in 2019, I’ve done it for Safer Internet Day 2020. SecurityAffairs – cybercrime, hacking). The post Safer internet day – Cybercrime facts Infographic appeared first on Security Affairs. Pierluigi Paganini.

Cybercrime 83

Cybercrime Internet Internet Advertising 83

Security Affairs

MARCH 7, 2022

Anonymous hacked into the most popular Russian streaming services to broadcast war footage from Ukraine. JUST IN: The hacking collective #Anonymous today hacked into the Russian streaming services Wink and Ivi (like Netflix) and live TV channels Russia 24, Channel One, Moscow 24 to broadcast war footage from #Ukraine.

Hacking 97

Hacking Internet Internet Government 97

Security Affairs

JANUARY 21, 2023

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL). ” reads the report published by Censys. .

Hacking 96

Hacking Small Business VPN Internet 96

Security Affairs

AUGUST 20, 2021

The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software. The Internet Systems Consortium (ISC) has released security updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2021-25218 , that affects its BIND DNS software.

DNS 104

DNS Internet Internet Software 104

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 95

Hacking Firmware Authentication DNS 95

Security Affairs

AUGUST 23, 2022

“This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.”. SecurityAffairs – hacking, Hikvision).

Hacking 114

Hacking Firmware Internet Internet 114

Security Affairs

AUGUST 4, 2022

“The attack can be performed without user interaction if the management interface of the device has been configured to be internet facing. “By default, this attack is reachable on the LAN and may be reachable via the internet (WAN) as well if the user has enabled remote web management on their device. Pierluigi Paganini.

Hacking 98

Hacking Internet Internet Passwords 98

Security Affairs

AUGUST 10, 2020

An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference , explained that satellite internet communications are susceptible to eavesdropping and signal interception.

Internet 92

Internet Internet Advertising Encryption 92

Security Boulevard

SEPTEMBER 7, 2021

net, vecna@s0ftpj.org, cogitoesum@yahoo.com, ntwak0@safehack.com, archimedes@security-foundation.net, gridmark@planetmotherfucker.net, ruben@generation.nl, vecna@insertcoint.net, kiddish@hehe.com, blooddjinn@hotmail.com. HackPhreak is a well known U.S

Hacking 105

Hacking Internet Internet Cybercrime 105