Category: Security Affairs

Researchers and the Dutch Police released a decryptor for the Tortilla variant of the Babuk ransomware after the arrest of its operator. Cisco Talos researchers obtained a decryptor for the Babuk Tortilla ransomware variant. The experts were able to extract and…

Read more →

Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. Microsoft Patch Tuesday security updates for January 2024 fixed 49 flaws in Microsoft Windows and Windows Components; Office and Office Components; Azure;…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Superset vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Superset flaw, tracked as CVE-2023-27524, to its Known Exploited Vulnerabilities (KEV) catalog. Apache Superset is an…

Read more →

The LockBit ransomware gang claimed responsibility for the cyber attack on the Capital Health hospital network. The LockBit ransomware operation has claimed responsibility for the cyberattack that hit the Capital Health hospital network in November 2023. Capital Health Regional Medical…

Read more →

A hacker group that calls itself Anonymous Arabic is distributing a stealthy remote access trojan called Silver RAT. Cyfirma researchers observed threat actors called ‘Anonymous Arabic’ distributing a C# remote access trojan called Silver RAT. The malware supports multiple capabilities, including bypassing…

Read more →

Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web after the US security…

Read more →

Saudi Ministry of Industry and Mineral Resources (MIM) had an environment file exposed, opening up sensitive details for anybody willing to take them. The Cybernews research team believes that the sensitive data was accessible for 15 months. An environment (env.)…

Read more →

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The U.S. DoJ charged 19 individuals worldwide for their role in the operations of the now-defunct xDedic Marketplace. In January 2019, law enforcement agencies in the US…

Read more →

A new variant of the Bandook remote access trojan (RAT) was spotted in attacks aimed at Windows machines. Reseachers from Fortinet observed a new variant of a remote access trojan dubbed Bandook that has been used in phishing attacks against Windows users.…

Read more →

A cyber attack hit the Beirut International Airport, Rafic Hariri (Lebanon), threat actors breached the Flight Information Display System (FIDS). Threat actors hit the Beirut International Airport Rafic Hariri in Lebanon and breached the Flight Information Display System (FIDS). Rafic…

Read more →

Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced cryptocurrency significantly. Last year, Iranian crypto exchanges facilitated transactions totaling nearly $3…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts…

Read more →

Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic…

Read more →

Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT’s malware family. Security researcher Greg Lesnewich discovered a backdoor, called SpectralBlur, that targets Apple macOS. The backdoor shows similarities with the malware family KANDYKORN (aka SockRacket), which was…

Read more →

Merck has resolved a dispute with insurers regarding a $1.4 billion claim arising from the NotPetya malware incident. Merck and its insurers have agreed with a $1.4 billion claim arising from the large-scale NotPetya cyberattack. Merck & Co., Inc., known…

Read more →

Law firm Orrick, Herrington & Sutcliffe disclosed a data breach that took place in early 2023, which impacted roughly 600,000 individuals. The law firm Orrick, Herrington & Sutcliffe, disclosed a data breach that impacted 638,000 individuals. An authorized actor gained…

Read more →

A threat actor announced the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and…

Read more →

Ukrainian authorities revealed that Russia-linked APT Sandworm had been inside telecom giant Kyivstar at least since May 2023. Russia-linked APT group Sandworm was inside Ukrainian telecoms giant Kyivstar from at least May 2023, the head of Ukraine’s Security Service of Ukraine’s…

Read more →

Ivanti fixed a critical vulnerability in its Endpoint Manager (EPM) solution that could lead to remote code execution (RCE) on vulnerable servers Ivanti has released security updates to address a critical vulnerability, tracked as CVE-2023-39336 (CVSS score 9.6), impacting its…

Read more →

The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB…

Read more →