Category: Security Affairs

Exclusive: Pakistan and India to armaments. Researchers from Cybaze-Yoroi ZLab gathered intelligence on the return of Operation Transparent Tribe is back 4 years later Introduction The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages…

Read more →

The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The Defense Information Systems Agency (DISA), the DoD agency that is in charge of the security…

Read more →

More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26%…

Read more →

Some operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain.…

Read more →

Britain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that…

Read more →

Adobe released out-of-band security updates for After Effects and Media Encoder applications that address two new critical vulnerabilities. Adobe released out-of-band security updates for After Effects and Media Encoder applications that fix two new critical vulnerabilities (CVE-2020-3765, CVE-2020-3764). Adobe After…

Read more →

Cisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. The types of fixed vulnerabilities include remote access…

Read more →

The personal information of 10.6 million guests who stayed at MGM Resorts hotels was stolen by hackers this summer and posted a hacking forum this week. ZDNet revealed in exclusive that the personal details of more than 10.6 million users…

Read more →

A new flaw was discovered in a WordPress plugin, this time experts found a zero-day vulnerability in the ThemeREX Addons to create admin accounts. Security experts from WordFence have discovered a zero-day vulnerability in the ThemeREX Addons that was actively…

Read more →

The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group tracked as DRBControl…

Read more →

Security expert Marco Ramilli shared the results of an analysis of a skimmer implant spotted in the wild that could be potentially linked to Magecart group. If you are a credit card holder, this post could be of your interest.…

Read more →

Artificial intelligence is an immensely helpful tool for businesses and consumers alike, how to use artificial intelligence to secure sensitive Information Artificial intelligence (AI) is an immensely helpful tool for businesses and consumers alike. By processing data quickly and predicting…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S. infrastructure sectors about…

Read more →

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Experts at firmware security firm Eclypsium have discovered that many peripheral device manufacturers have not implemented security checks to prevent…

Read more →

Go grab a copy of the Gerbers and 3D-printed Case STL files at https://github.com/whid-injector/Focaccia-Board and print through your favorite FAB. Prologue Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of…

Read more →

A security expert found a flaw in SharePoint that could be exploited to remotely execute arbitrary code by sending a specially crafted SharePoint application package. Summary:A few days ago I saw a post from Alienvault which says attackers are still exploiting SharePoint…

Read more →

A serious flaw in the ThemeGrill Demo Importer WordPress theme plugin with over 200,000 active installs can be exploited to wipe sites and gain admin access to the site. Experts from the security firm WebARX have discovered a serious flaw…

Read more →

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The popular hacker group has hacked the official Twitter account of the FC…

Read more →

Tutanota, the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Since early February, the Russian government has blocked other encrypted email and VPN…

Read more →

Tutanota, the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Since early February, the Russian government has blocked other encrypted email and VPN…

Read more →

About a year ago, Yoroi released the Yomi Hunter sandbox, today, they love to challenge the malware community with the first “Yomi Hunting” contest. About a year ago, we publicly released the Yomi Hunter sandbox for a few simple reasons:…

Read more →

Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. Introduction  Gamaredon Group is a Cyber Espionage persistent operation attributed to Russians FSB (Federal Security Service) in…

Read more →

Israeli Force (IDF) announced it has thwarted an attempt by the Hamas militant group to hack soldiers’ phones by posing as attractive women on social media. Israeli Defence Force (IDF) announced it has thwarted an attempt by the Hamas militant…

Read more →

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. During…

Read more →

The US administration requested $9.8 billion for cyber in next year’s budget for the Department of Defense, the amount is the same as last year. The US administration requested $9.8 billion for cyber operations in next year’s budget for the…

Read more →

Organizers of Black Hat Asia and DEF CON China security conferences announced that they put the events on hold due to the Coronavirus outbreak. Bad news for cybersecurity passionates and experts, organizers of Black Hat Asia and DEF CON China…

Read more →

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Maastricht University finally paid a 30 bitcoin ransom to crooks Massive DDoS attack brought down 25% Iranian Internet connectivity The number of cyber…

Read more →

IOTA Foundation behind the IOTA cryptocurrency was forced to shut down its entire network following a cyber attack that resulted in the theft of funds. Hackers have exploited a vulnerability in the official IOTA wallet to steal funds from the…

