Information Security and Software - Cyber Security Informer

New MassJacker clipper targets pirated software seekers

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software

Software Cryptocurrency Malware Encryption

RedLine info-stealer campaign targets Russian businesses through pirated corporate software

Security Affairs

DECEMBER 8, 2024

An ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. Since January 2024, Russian businesses using unlicensed software have been targeted by an ongoing RedLine info-stealer campaign. This method exploits user trust rather than vulnerabilities in the corporate software.

Software

Software Malware Accountability Encryption

Just Culture and Information Security

Adam Shostack

JANUARY 2, 2025

What I said was a password management company had one job, and if they expose your passwords, you should not use their password management software. With a single site, you may be able to monitor for and respond to unusual access patterns rapidly, and you can upgrade all the software at once. There are tradeoffs.

Information Security

Information Security Password Management Passwords Accountability

Attackers exploit SimpleHelp RMM Software flaws for initial access

Security Affairs

JANUARY 28, 2025

Threat actors exploit recently fixed SimpleHelp RMM software vulnerabilities to breach targeted networks, experts warn. “On 22 January 2025, Arctic Wolf began observing a campaign involving unauthorised access to devices running SimpleHelp RMM software as an initial access vector. ” reads the report published by Artic Wolf.

Software

Software Passwords Accountability Encryption

HPE fixed multiple flaws in its StoreOnce software

Security Affairs

JUNE 4, 2025

“Potential security vulnerabilities have been identified in HPE StoreOnce Software.” “An authentication bypass vulnerabilityexists in HPE StoreOnce Software.” These issues could allow remote code execution, authentication bypass, data leaks, and more. ” reads the advisory.

Software

Software Backups Authentication Hacking

Researchers found one-click RCE in ASUS’s pre-installed software DriverHub

Security Affairs

MAY 12, 2025

An attacker can exploit this vulnerability to install malicious software. Researcher MrBruh found that while it only accepts requests with an origin header set to driverhub.asus.com, a flawed wildcard match allowed requests from domains like driverhub.asus.com.mrbruh.com.

Software

Software Hacking Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Hacking Cybercrime Advertising Data breaches

U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 20, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog. to its Known Exploited Vulnerabilities (KEV) catalog.

Software

Software Hacking Cybersecurity Risk

Android spyware hidden in mapping software targets Russian soldiers

Security Affairs

APRIL 23, 2025

“Alpine Quest is topographic software that allows different maps to be used both in online and offline mode. The malicious code was hidden in a trojanized Alpine Quest app and spread via Russian Android catalogs. ” reads the report published by Doctor Web.

Spyware

Spyware Software Malware Hacking

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT. According to the security breach notification published by GosSOPKA, the attack occurred on February 21, 2025. ” reads the security breach notification published by GosSOPKA.

Telecommunications

Telecommunications Software Technology Healthcare

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. Similarly, software bills of materials (SBOMs) underscore the need for better accountability in third-party software.

Cybersecurity

Cybersecurity CISO Risk Government

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. “This is the first time Mandiant has seen a software supply chain attack lead to another software supply chain attack,” reads the April 20 Mandiant report.

Malware

Malware Software Technology Accountability

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

.” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. The study focused on the latest software version (74.00.324A), but experts believe that earlier versions (at least 70.x) x) may also be vulnerable.

Hacking

Hacking Firmware Software Manufacturing

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Security Affairs

DECEMBER 3, 2024

The vulnerability resides in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software, an unauthenticated, remote attacker could exploit the flaw to conduct a cross-site scripting (XSS) attack against a user of WebVPN on the Cisco ASA. ” reads the advisory. ” continues the advisory.

Software

Software Hacking Information Security

‘Trojan Source’ Bug Threatens the Security of All Code

Krebs on Security

OCTOBER 31, 2021

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. ” Image: XKCD.com/2347/.

Software

Software Information Security Encryption Government

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Security Affairs

APRIL 1, 2025

Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825 , in the CrushFTP file transfer software. The file transfer software maker CrushFTP urge customers to take immediate action to address the vulnerability. The vulnerability impacts CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0,

Authentication

Authentication Software Ransomware Hacking

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Security Affairs

MARCH 30, 2025

This week, Cl0p ransomware group listed Sams Club among the victims of its December Cleo software exploit , accusing it of ignoring security. “We are aware of reports regarding a potential security incident and are actively investigating the matter,” a company spokesperson told BleepingComputer.

Ransomware

Ransomware Data breaches Software Hacking

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

The most severe flaw included in the September 2024 security bulletin is the critical, remote code execution (RCE) vulnerability CVE-2024-40711 (CVSS v3.1 Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. Some of these VPNs were running unsupported software versions.”

