Category: Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hackers stole over…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Protect Your Crypto: Understanding the Ongoing Global Malware Attacks and What We Are Doing to Stop Them   CISA warns of Windows…

Read more →

GreyNoise Intelligence firm warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms.  GreyNoise Intelligence has been tracking a mysterious phenomenon since January 2020 consisting of massive waves of spoofed traffic, tracked by…

Read more →

Cybercriminals stole more than $44 million worth of cryptocurrency from the Singaporean crypto platform BingX. Singaporean crypto platform BingX reported a cyberattack on Friday. Threat actors stole over $44 million worth of cryptocurrency. The crypto platform discovered unauthorized transfers of…

Read more →

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using…

Read more →

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. Ukraine’s National Coordination Centre for Cybersecurity (NCCC) has banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to…

Read more →

The maintainers of the Tor Project have responded to claims that German police have devised a technique to deanonymize users. The maintainers of the Tor Project have responded to claims that German law enforcement has devised a technique to deanonymize…

Read more →

Iran-linked APT group UNC1860 is operating as an initial access facilitator that provides remote access to Middle Eastern Networks. Mandiant researchers warn that an Iran-linked APT group, tracked as UNC1860, is operating as an initial access facilitator that provides remote…

Read more →

The US DoJ arrested two people and charged them with stealing and laundering more than $230 million worth of cryptocurrency. The U.S. DoJ arrested two people, Malone Lam (20) (aka “Greavys,” “Anne Hathaway,” and “$$$”) and Jeandiel Serrano (21) (aka…

Read more →

Microsoft warns that financially motivated threat actor Vanilla Tempest is using INC ransomware in attacks aimed at the healthcare sector in the U.S. Microsoft Threat Intelligence team revealed that a financially motivated threat actor, tracked as Vanilla Tempest (formerly DEV-0832) is…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Cloud Services Appliance a path traversal vulnerability CVE-2024-8190 (CVSS score of 9.4)…

Read more →

Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability, tracked as CVE-2024-8963 (CVSS score…

Read more →

An international law enforcement operation infiltrated the encrypted messaging app Ghost, which was widely used by criminals, resulting in the arrest of dozens of individuals. An international law enforcement operation infiltrated the encrypted communications app Ghost, designed for criminal use,…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux…

Read more →

Small and medium-sized enterprises (SMEs) are a frequent target for cybercriminals. How can SIEM help them improve their cybersecurity? Contrary to what they might believe, small and medium-sized enterprises (SMEs) are a favorite target for cybercriminals. Research from the Identity…

Read more →

Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend. This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had disconnected all servers following a cyberattack on Saturday, September 14. The company…

Read more →

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen’s Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.…

Read more →

Credential Flusher is a method that allows hackers to steal login credentials directly from the victim’s web browser. The cyber attacks have become increasingly sophisticated, putting our personal information at risk. One of the latest and most insidious techniques is…

Read more →

The U.S. Department of Treasury issued new sanctions against five executives and one entity linked to the Intellexa Consortium. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued new sanctions against five individuals and one entity associated…

Read more →

Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could…

Read more →