Read more →

Photos and personal information belonging to patients of the NextMotion plastic surgery tech firm have been exposed online through an unsecured S3 bucket. Hundreds of thousands of documents containing photos and personal information belonging to patients of the plastic surgery…

Read more →

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major…

Read more →

Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state…

Read more →

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new…

Read more →

A Russian court fined Twitter and Facebook 4 million rubles each for refusing to store the personal data of Russian citizens on local servers. At the end of January, Russia’s telecommunications watchdog Roskomnadzor instituted administrative proceedings against Facebook and Twitter after they refused…

Read more →

Nedbank bank announced on Thursday that a security breach at a third-party supplier has compromised the details of as many as 1.7 million of its clients. Nedbank bank disclosed on Thursday a security breach at a third-party supplier that has compromised…

Read more →

US store chain Rutter disclosed a security breach, 71 locations were infected with a point-of-sale (POS) malware used to steal customers’ credit card information. The Rutter’s, a U.S. convenience store, fast food restaurant, and gas station chain owner, has disclosed…

Read more →

An American was charged with money laundering while operating the dark web Helix Bitcoin mixer service between 2014 and 2017. Larry Dean Harmon (36), from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin while he…

Read more →

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for…

Read more →

Security experts uncovered a new cyberespionage campaign conducted by one of the Gaza Cybergang groups (aka MoleRATs) targeting the Middle East. Experts from the Cybereason Nocturnus team have uncovered a cyber espionage campaign allegedly carried out by one of the…

Read more →

Huawei can secretly tap into communications through the networking equipment, states a U.S. official, while White House urge allies to ban the Chinese giant. This week The Wall Street Journal reported that U.S. officials say Huawei can covertly access telecom…

Read more →

Google Play Protect now scans over 100 billion applications on Android devices every day, these amazing figures were disclosed by Google. In May 2017, Google introduced a security defense system called Google Play Protect to protect the devices running its mobile OS.…

Read more →

Developers of the popular WordPress GDPR Cookie Consent plugin have addressed a critical bug that could potentially impact 700K users. Critical vulnerabilities in the WordPress GDPR Cookie Consent plugin could be exploited by potential attackers to delete and change the content of…

Read more →

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet.…

Read more →

Siemens issued Patch Tuesday updates for February 2020 that fixed serious denial-of-service (DoS) flaws in several of its products. Siemens released Patch Tuesday updates for February 2020 that address serious denial-of-service (DoS) flaws in several of its products. According to…

Read more →

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report, a document that outlines cybercrime trends over the past year. Here we are to analyze the annual  FBI 2019 Internet Crime Complaint Center (IC3), one of the…

Read more →

Swiss authorities are investigating into allegations the company Crypto AG, a Switzerland-based maker of encryption devices, was a front company for the CIA and German intelligence. According to a joint report published by Germany’s ZDF public broadcaster and The Washington Post…

Read more →

Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild. Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet…

Read more →

A security expert discovered that the Cosmetic firm Estée Lauder exposed 440 million records online in a database that was left unsecured. The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée Lauder that contained…

Read more →

Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in five products, dozens of them rated as critical severity. Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in Framemaker, Acrobat and Reader, Flash Player, Digital Editions and…

Read more →

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the…

Read more →

Dell addresses a flaw in the Dell SupportAssist Client software that could allow local attackers to execute arbitrary code with Administrator privileges. Dell released a security update to address a vulnerability, tracked as CVE-2020-5316, in its SupportAssist Client software. The flaw could be…

Read more →

Dear readers, I decided to create a simple Infographic that shows Cybercrime facts in 2019, I’ve done it for Safer Internet Day 2020. Enjoy it! Pierluigi Paganini (SecurityAffairs – cybercrime, hacking) The post Safer internet day – Cybercrime facts Infographic appeared first…

Read more →

Unauthorized use of customer information by Woori Bank, ‘crime act’ for customers. The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the passwords of 23,000 customer dormant accounts without consent in July 2018.…

Read more →

The Italy-based cryptocurrency exchange Altsbit announced that it has suffered a security breach that led to the theft of its customer’s funds. Crypto-currency exchange Altsbit recently disclosed a security breach, the company claimed that hackers have stolen almost all its…

Read more →

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The United States Department of Justice officially charged 4 members of the China’s PLA’s 54th Research Institute, a division of the Chinese…