Backups

Backups VPN Ransomware Authentication

Apache Foundation fixed a severe Tomcat vulnerability

Security Affairs

DECEMBER 24, 2024

The Apache Software Foundation fixed a Tomcat server software flaw that could lead to remote code execution under certain conditions. The Apache Software Foundation (ASF) addressed an important vulnerability, tracked as CVE-2024-56337 , in its Tomcat server software. M1 through 11.0.1, M1 through 10.1.33, and 9.0.0.M1

Software

Software Hacking Technology Information Security

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

Security Affairs

MAY 27, 2025

Sophos researchers reported that a DragonForce ransomware operator exploited three chained vulnerabilities in SimpleHelp software to attack a managed service provider. SimpleHelp is a remote support and access software designed for IT professionals and support teams. reads the report published by Artic Wolf.

Ransomware

Ransomware Software Retail Data breaches

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Security Affairs

NOVEMBER 9, 2024

The most severe flaw included in the September 2024 security bulletin is a critical, remote code execution (RCE) vulnerability tracked as CVE-2024-40711 (CVSS v3.1 Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. impacting Veeam Backup & Replication (VBR).

Backups

Backups Ransomware VPN Accountability

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM).

Software

Software Authentication IoT Hacking

A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

Security Affairs

JANUARY 22, 2025

A vulnerability in the 7-Zip file software allows attackers to bypass the Mark of the Web (MotW) Windows security feature. Attackers can exploit a vulnerability, tracked as CVE-2025-0411 , in the free, open-source file archiver software 7-Zip to bypass the Mark of the Web (MotW) Windows security feature.

Software

Software Internet Internet Hacking

An X user claimed a 7-Zip zero-day vulnerability, but 7-Zip’s creator says is a fake

Security Affairs

DECEMBER 30, 2024

An X user using the handle @NSA_Employee39 disclosed a zero-day vulnerability in the open-source file archive software 7-Zip. A verified X account, @NSA_Employee39, claimed to disclose a zero-day vulnerability in the open-source file archive software 7-Zip. 7z archive. It uses a crafted.7z ” wrote on Pastebin. It uses a crafted.7z

Software

Software Hacking Accountability Information Security

BIND updates fix four high-severity DoS bugs in the DNS software suite

Security Affairs

JULY 26, 2024

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released security updates for BIND that address DoS vulnerabilities that could be remotely exploited.

DNS

DNS Software Internet Internet

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software. “Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.”

Identity Theft

Identity Theft Passwords Malware Banking

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

With both date of birth and SSNs being compromised, malicious actors have all the information they need to conduct fraud and impersonate AT&T customers. " Also: Stop paying for antivirus software. Trey Ford, Chief Information Security Officer at crowdsourced cybersecurity firm Bugcrowd offers an interesting take.

Password Management

Password Management Passwords Artificial Intelligence Software

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

The experts used a diagnostic software to analyze the vehicle architecture, scan the Electronic Control Unit (ECU), identify its version, and test diagnostic functions. The research combined hardware interfaces and software to communicate with the vehicle via Diagnostic Over Internet Protocol (DoIP).

Software

Software Architecture Media Engineering

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

As a result, The majority of businesses (55 percent) are using some sort of a tool to monitor for insider threats; including data leak prevention (DLP) software (54 percent), user behavior analytics (UBA) software (50 percent), and employee monitoring and surveillance (47 percent). Yes, they are cheap to apply. They can be dynamic.

Marketing

Marketing Software Surveillance Information Security

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

i speak at conferences around the world and run workshops on how to build more secure software within organisations. i'm a pluralsight author, microsoft regional director and most valued professional (mvp) specialising in online security and cloud development.

Data breaches

Data breaches Technology Software Information Security

Citrix addressed NetScaler console privilege escalation flaw

Security Affairs

FEBRUARY 20, 2025

Cloud Software Group recommends configuring external authentication for NetScaler Console as a best practice.” ” Cloud Software Group addressed the flaw with the release of the following versions: NetScaler Console 14.1-38.53 ” reads the advisory published by Netscaler. and later releases NetScaler Console 13.1-56.18

Authentication

Authentication Software Hacking Information Security

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. Below is an update published on October 18, 2024: Based on our investigations, we are confident that there has been no breach of our systems.

Cybercrime

Cybercrime Data breaches Technology Banking

Cisco fixed tens of vulnerabilities, including an actively exploited one

Security Affairs

OCTOBER 24, 2024

None of the above vulnerabilities are actively exploited in the wild.

