Category: Security Affairs

OpenAI fired its CEO Sam Altman, and the Chief technology officer Mira Murati appointed interim CEO to lead the company. Sam Altman has been removed as CEO of OpenAI. The company announced that Mira Murati, the Chief Technology Officer, has…

Read more →

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Toyota Financial Services confirmed the discovery of unauthorized activity on systems in a limited number of its locations. “Toyota Financial Services…

Read more →

US CISA added three new vulnerabilities (tracked as CVE-2023-36584, CVE-2023-1671, and CVE-2023-2551) to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities catalog. Below is the list of the three…

Read more →

Fortinet warns of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited to execute arbitrary commands. Fortinet is warning customers of a critical OS command injection vulnerability, tracked as CVE-2023-36553 (CVSS score 9.3), in FortiSIEM…

Read more →

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments. Google Threat Analysis Group (TAG) researchers revealed that a zero-day vulnerability, tracked as CVE-2023-37580 (CVSS score: 6.1), in the Zimbra Collaboration email software was…

Read more →

Vietnam Post Corporation, a Vietnamese government-owned postal service, exposed security logs and employee email addresses to external cyber threats Vietnam Post Corporation, a Vietnamese government-owned postal service, left its security logs and employee email addresses accessible to outside cyber snoopers,…

Read more →

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. The security breach was discovered…

Read more →

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry…

Read more →

Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product. SAP November 2023 Security Patch Day includes three new and three updated security notes. The most severe “hot news” is an improper access control…

Read more →

The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm. The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect…

Read more →

Mexican online casino Strendus has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling. Strendus, one of the biggest online casinos in Mexico has exposed sensitive user data, including home addresses and the…

Read more →

VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. VMware disclosed an authentication bypass vulnerability, tracked as CVE-2023-34060 (CVSS score 9.8), in its Cloud Director Appliance…

Read more →

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild. Microsoft Patch Tuesday security updates for November 2023 addressed 63 new vulnerabilities in Microsoft Windows and Windows Components; Exchange Server; Office and Office Components; ASP.NET…

Read more →

Danish critical infrastructure was hit by the largest cyber attack on record that hit the country, according to Denmark’s SektorCERT. In May, Danish critical infrastructure faced the biggest cyber attack on record that hit the country, reported SektorCERT, Denmark’s Computer…

Read more →

A cyber attack on the logistics giant DP World caused significant disruptions in the operations of several major Australian ports. A cyberattack hit the international logistics firm DP World Australia and disrupted the operations in major Australian ports. DP World is…

Read more →

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting…

Read more →

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog, five issues impacting Juniper…

Read more →

The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors.  In 2022, Boeing recorded $66.61 billion…

Read more →

North Korea-linked APT group Sapphire Sleet set up bogus skills assessment portals in attacks aimed at IT job seekers. The North Korea-linked APT group Sapphire Sleet (aka APT38, BlueNoroff, CageyChameleon, and CryptoCore) is considered a sub-group of the popular Lazarus…

Read more →

The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it was experiencing a computer network incident that prevented the hospital from accessing some…

Read more →