Category: Security Affairs

American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that their credit card information has been compromised in a data breach involving a…

Read more →

This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanction the company Meta – which…

Read more →

Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile carrier…

Read more →

Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company, Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent…

Read more →

A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain…

Read more →

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd.…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S.…

Read more →

A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group, a U.S. Judge ordered the surveillance firm to…

Read more →

The U.S. DoJ charged Iranian national Alireza Shafie Nasab for his role in attacks targeting U.S. government and defense entities. The U.S. Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. defense…

Read more →

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of…

Read more →

German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforcement operation led to the seizure of the largest German-speaking cybercrime marketplace. “Under the direction of the…

Read more →

The Five Eyes alliance warns of threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. The Five Eyes intelligence alliance issued a joint cybersecurity advisory warning of threat actors exploiting known vulnerabilities in Ivanti…

Read more →

Crooks stole €15.5 million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been the victim of a phishing attack, crooks stole about 15 million euros…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability to its…

Read more →

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described…

Read more →

A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously unknown threat actor dubbed SPIKEDWINE has been observed targeting European officials. The cyberspies used a bait PDF document…

Read more →

Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully recovered its operations following the recent law enforcement initiative, code-named Operation…

Read more →

North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys…

Read more →

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Cencora, Inc., formerly known as AmerisourceBergen, is an American drug wholesale company and…

Read more →

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary…

Read more →