Source: heimdalsecurity.com – Author: Cristian Neagu A vulnerability in the Cisco SD-WAN vManage management tool enables a remote, unauthenticated attacker to obtain read or restricted write...
Day: July 19, 2023
Zoom Vulnerabilities Allow Attackers to Escalate Privileges – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Mihaela Marian Six high-severity and one low-severity vulnerability patches have been released by Zoom. These flaws, if left unattended, would allow threat...
Chinese Hackers Breach Government Email – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Adelina Deaconu Microsoft has revealed that Chinese hackers successfully accessed the email accounts of various government organizations. The breach was reportedly detected...
International Diplomats Targeted by Russian Hacking Group APT29 – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Mihaela Marian Russian state-sponsored hacking group ‘APT29,’ also known as Nobelium or Cloaked Ursa, has employed innovative tactics to target diplomats in...
What Is Advanced Endpoint Protection. Key Features and Benefits – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Livia Gyongyoși Advanced Endpoint Protection (AEP) is an AI-powered cybersecurity toolkit that focuses on detecting and preventing unknown cyber threats from harming...
Weekly Update 356 – Source: www.troyhunt.com
Source: www.troyhunt.com – Author: Troy Hunt Today was a bit back-to-back having just wrapped up the British Airways Magecart attack webinar with Scott. That was actually...
What Is Vulnerability Management? – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Cristian Neagu What Is Vulnerability Management? Vulnerability management is an ongoing risk-based approach to discovering, prioritizing, and mitigating vulnerabilities and misconfigurations. The purpose...
Lucky MVP 13 – Source: www.troyhunt.com
Source: www.troyhunt.com – Author: Troy Hunt Each year since 2011, Microsoft has sent me a lovely email around this time: I’ve been fortunate enough to find...
New Vulnerabilities Found in Adobe ColdFusion – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Security researchers from Rapid7 have found active exploitation of multiple vulnerabilities in Adobe ColdFusion, a web development computing platform. On July...
CISA Unveils Guide to Aid Firms Transition to Cloud Security – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The US Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive factsheet on July 17, 2023, to assist businesses transitioning...
drIBAN Fraud Operations Target Corporate Banking Customers – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Threat actors have extensively been using a sophisticated web-inject kit called drIBAN to orchestrate fraudulent attacks on corporate banking institutions and...
JumpCloud Confirms Data Breach By Nation-State Actor – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Identity and access management solutions provider JumpCloud has revealed on July 12, 2023, that it was the target of a security breach...
Suspected Scareware Fraudster Arrested After Decade on the Run – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 A suspected scammer who used scareware to trick hundreds of thousands of global victims into handing over money has been arrested...
WooCommerce Bug Exploited in Targeted WordPress Attacks – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Security researchers have recorded over one million attempts to compromise a popular WordPress plugin over the past few days. Wordfence said...
IT Security Pro Jailed for Attempted Extortion – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 A former IT security analyst has been jailed for three years and seven months after attempting to extort his employer, according...
BreachForums Admin Pleads Guilty to Hacking Charges – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Conor Brian Fitzpatrick, famously known as “Pompompurin,” has entered a guilty plea for hacking charges in the United States District Court...
Ukraine’s CERT-UA Exposes Gamaredon’s Rapid Data Theft Methods – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The Ukrainian government’s Computer Emergency Response Team (CERT-UA) has recently unveiled the rapid data theft methods of the APT known as...
Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Attackers have been observed using the notorious Sorillus remote access trojan (RAT) and phishing attacks to exploit Google Firebase Hosting infrastructure. The...
Virustotal data leak exposed data of some registered customers, including intelligence members – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The online malware scanning service VirusTotal leaked data associated with some registered customers, German newspapers reported. German newspapers Der Spiegel and Der...
FIN8 Group spotted delivering the BlackCat Ransomware – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group...
Hacking campaign targets sites using WordPress WooCommerce Payments Plugin – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively...
JumpCloud revealed it was hit by a sophisticated attack by a nation-state actor – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Software firm JumpCloud announced it was the victim of a sophisticated cyber attack carried out by a nation-state actor. JumpCloud...
Adobe warns customers of a critical ColdFusion RCE exploited in attacks – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Adobe is warning customers of a critical ColdFusion pre-authentication RCE bug, tracked as CVE-2023-29300, which is actively exploited. Adobe warns...
Admins of Genesis Market marketplace sold their infrastructure on a hacker forum – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The admins of the darkweb Genesis Market announced the sale of their platform to a threat actor that will restart...
Cisco fixed a critical flaw in SD-WAN vManage – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Cisco warns of a critical unauthenticated REST API access vulnerability, tracked as CVE-2023-20214, impacting its SD-WAN vManage. Cisco addressed a...
Pompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornography – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges. The owner of the BreachForums...
WormGPT, the generative AI tool to launch sophisticated BEC attacks – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The WormGPT case: How Generative artificial intelligence (AI) can improve the capabilities of cybercriminals and allows them to launch sophisticated...
Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Privacy Overview This website uses cookies to improve your experience while you navigate through the website. Out of these cookies,...
Key findings from ESET Threat Report H1 2023 – Week in security with Tony Anscombe – Source: www.welivesecurity.com
Source: www.welivesecurity.com – Author: Editor Here’s how cybercriminals have adjusted their tactics in response to Microsoft’s stricter security policies and other interesting findings from ESET’s new...
The danger within: 5 steps you can take to combat insider threats – Source: www.welivesecurity.com
Source: www.welivesecurity.com – Author: Márk Szabó Some threats may be closer than you think. Are security risks that originate from your own trusted employees on your...