Source: thehackernews.com – Author: . The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as...
Day: January 23, 2024
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomSoftware Security / Supply Chain Two malicious packages discovered on the npm package registry have been found to leverage...
“Activator” Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomMalware / Cryptocurrency Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable...
From Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS Attacks – Source:thehackernews.com
Source: thehackernews.com – Author: . As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal...
Windows 10 KB5034203 preview update adds EU DMA compliance – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft has released the January 2024 preview update for Windows 10, version 22H2, which adds Digital Markets Act (DMA) compliance...
Jason’s Deli says customer data exposed in credential stuffing attack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Jason’s Deli is warning of a data breach in notifications sent to customers of its online platform stating that their...
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows...
Australia sanctions REvil hacker behind Medibank data breach – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack...
New Cybersecurity Governance Code Puts Cyber Risks on Boardroom Agenda – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The UK government has published a new Code of Practice on cybersecurity governance, targeting directors and other senior business leaders. The...
French Watchdog Slams Amazon with €32m Fine for Spying on Workers – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Amazon France Logistique, a subsidiary of the e-commerce giant that manages its large warehouses in France, has been fined €32m ($35m)...
Australia Sanctions Russian Hacker Behind Medibank Breach – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The Australian government has publicly named a Russian cybercriminal as responsible for the Medibank data breach, which affected 9.7 million people....
LoanDepot data breach impacted roughly 16.6 individuals – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini LoanDepot data breach impacted roughly 16.6 individuals Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 million...
Black Basta gang claims the hack of the UK water utility Southern Water – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Black Basta gang claims the hack of the UK water utility Southern Water The Black Basta ransomware gang claimed to...
CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds VMware vCenter Server bug to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds...
Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed Cybersecurity researcher Bob Dyachenko...
Apple fixed actively exploited zero-day CVE-2024-23222 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Apple fixed actively exploited zero-day CVE-2024-23222 Apple addressed the first zero-day vulnerability that impacts iPhones, Macs, and Apple TVs. The...
“My Slice”, an Italian adaptive phishing campaign – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini “My Slice”, an Italian adaptive phishing campaign Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity...
Top 6 LastPass Alternatives and Competitors for 2024 – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Franklin Okeke We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not...
Australia imposes cyber sanctions on Russian it says ransomwared health insurer – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Australia’s government has used the “significant cyber incidents” sanctions regime it introduced in 2021 for the first time, against a...
Atlassian Confluence Server RCE attacks underway from 600+ IPs – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 – a critical bug in out–of-date versions...
Slug slimes aerospace biz AerCap with ransomware, brags about 1TB theft – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register AerCap, the world’s largest aircraft leasing company, has reported a ransomware infection that occurred earlier this month, but claims it...
EFF adds Street Surveillance Hub so Americans can check who’s checking on them – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register For a country that prides itself on being free, America does seem to have an awful lot of spying going...
Ivanti and Juniper Networks accused of bending the rules with CVE assignments – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Critics are accusing major tech companies of not sticking to the rules when it comes to registering vulnerabilities with the...
Subway’s data torpedoed by LockBit, ransomware gang claims – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register The LockBit ransomware gang is claiming an attack on submarine sandwich slinger Subway, alleging it has made off with a...
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomCyber Crime / Dark Web Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised...
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomVulnerability / Cyber Attack Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian...
Apple Issues Patch for Critical Zero-Day in iPhones, Macs – Update Now – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 23, 2024NewsroomVulnerability / Device Security Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser...
Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Apple pushes out fresh versions of its iOS and macOS platforms to fix WebKit vulnerabilities being exploited as zero-day in...
Security Experts Describe AI Technologies They Want to See – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine SecurityWeek interviews a wide spectrum of security experts on AI-driven cybersecurity use-cases that are worth immediate attention. The post Security...
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed. The post Hackers...