Category: Security Affairs

Researchers discovered three malicious packages that have been uploaded to the Python Package Index (PyPI) repository by Lolip0p group. FortiGuard Labs researchers discovered three malicious PyPI packages (called ‘colorslib’, ‘httpslib’, and “libhttps”) on the PyPI repository that were uploaded by the…

Read more →

How healthcare delivery organizations (HDOs) can manage the IT asset risks during a healthcare M&A process. Mergers and Acquisitions (M&A), you’ve probably heard the term before. An M&A is often associated with the “business world”; with industries such as finance,…

Read more →

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. The…

Read more →

Netlab 360 observed unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. Researchers from Qihoo Netlab 360 reported that unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite.…

Read more →

Expert discovered that the T95 Android TV box, available for sale on Amazon and AliExpress, came with sophisticated pre-installed malware. Security researcher, Daniel Milisic, discovered that the T95 Android TV box he purchased on Amazon was infected with sophisticated pre-installed…

Read more →

An international police operation led by Europol led to the arrest of cryptocurrency scammers targeting users all over the world. An international law enforcement operation conducted by authorities from Bulgaria, Cyprus, Germany and Serbia, supported by Europol and Eurojust, has…

Read more →

1.7 TB of data stolen from Cellebrite, a digital intelligence company that provides tools for law enforcement, were leaked online. The Israeli mobile forensics firm Cellebrite is one of the leading companies in the world in the field of digital forensics, it…

Read more →

The Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed Magecart attack. Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed a Magecart attack on January…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Most…

Read more →

Most internet-exposed Cacti servers are vulnerable to the critical vulnerability CVE-2022-46169 which is actively exploited in the wild. Cacti is an open-source platform that provides a robust and extensible operational monitoring and fault management framework for users. Researchers from Censys…

Read more →

French data protection watchdog fined short-form video hosting service TikTok €5 million for breaking cookie consent rules. The Commission nationale de l’informatique et des libertés (CNIL) has fined short-form video hosting service TikTok €5 million (about $5.4 million) for violating cookie consent rules.…

Read more →

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected…

Read more →

A Pro-Russian group named NoName057(16) is targeting organizations in Ukraine and NATO countries with DDoS attacks. A Pro-Russian cybercrime group named NoName057(16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries,…

Read more →

The cyberattack on Royal Mail, Britain’s postal service, is a ransomware attack that was linked to the LockBit ransomware operation. Royal Mail, the British multinational postal service and courier company, this week announced that a “cyber incident” has a severe impact on its operation.…

Read more →

Recently patched Fortinet FortiOS SSL-VPN zero-day exploited in attacks against government organizations and government-related targets. Fortinet researchers reported that threat actors exploited the recently patched FortiOS SSL-VPN vulnerability (CVE-2022-42475) in attacks against government organizations and government-related targets. In December, the…

Read more →

Cisco warns of a critical flaw in small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL). Cisco is warning of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042,…

Read more →

Researchers reported that a threat actor claims to provide access to internal servers at Telegram for $20,000. SafetyDetectives reported that a member of a dark web marketplace is claiming to provide access to internal servers at Telegram for $20,000. The…

Read more →

Threat actors are actively exploiting a recently patched critical remote code execution (RCE) vulnerability in Control Web Panel (CWP). Threat actors are actively exploiting a recently patched critical vulnerability, tracked as CVE-2022-44877 (CVSS score: 9.8), in Control Web Panel (CWP). The…

Read more →

Twitter said that its investigation revealed that users’ data offered for sale online was not obtained from its systems. Twitter provided an update on its investigation launched after data of 200 Million users were offered for sale online. The company…

Read more →

Security loopholes on social marketplace website trustanduse.com exposed data of around 439,000 users including many businesses for at least six months. Disclosing personal data on platforms providing digital services is always risky. The Cybernews research team identified a publicly accessible…

Read more →

Royal Mail, Britain’s postal service, announced it has suffered a “cyber incident” that caused a “severe service disruption.” Royal Mail, the British multinational postal service and courier company, announced this week that a “cyber incident” has a severe impact on its operation. The incident…

Read more →

Threat actors are targeting organizations in the Australian healthcare sector with the Gootkit malware loader. Trend Micro researchers warn that Gootkit Loader is actively targeting the Australian healthcare industry. The experts analyzed a series of attacks and discovered that Gootkit…

