Source: securityaffairs.com – Author: Pierluigi Paganini Kansas State University suffered a serious cybersecurity incident Kansas State University (K-State) suffered a cybersecurity incident that has disrupted part...
Author:
CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds...
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Google TAG warns that Russian COLDRIVER APT is using a custom backdoor Google warns that the Russia-linked threat actor COLDRIVER...
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts Experts found multiple flaws, collectively named PixieFail, in...
iShutdown lightweight method allows to discover spyware infections on iPhones – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini iShutdown lightweight method allows to discover spyware infections on iPhones Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS...
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos Switzerland believes that the attack claimed by pro-Russian group...
Github rotated credentials after the discovery of a vulnerability – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Github rotated credentials after the discovery of a vulnerability GitHub rotated some credentials after the discovery of a flaw that...
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation U.S. CISA and the FBI warned of AndroxGh0st malware used to...
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Citrix warns admins to immediately patch NetScaler for actively exploited zero-days Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler...
Google fixed the first actively exploited Chrome zero-day of 2024 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Google fixed the first actively exploited Chrome zero-day of 2024 Google has addressed the first Chrome zero-day vulnerability of the...
Atlassian fixed critical RCE in older Confluence versions – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Atlassian fixed critical RCE in older Confluence versions Atlassian warns of a critical remote code execution issue in Confluence Data...
VMware fixed a critical flaw in Aria Automation. Patch it now! – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini VMware fixed a critical flaw in Aria Automation. Patch it now! VMware warns customers of a critical vulnerability impacting its...
Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws Experts warn that recently disclosed Ivanti Connect Secure VPN...
Experts warn of a vulnerability affecting Bosch BCC100 Thermostat – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Experts warn of a vulnerability affecting Bosch BCC100 Thermostat Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from...
Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls...
Phemedrone info stealer campaign exploits Windows smartScreen bypass – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Phemedrone info stealer campaign exploits Windows smartScreen bypass Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver...
Balada Injector continues to infect thousands of WordPress sites – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Balada Injector continues to infect thousands of WordPress sites Balada Injector malware infected more than 7100 WordPress sites using a...
Attackers target Apache Hadoop and Flink to deliver cryptominers – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Attackers target Apache Hadoop and Flink to deliver cryptominers Researchers devised a new attack that exploits misconfigurations in Apache Hadoop...
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic Apple addressed a recently disclosed Bluetooth keyboard...
Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT Forescout experts questioned the attribution of cyber...
Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine The National Police of Ukraine, with the support of Europol, arrested...
Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION | GitLab fixed a critical zero-click account hijacking flaw...
Akira ransomware targets Finnish organizations – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Akira ransomware targets Finnish organizations The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape...
GitLab fixed a critical zero-click account hijacking flaw – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini GitLab fixed a critical zero-click account hijacking flaw GitLab addressed two critical flaws impacting both the Community and Enterprise Edition,...
Juniper Networks fixed a critical RCE bug in its firewalls and switches – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Juniper Networks fixed a critical RCE bug in its firewalls and switches Juniper Networks fixed a critical pre-auth remote code...
Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Investigators from Resecurity’s HUNTER (HUMINT) warn that Indonesia...
Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in...
Team Liquid’s wiki leak exposes 118K users – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Team Liquid’s wiki leak exposes 118K users Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing...
CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds Ivanti and Microsoft SharePoint bugs to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA)...
Two zero-day bugs in Ivanti Connect Secure actively exploited – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Two zero-day bugs in Ivanti Connect Secure actively exploited Ivanti revealed that two threat actors are exploiting two zero-day vulnerabilities...