Category: Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following two vulnerabilities to its Known Exploited Vulnerabilities (KEV)…

Read more →

The U.S. government offers rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. The U.S. Department of State is offering a reward of up to $10 million for information…

Read more →

U.S. CISA revealed that threat actors breached an unnamed state government organization via an administrator account belonging to a former employee. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a threat actor gained access to an unnamed state…

Read more →

Russia-linked APT group Turla has been spotted targeting Polish non-governmental organizations (NGO) with a new backdoor dubbed TinyTurla-NG. Russia-linked cyberespionage group Turla has been spotted using a new backdoor dubbed TinyTurla-NG in attacks aimed at Polish non-governmental organizations. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been…

Read more →

The US authorities dismantled the Moobot botnet, which was controlled by the Russia-linked cyberespionage group APT28. A court order allowed US authorities to neutralize the Moobot botnet, a network of hundreds of small office/home office (SOHO) routers under the control…

Read more →

On February 12, 2023, a cyber attack halted operations at five production plants of German battery manufacturer Varta. On February 13, German battery manufacturer Varta announced that a cyber attack forced the company to shut down IT systems. The attack…

Read more →

The office of South Korean President Yoon Suk Yeol said that North Korea-linked actors breached the personal emails of one of his staff members. The office of South Korean President Yoon Suk Yeol announced a security incident involving the compromise…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds 2 Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: This week. Microsoft…

Read more →

Microsoft and OpenAI warn that nation-state actors are using ChatGPT to automate some phases of their attack chains, including target reconnaissance and social engineering attacks. Multiple nation-state actors are exploiting artificial intelligence (AI) and large language models (LLMs), including OpenAI…

Read more →

Researchers reported that attackers can exploit the ‘command-not-found’ utility to trick users into installing rogue packages on Ubuntu systems. Cybersecurity researchers from cloud security firm Aqua discovered that it is possible to abuse, the popular utility ‘called ‘command-not-found’ that can…

Read more →

Zoom addressed seven vulnerabilities in its desktop and mobile applications, including a critical flaw (CVE-2024-24691) affecting the Windows software. The popular Video messaging giant Zoom released security updates to address seven vulnerabilities in its desktop and mobile applications, including a…

Read more →

Adobe Patch Tuesday security updates for February 2024 addressed more than 30 vulnerabilities in multiple products, including critical issues. Adobe Patch Tuesday security updates released by Adobe addressed over 30 vulnerabilities across various products, including critical issues. The software maker…

Read more →

Microsoft Patch Tuesday security updates for February 2024 addressed 72 flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 2024 resolved a total of 72 vulnerabilities, including two actively exploited zero-days. The…

Read more →

Authorities in Romania reported that at least 100 hospitals went offline after a ransomware attack hit the Hipocrate platform. Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least…

Read more →

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish…

Read more →

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. A comprehensive report delving into the intricate landscape of ransomware threats during the last four months of 2023 is out, with a…

Read more →

Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections globally. In…

Read more →

Researchers discovered a vulnerability in the code of the Rhysida ransomware that allowed them to develop a decryption tool. Cybersecurity researchers from Kookmin University and the Korea Internet and Security Agency (KISA) discovered an implementation vulnerability in the source code…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube Webmail Persistent Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2023-43770,…

Read more →

The Canadian government is going to ban the tool Flipper Zero because it is abused by crooks to steal vehicles in the country. The Canadian government announced that it plans to ban the tool Flipper Zero, and similar hacking devices,…

Read more →