Source: securityaffairs.com – Author: Pierluigi Paganini. UK and US agencies are warning of Russia-linked APT28 group exploiting vulnerabilities in Cisco networking equipment. Russia-linked APT28 group accesses unpatched Cisco...
Author:
Iran-linked Mint Sandstorm APT targeted US critical infrastructure – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021...
PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new...
Experts temporarily disrupted the RedLine Stealer operations – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. Security experts from ESET, have temporarily disrupted the operations of the RedLine Stealer with the help of GitHub. ESET researchers...
CISA adds bugs in Chrome and macOS to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. US Cybersecurity and Infrastructure Security Agency (CISA) added Chrome and macOS vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity...
The intricate relationships between the FIN7 group and members of the Conti ransomware gang – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang....
Israeli surveillance firm QuaDream is shutting down amidst spyware accusations – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week...
New QBot campaign delivered hijacking business correspondence – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware. In early April, Kaspersky experts...
China-linked APT41 group spotted using open-source red teaming tool GC2 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization. Google Threat...
Vice Society gang is using a custom PowerShell tool for data exfiltration – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. Vice Society ransomware operators have been spotted using a PowerShell tool to exfiltrate data from compromised networks. Palo Alto Unit...
Experts warn of an emerging Python-based credential harvester named Legion – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. Legion is an emerging Python-based credential harvester and hacking tool that allows operators to break into various online services. Cado...
Experts found the first LockBit encryptor that targets macOS systems – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini. Researchers warn that the LockBit ransomware gang has developed encryptors to target macOS devices. The LockBit group is the first...
NCR was the victim of BlackCat/ALPHV ransomware gang
NCR was the victim of the BlackCat/ALPHV ransomware gang, the attack caused an outage on the company’s Aloha PoS platform. NCR Corporation, previously known as National...
Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition
Privacy Overview This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as...
Remcos RAT campaign targets US accounting and tax return preparation firms
Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Ahead of the U.S. Tax Day,...
New Android malicious library Goldoson found in 60 apps +100M downloads
A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. The Goldoson library was discovered by researchers from...
Siemens Metaverse exposes sensitive corporate data
Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and...
CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog
US Cybersecurity and Infrastructure Security Agency (CISA) added Android and Novi Survey flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA)...
Volvo retailer leaks sensitive files
The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in...
A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays
The Cornwall Community Hospital in Ontario, Canada, is under a cyber attack that is causing delays to scheduled and non-urgent care. A cyberattack on the Cornwall...
Google fixed the first Chrome zero-day of 2023
Google released an emergency security update to address a zero-day vulnerability in Chrome which is actively exploited in the wild. Google released an emergency security update to address the first Chrome zero-day...
Kodi discloses data breach after its forum was compromised
Open-source media player software provider Kodi discloses a data breach after threat actors stole its MyBB forum database. Kodi has disclosed a data breach, threat actors...
RTM Locker, a new RaaS gains notorieties in the threat landscape
Cybersecurity firm Trellix analyzed the activity of an emerging cybercriminal group called ‘Read The Manual’ RTM Locker. Researchers from cybersecurity firm Trellix have detailed the tactics,...
Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products
Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products. Chinese video surveillance giant Hikvision addressed an access control...
The Russia-linked APT29 is behind recent attacks targeting NATO and EU
Poland intelligence linked the Russian APT29 group to a series of attacks targeting NATO and European Union countries. Poland’s Military Counterintelligence Service and its Computer Emergency...
A flaw in the Kyocera Android printing app can be abused to drop malware
Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue...
Fortinet fixed a critical vulnerability in its Data Analytics product
Fortinet addressed a critical vulnerability that can lead to remote, unauthenticated access to Redis and MongoDB instances. Fortinet has addressed a critical vulnerability, tracked as CVE-2022-41331...
How to Combat Insider Threats
Knowing that insider threats are a risk is one thing. Knowing how to fight them off is entirely another. Dealing with issues of insider cyber risk...
Hyundai suffered a data breach that impacted customers in France and Italy
Hyundai disclosed a data breach that impacted Italian and French car owners and clients who booked a test drive. Hyundai has suffered a data breach that...
QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit
At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at...