Category: Security Affairs

Threat actors who breached the Okta customer support system also gained access to files belonging to 134 customers. Threat actors who breached the Okta customer support system in October gained access to files belonging to 134 customers, the company revealed.…

Read more →

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or…

Read more →

The FSB arrested two Russian hackers who are accused of having helped Ukrainian entities carry out cyberattacks on critical infrastructure targets. The Russian intelligence agency Federal Security Service (FSB) arrested two individuals who are suspected of supporting Ukrainian entities to…

Read more →

Iran-linked cyberespionage group MuddyWater is targeting Israeli entities in a new spear-phishing campaign. Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, and Static Kitten) is targeting Israeli entities in a new spear-phishing campaign, Deep Instinct’s Threat Research team reported. The phishing messages were aimed at deploying a…

Read more →

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at…

Read more →

Okta warns approximately 5,000 employees that their personal information was compromised due to a third-party vendor data breach. Cloud identity and access management solutions provider Okta warns nearly 5,000 employees that their personal information was exposed due to a data…

Read more →

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ.…

Read more →

Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors.…

Read more →

Data leaks containing Aadhaar IDs in India was caused by the insecurity of 3rd parties while aggregating such information for KYC. According to Resecurity, a global cybersecurity provider protecting Fortune 500 companies and governments globally, one of the key issues…

Read more →

Researchers speculate that the recent shutdown of the Mozi botnet was the response of its authors to the pressure from Chinese law enforcement. ESET researchers speculate that the recent shutdown of the Mozi botnet was the result of its operators’…

Read more →

Experts warn that threat actors started exploiting the critical flaw CVE-2023-46747 in F5 BIG-IP installs less than five days after PoC exploit disclosure. F5 this week warned customers about a critical security vulnerability, tracked as CVE-2023-46747 (CVSS 9.8), that impacts…

Read more →

US CISA added two vulnerabilities, tracked as CVE-2023-46747 and CVE-2023-46748, in BIG-IP to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities CVE-2023-46747 and CVE-2023-46748 in BIG-IP to its Known Exploited Vulnerabilities catalog. CISA has the two…

Read more →

A pro-Hamas hacker group is targeting Israeli entities using a new Linux-based wiper malware dubbed BiBi-Linux Wiper. During a forensics investigation, Security Joes Incident Response team discovered a new Linux Wiper malware they tracked as BiBi-Linux Wiper. Pro-Hamas hacktivist group used…

Read more →

Last weekend, the British Library suffered a cyberattack that caused a major IT outage, impacting many of its services. The British Library is facing a major outage that impacts the website and many of its services following a cyber attack…

Read more →

Atlassian warned of a critical security vulnerability, tracked as CVE-2023-22518, in the Confluence Data Center and Server. Atlassian is warning of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server.…

Read more →

World-in-HD (WiHD), a French private video torrent community, left an open instance exposing the emails and passwords of all of its users and administrators. WiHD, a popular torrent tracker specializing in HD movies, inadvertently exposed tens of thousands of its…

Read more →

Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. Researchers from Researchers at Horizon3.ai publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. Cisco recently warned customers of a…

Read more →

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices…

Read more →

A man from Orlando was sentenced to prison for SIM Swapping conspiracy that led to the theft of approximately $1M in cryptocurrency. Jordan Dave Persad (20), from Orlando, Florida, was sentenced to 30 months in prison for SIM Swapping conspiracy,…

Read more →

eSentire researchers devised a new attack technique, named Wiki-Slack attack, that can be used to redirect business professionals to malicious websites. eSentire Threat Response Unit (TRU) security researchers discovered a new attack technique, named Wiki-Slack attack, that can be used to redirect…

Read more →