Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs
FEBRUARY 9, 2025
What are the risks?
This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Security Affairs
FEBRUARY 9, 2025
What are the risks?
Security Affairs
NOVEMBER 17, 2024
CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
DECEMBER 22, 2024
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion Spyware distributed through Amazon Appstore BADBOX Botnet Is Back Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware 4.5
Security Affairs
FEBRUARY 23, 2025
CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog Juniper Networks fixed a critical flaw in Session Smart Routers China-linked APT group Winnti targets Japanese organizations since March 2024 Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers (..)
Security Affairs
FEBRUARY 11, 2024
Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5
Security Affairs
APRIL 9, 2020
Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.
Security Affairs
MARCH 8, 2025
Quantum computers threaten to break online security in minutes, expert warns ENISA NIS360 2024 Catalan court says NSO Group executives can be charged in spyware investigation Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)
Security Affairs
MARCH 8, 2020
The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.
Security Affairs
SEPTEMBER 14, 2024
CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M
Security Affairs
APRIL 26, 2020
Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.
Security Affairs
JUNE 5, 2022
Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited Microsoft blocked Polonium attacks against Israeli organizations LockBit ransomware attack impacted production in a Mexican Foxconn plant Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks An international police operation dismantled FluBot (..)
Security Affairs
JULY 7, 2024
GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io
Security Affairs
MARCH 4, 2023
stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M
Security Affairs
APRIL 24, 2022
Phishing attacks using the topic “Azovstal” targets entities in Ukraine Conti ransomware claims responsibility for the attack on Costa Rica Cyber Insurance and the Changing Global Risk Environment A stored XSS flaw in RainLoop allows stealing users’ emails QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS Pwn2Own Miami hacking contest (..)
Security Boulevard
MAY 3, 2021
roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.
Security Affairs
NOVEMBER 11, 2023
Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams How a ‘Refund Fraud’ Gang Stole $700,000 From Amazon Info from 5.6
Security Affairs
MARCH 24, 2024
Government’s Antitrust Case Against Apple Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ramadan )
Security Affairs
SEPTEMBER 1, 2024
CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog International Press – Newsletter Cybercrime Telegram messaging app CEO Durov arrested in France Thousands of travelers, airport operations impacted by Port of Seattle cyberattack Hacker who stole 3 billion US data was discovered and is Brazilian Pressure Grows in Congress to (..)
Security Affairs
SEPTEMBER 12, 2019
“The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands.” The attacker could exploit the flaw to. ” continues the post.
Security Affairs
JUNE 25, 2023
Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)
Security Affairs
JULY 7, 2019
ViceLeaker Android spyware targets users in the Middle East. Updates for Samsung, the scam app with 10M+ downloads. FBI warns on sextortion scams targeting teenagers. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. New variant of Dridex banking Trojan implements polymorphism.
Security Boulevard
FEBRUARY 10, 2025
The biggest breach of US government data is under way TechCrunch This is included for the privacy and cybersecurity ramifications of departing from basic information security principles. this is certainly a news item worth paying attention to. Some of these users were journalists critical of the Italian government.
Security Affairs
MAY 8, 2020
Thus, the number of phishing attacks on cloud storages nearly doubled last year, while Internet providers have seen the three-fold increase in the number of phishing scams targeting them. They, in turn, let spyware and backdoors move ahead and become the second most popular malware with a 35-percent share.
Security Boulevard
JANUARY 25, 2022
Dancho Danchev’s “Astalavista Security Group – Investment Proposal” Presentation – A Photos Compilation. Dancho Danchev’s “Building and Implementing a Successful Information Security Policy” White Paper – [PDF]. Exposing a Currently Active Domain Portfolio of Tech Support Scam Domains – An OSINT Analysis.
Security Boulevard
AUGUST 1, 2024
As we celebrate the power of the internet to connect people and share information, we must also acknowledge the vulnerabilities that come with this connectivity. Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality.
Thales Cloud Protection & Licensing
JULY 31, 2024
As we celebrate the power of the internet to connect people and share information, we must also acknowledge the vulnerabilities that come with this connectivity. Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality.
Security Affairs
APRIL 27, 2025
million patients Crooks exploit the death of Pope Francis WhatsApp introduces Advanced Chat Privacy to protect sensitive communications Android spyware hidden in mapping software targets Russian soldiers Crypto mining campaign targets Docker environments with new evasion technique The popular xrpl.js
Security Affairs
FEBRUARY 25, 2024
Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.
CyberSecurity Insiders
JANUARY 31, 2021
Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.
Security Affairs
AUGUST 11, 2024
CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog Russian cyber spies stole data and emails from UK government systems 0.0.0.0
Security Affairs
MAY 26, 2024
million individuals North Korea-linked Kimsuky used a new Linux backdoor in recent attacks International Press – Newsletter Cybercrime Healthcare company WebTPA discloses breach affecting 2.5
Security Affairs
JUNE 23, 2024
US government sanctions twelve Kaspersky Lab executives Experts found a bug in the Linux version of RansomHub ransomware UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models Russia-linked APT Nobelium targets French diplomatic entities US bans sale of Kaspersky products due to risks (..)
Security Affairs
MARCH 2, 2025
CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog Lazarus APT stole $1.5B Billion Bybit Hack Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts Silent Push Pivots into New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B
Security Affairs
MAY 11, 2025
CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why were followed online Google to pay Texas $1.4 CVSS) in IOS XE That Enables Root Exploits via JWT Internet tracking: How and why were followed online Google to pay Texas $1.4
Security Affairs
SEPTEMBER 22, 2024
The cybercriminal’s playground The Dark Nexus Between Harm Groups and ‘The Com’ Phishing Pages Delivered Through Refresh HTTP Response Header How scammers bypass customer identity verification using deepfakes Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals Chinese National Charged for Multi-Year (..)
Security Affairs
DECEMBER 22, 2024
CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog ConnectOnCall data breach impacted over 900,000 individuals Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise (..)
Security Affairs
APRIL 13, 2025
CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog A member of the Scattered Spider cybercrime group pleads guilty The controversial case of the threat actor EncryptHub PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets EDR-as-a-Service (..)
Expert insights. Personalized for you.
We have resent the email to
Are you sure you want to cancel your subscriptions?
Let's personalize your content