Read more →

US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The first issue, tracked as CVE-2022-41080, is a…

Read more →

Microsoft Patch Tuesday security updates for January 2023 fixed 97 flaws and an actively exploited zero-day. Microsoft Patch Tuesday security updates for January 2023 addressed a total of 98 vulnerabilities in Microsoft Windows and Windows Components; Office and Office Components;…

Read more →

The StrongPity APT group targeted Android users with a trojanized version of the Telegram app served through a website impersonating a video chat service called Shagle. ESET researchers reported that StrongPity APT group targeted Android users with a trojanized version of the Telegram…

Read more →

Zoom addressed four “high” severity vulnerabilities impacting its popular videoconferencing software Zoom Rooms. Zoom addressed four “high” severity vulnerabilities impacting its videoconferencing platform Zoom Rooms. Below are the details for the bugs addressed by the company: CVE-2022-36930 (CVSS Score 8.2)…

Read more →

The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken (JWT) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote…

Read more →

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than…

Read more →

Kinsing cryptojacking operators are exploiting misconfigured and exposed PostgreSQL servers to access Kubernetes environments. Researchers at Microsoft Defender for Cloud observed threat actors behind the Kinsing cryptojacking operation using two methods to gain initial access in Kubernetes environments: exploitation of weakly configured…

Read more →

Airline company Air France-KLM is notifying the customers of its loyalty program Flying Blue of a data breach. Airline company Air France-KLM announced it has suffered a data breach, data belonging to customers of its loyalty program Flying Blue were…

Read more →

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than…

Read more →

Russia-linked Cold River APT targeted three nuclear research laboratories in the United States in 2022 summer, Reuters reported. Reuters reported that the Russia-linked APT group Cold River (aka Calisto) targeted three nuclear research laboratories in the United States between August…

Read more →

The cybersecurity blog inSicurezzaDigitale has launched the Italian Dashboard Ransomware Monitor to analyze the principal RaaSs’ activities. Here it comes, inSicurezzaDigitale announced the Dashboard Ransomware Monitor, it is the second project after the recent presentation of the project Mastodon. The…

Read more →

Cybersecurity firm Resecurity published report on drug trafficking marketplaces currently operating in the Dark Web Resecurity, a Los Angeles-based cybersecurity and risk management provider has released an eye-opening report on drug trafficking marketplaces currently operating in the Dark Web. The…

Read more →

Tens of software vulnerabilities affected Qualcomm firmware and impacted the devices of Microsoft, Lenovo, and Samsung. Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. Some of the flaws were reported by the efiXplorer Team at…

Read more →

Polish authorities charged Russian and Belarusian individuals with spying for the Russian military intelligence service (GRU). Polish authorities charged Russian and Belarusian individuals, who were arrested in April, with spying for the Russian military intelligence service (GRU) from 2017 to…

Read more →

Experts warn of a new variant of the Dridex banking malware that is targeting systems using the macOS operating system. Trend Micro experts discovered a new variant of the Dridex banking malware that targets the MacOS platform and that used…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Chick-fil-A…

Read more →

American fast food restaurant chain Chick-fil-A informed its customers of having launched an investigation into “suspicious activity.” Chick-fil-A is an American fast food restaurant chain, it is the country’s largest which specializes in chicken sandwiches. The company informed its customers of…

Read more →

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom…

Read more →

The Hive ransomware gang just leaked 550 GB of data stolen from the Consulate Health Care, including customer and employee PII data. Consulate Health Care is a leading provider of senior healthcare services, specializing in post-acute care. The Hive ransomware gang…

Read more →

The Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack in December that is still impacting medical activity. The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was hit by a ransomware attack in December that is still…

Read more →

Microsoft warns of different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) targeting Apple macOS systems. Microsoft Security Threat Intelligence team warns of four different ransomware families (KeRanger, FileCoder, MacRansom, and EvilQuest) that impact Apple macOS systems. The initial vector in…

Read more →

Cloud services provider Rackspace confirmed that the recent data breach was the result of the Play Ransomware gang’s attack. Cloud services provider Rackspace announced this week that the recent data breach was the result of an attack conducted by the…

Read more →

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware, which can allow victims of the group to restore their data…

Read more →

Enterprise collaboration platform Slack disclosed a data breach, hackers stole some of its private source code repositories. The enterprise collaboration platform Slack has announced to have suffered a security breach, threat actors have stolen some of its private source code…