VPN

VPN Firewall Passwords Software

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

Security Affairs

JANUARY 21, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber scams involving threat actors impersonating the agency by sending fraudulent AnyDesk connection requests under the guise of security audits. CERT-UA pointed out that it uses the software AnyDesk in some cases, but only with prior approval via official channels.

Social Engineering

Social Engineering Scams Engineering Software

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism in UEFI systems. The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system and platform firmware. SANFONG Inc.,

Firmware

Firmware Technology Software Manufacturing

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. “These criminals are after your hard-earned money, targeting your bank accounts and cryptocurrency wallets with fake login pages and malware disguised as safe software.”

Antivirus

Antivirus Malware Banking Passwords

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. At the time, NSO Group’s General Counsel Chaim Gelfand admitted that the company had “made mistakes,” but that after the abuses of its software made the headlines it has canceled several contracts.

Spyware

Spyware Government Surveillance Hacking

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. ” Ryan English , an information security engineer at Lumen, said it’s disappointing his employer didn’t at least garner an honorable mention in Versa’s security advisory.

Internet

Internet Internet Technology Engineering

China-linked APTs’ tool employed in RA World Ransomware attack

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups.

Ransomware

Ransomware Software Cybercrime Encryption

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

.” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials including websites, software applications, music, audiovisual, and print materials. As of September 5, 2024, the Internet Archive held more than 42.1 million print materials, 13 million videos, 1.2

Data breaches

Data breaches Internet Internet DDOS

Roundcube Webmail under fire: critical exploit found after a decade

Security Affairs

JUNE 4, 2025

has been discovered in the Roundcube webmail software. A critical flaw in Roundcube webmail, undetected for 10 years, allows attackers to take over systems and execute arbitrary code. A critical flaw, tracked as CVE-2025-49113 (CVSS score of 9.9)

Authentication

Authentication Risk Hacking Technology

Operation SyncHole: Lazarus APT targets supply chains in South Korea

Security Affairs

APRIL 25, 2025

The campaign has been active since at least November 2024, Lazarus Group is targeting South Korean organizations using watering hole tactics and exploiting software vulnerabilities. The group exploited South Korea-specific software, notably Innorix Agent, for lateral movement, embedding malware disguised as legitimate services.

Malware

Malware Software Encryption Hacking

Palo Alto Networks fixed a high-severity PAN-OS flaw

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. Palo Alto Networks addressed a high-severity PAN-OS flaw that could trigger denial-of-service (DoS) on vulnerable devices. ” reads the advisory.

DNS

DNS Firewall Spyware Software

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Military software is unlikely to be any more secure than commercial software. And since military software is vulnerable to the same cyberattacks as commercial software, military supply chains have many of the same risks. A 2018 GAO report expressed concern regarding the lack of secure and patchable U.S.

Software

Software Cybersecurity Backups Manufacturing

New MassJacker clipper targets pirated software seekers

RedLine info-stealer campaign targets Russian businesses through pirated corporate software

Trending Sources

Just Culture and Information Security

Attackers exploit SimpleHelp RMM Software flaws for initial access

HPE fixed multiple flaws in its StoreOnce software

Researchers found one-click RCE in ASUS’s pre-installed software DriverHub

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

Android spyware hidden in mapping software targets Russian soldiers

Russia warns financial sector organizations of IT service provider LANIT compromise

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

3CX Breach Was a Double Supply Chain Compromise

Mazda Connect flaws allow to hack some Mazda vehicles

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

‘Trojan Source’ Bug Threatens the Security of All Code

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Apache Foundation fixed a severe Tomcat vulnerability

DragonForce operator chained SimpleHelp flaws to target an MSP and its customers

Veeam Backup & Replication exploit reused in new Frag ransomware attack

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

An X user claimed a 7-Zip zero-day vulnerability, but 7-Zip’s creator says is a fake

BIND updates fix four high-severity DoS bugs in the DNS software suite

International law enforcement operation dismantled RedLine and Meta infostealers

86 million AT&T customer records reportedly up for sale on the dark web

Experts found multiple flaws in Mercedes-Benz infotainment system

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Data Enrichment, People Data Labs and Another 622M Email Addresses

Citrix addressed NetScaler console privilege escalation flaw

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Cisco fixed tens of vulnerabilities, including an actively exploited one

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Poland probes Pegasus spyware abuse under the PiS government

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

China-linked APTs’ tool employed in RA World Ransomware attack

Internet Archive data breach impacted 31M users

Roundcube Webmail under fire: critical exploit found after a decade

Operation SyncHole: Lazarus APT targets supply chains in South Korea

Palo Alto Networks fixed a high-severity PAN-OS flaw

Vulnerabilities in Weapons Systems

Stay Connected