Source: securityaffairs.com – Author: Pierluigi Paganini Kansas State University suffered a serious cybersecurity incident Kansas State University (K-State) suffered a cybersecurity incident that has disrupted part...
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds...
Source: securityaffairs.com – Author: Pierluigi Paganini Google TAG warns that Russian COLDRIVER APT is using a custom backdoor Google warns that the Russia-linked threat actor COLDRIVER...
Source: securityaffairs.com – Author: Pierluigi Paganini PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts Experts found multiple flaws, collectively named PixieFail, in...
Source: securityaffairs.com – Author: Pierluigi Paganini iShutdown lightweight method allows to discover spyware infections on iPhones Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS...
Source: securityaffairs.com – Author: Pierluigi Paganini Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos Switzerland believes that the attack claimed by pro-Russian group...
Source: securityaffairs.com – Author: Pierluigi Paganini Github rotated credentials after the discovery of a vulnerability GitHub rotated some credentials after the discovery of a flaw that...
Source: securityaffairs.com – Author: Pierluigi Paganini FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation U.S. CISA and the FBI warned of AndroxGh0st malware used to...
Source: securityaffairs.com – Author: Pierluigi Paganini Citrix warns admins to immediately patch NetScaler for actively exploited zero-days Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler...
Source: securityaffairs.com – Author: Pierluigi Paganini Google fixed the first actively exploited Chrome zero-day of 2024 Google has addressed the first Chrome zero-day vulnerability of the...
Source: securityaffairs.com – Author: Pierluigi Paganini Atlassian fixed critical RCE in older Confluence versions Atlassian warns of a critical remote code execution issue in Confluence Data...
Source: securityaffairs.com – Author: Pierluigi Paganini VMware fixed a critical flaw in Aria Automation. Patch it now! VMware warns customers of a critical vulnerability impacting its...
Source: securityaffairs.com – Author: Pierluigi Paganini Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws Experts warn that recently disclosed Ivanti Connect Secure VPN...
Source: securityaffairs.com – Author: Pierluigi Paganini Experts warn of a vulnerability affecting Bosch BCC100 Thermostat Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from...
Source: securityaffairs.com – Author: Pierluigi Paganini Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls...
Source: securityaffairs.com – Author: Pierluigi Paganini Phemedrone info stealer campaign exploits Windows smartScreen bypass Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver...
Source: securityaffairs.com – Author: Pierluigi Paganini Balada Injector continues to infect thousands of WordPress sites Balada Injector malware infected more than 7100 WordPress sites using a...
Source: securityaffairs.com – Author: Pierluigi Paganini Attackers target Apache Hadoop and Flink to deliver cryptominers Researchers devised a new attack that exploits misconfigurations in Apache Hadoop...
Source: securityaffairs.com – Author: Pierluigi Paganini Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic Apple addressed a recently disclosed Bluetooth keyboard...
Source: securityaffairs.com – Author: Pierluigi Paganini Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT Forescout experts questioned the attribution of cyber...
Source: securityaffairs.com – Author: Pierluigi Paganini Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine The National Police of Ukraine, with the support of Europol, arrested...
Source: securityaffairs.com – Author: Pierluigi Paganini Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION | GitLab fixed a critical zero-click account hijacking flaw...
Source: securityaffairs.com – Author: Pierluigi Paganini Akira ransomware targets Finnish organizations The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape...
Source: securityaffairs.com – Author: Pierluigi Paganini GitLab fixed a critical zero-click account hijacking flaw GitLab addressed two critical flaws impacting both the Community and Enterprise Edition,...
Source: securityaffairs.com – Author: Pierluigi Paganini Juniper Networks fixed a critical RCE bug in its firewalls and switches Juniper Networks fixed a critical pre-auth remote code...
Source: securityaffairs.com – Author: Pierluigi Paganini Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Investigators from Resecurity’s HUNTER (HUMINT) warn that Indonesia...
Source: securityaffairs.com – Author: Pierluigi Paganini Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in...
Source: securityaffairs.com – Author: Pierluigi Paganini Team Liquid’s wiki leak exposes 118K users Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing...
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA)...
Source: securityaffairs.com – Author: Pierluigi Paganini Two zero-day bugs in Ivanti Connect Secure actively exploited Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities...