Read more →

The popular AI chatbot ChatGPT might be used by threat actors to hack easily hack into target networks. Original post at https://cybernews.com/security/hackers-exploit-chatgpt/ Cybernews research team discovered that the AI-based chatbot ChatGPT – a recently launched platform that caught the online…

Read more →

Zoho is warning its customers of a critical vulnerability, tracked as CVE-2022-47523, affecting multiple ManageEngine products. Zoho is urging its customers to address a critical SQL Injection vulnerability, tracked as CVE-2022-47523, that affects multiple ManageEngine products. “This security advisory is…

Read more →

The Irish Data Protection Commission (DPC) fined Meta Platforms €390 million over data processing operations for the delivery of its services The Data Protection Commission (DPC) concluded two inquiries into the data processing operations of Meta Platforms Ireland Limited (“Meta Ireland”)…

Read more →

A database containing email addresses of 235,000,000 Twitter users has been offered on a popular hacker forum. A data leak containing email addresses for 235 million Twitter users has been published on a popular hacker forum. Many experts have immediately…

Read more →

BMW, Mercedes, Toyota, and other popular carmakers use vulnerable APIs that could have allowed attackers to perform malicious activities. Cybersecurity researcher Sam Curry and his colleagues discovered many vulnerabilities in the vehicles manufactured by tens of carmakers and services implemented…

Read more →

CyberNews reported that Cricketsocial.com, a social platform for the cricket community, exposed private customer data and admin credentials. Cricketsocial.com, is a social platform developed for the cricket community online. CyberNews discovered that a database used by the platform was left…

Read more →

Fortinet addressed multiple vulnerabilities impacting its products and warned of a high-severity command injection flaw in FortiADC. Cybersecurity vendor Fortinet addressed several vulnerabilities impacting its products. The compaby also warned customers of a high-severity command injection flaw, tracked as CVE-2022-39947…

Read more →

Researchers discovered a new Linux malware developed with the shell script compiler (shc) that was used to deliver a cryptocurrency miner. The ASEC analysis team recently discovered that a Linux malware developed with shell script compiler (shc) that threat actors…

Read more →

US. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. Wabtec Corporation is an American company formed by the merger of the Westinghouse Air Brake Company (WABCO) and MotivePower Industries Corporation in 1999. It manufactures products…

Read more →

Synology fixed several critical flaws in its routers, including flaws likely demonstrated at the Pwn2Own 2022 hacking contest. Taiwanese NAS maker Synology published two new critical advisories in December. The first advisory is related to the most severe vulnerability addressed by…

Read more →

The Canadian Copper Mountain Mining Corporation (CMMC) was hit with a ransomware attack that impacted its operations. The Canadian Copper Mountain Mining Corporation (CMMC) announced to have suffered a ransomware attack late on December 27, 2022, which impacted its operation.  Copper Mountain’s…

Read more →

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information…

Read more →

A post published on a popular hacking forum claims Volvo Cars has suffered a new data breach, alleging stolen data available for sale. French cybersecurity Anis Haboubi yesterday first noticed that a threat actor was attempting to sell data allegedly…

Read more →

In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. According to the “The State of Ransomware in the US: Report and Statistics 2022” report published by Emsisoft, the…

Read more →

These are the most-read cybersecurity articles that have been published by SecurtiyAffairs in 2022. 1 – Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas Russian threat actors may be behind the explosion at…

Read more →

Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December…

Read more →

Poland security agency warns pro-Russian hackers that are continuously targeting the state since the start of the invasion of Ukraine. Since the beginning of the invasion of Ukraine, Poland has been a constant target of cyber attacks conducted by pro-Russian…

Read more →

Google will pay $29.5 million to settle two different lawsuits in the US over its deceptive location tracking practices. Google decided to pay $29.5 million to settle two different lawsuits brought by the states of Indiana and Washington, D.C., over…

Read more →

The LockBit ransomware group formally apologized for the attack on the Hospital for Sick Children (SickKids) and gave to the victim a decryptor for free. The LockBit ransomware gang formally apologized for the attack on the Hospital for Sick Children…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Personal…

Read more →

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information…

Read more →

Experts warn of a new Malvertising Campaign abusing Google Ads that targets users searching for popular software. Guardio Labs researchers uncovered a malvertising campaign, tracked as MasquerAds and attributed to a threat actor known as Vermux, that is abusing Google…

Read more →