Read more →

A misconfiguration in the Elector election day app developed by Likud, the Netanyahu’s party might have exposed data on over 6.5 million Israelis. A misconfiguration in an election day app developed by the Netanyahu’s party Likud, might have exposed personal…

Read more →

A glitch in the TastSelv Borger tax service has sent over one million Danish CPR numbers to the US companies Google and Adobe. The Danish Agency for Development and Simplification has discovered the data leak that involved the TastSelv Borger…

Read more →

The journalist Livio Varriale sheds the light on a story about pedophilia that starts from afar and still today finds its roots in the darker side of the internet. Today, I’m going to tell you a horrible story that dwells…

Read more →

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. Malaysia’s Computer Emergency Response Team (MyCERT) warns of a cyber espionage campaign carried out by the…

Read more →

The president of the European Central Bank (ECB), Christine Lagarde, is warning that a cyber-attack on a major financial institution could trigger a liquidity crisis. The president of the European Central Bank (ECB), Christine Lagarde, has warned that a coordinated…

Read more →

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet,…

Read more →

Saudi Aramco, the Saudi Arabian national petroleum and natural gas company, revealed that it has seen an increase in attempted cyber attacks since the Q4 2019. The energy industry is under attack, Saudi Aramco announced it has seen an increase…

Read more →

In December, Maastricht University was hit with ransomware attack, now the university admitted to have paid the ransom requested by crooks. In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. Maastricht University…

Read more →

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Microsoft announces the launch of a bug bounty program for Xbox Microsoft warns TA505 changed tactic in an ongoing malware campaign Russias watchdog…

Read more →

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece…

Read more →

The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group OurMine Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and…

Read more →

Group-IB experts detected a database containing over 460,000 payment card records uploaded to Joker’s Stash cardshops, most of records were from the Indian banks. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected a database containing over…

Read more →

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling…

Read more →

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. Just last week, Japan’s…

Read more →

Iran-linked APT group Charming Kitten has been targeting journalists, political and human rights activists in a new campaign. Researchers from Certfa Lab reports have spotted a new cyber espionage campaign carried out by Iran-linked APT group Charming Kitten that has…

Read more →

Google addressed a critical vulnerability in its Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. Google has addressed a critical flaw in Android OS that affects the Bluetooth subsystem and could be exploited without…

Read more →

A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the…

Read more →

Check Point experts discovered a high-severity flaw in Philips Hue Smart Light Bulbs that can be exploited to gain entry into a targeted WiFi network. Security experts from Check Point discovered a high-severity flaw (CVE-2020-6007) in Philips Hue Smart Light Bulbs that can be…

Read more →

Microsoft published an interesting report that investigates web shell attacks, the IT giant says it detects 77,000 active web shells daily. According to a report published by Microsoft, the company detects an average of 77,000 active web shells, spreading across…

Read more →

Researcher published details about a backdoor mechanism he found in HiSilicon chips, but he did not report it to the vendor due to the lack of trust in it. The Russian security expert Vladislav Yarmak has published technical details about…

Read more →

File hosting service company Dropbox paid out $1 million for vulnerabilities reported by researchers through its bug bounty program. Since the launch of its bug bounty program in 2014, the file-hosting company Dropbox has paid out $1 million to date…

Read more →

Threat actors are abusing the Bitbucket code hosting service to host seven types of malware that has already claimed more than 500,000 business computers. Cybereason researchers reported that attackers are abusing the Bitbucket code hosting service to store seven types…

Read more →

Google has accidentally shared private videos of some users that were stored on its servers with other, the tech giant notified impacted users. Google admitted a new privacy incident, it has accidentally shared private videos saved on its servers with…

Read more →

Facebook addressed a critical issue in WhatsApp that would have allowed attackers to read files from a user’s local file system, on macOS and Windows. Facebook has addressed a critical vulnerability in WhatsApp, tracked as CVE-2019-18426, that would have allowed…

Read more →

A German artist demonstrated how using a simple trick it is possible to deceive Google Maps and create a virtual traffic jam. The German artist Simon Weckert conducted a simple experiment to demonstrate how to deceive Google Maps and create a…

Read more →

The city of Racine joins to the long string of US municipalities that were hit with ransomware attack, it was forced offline following the infection. The city of Racine, Wisconsin, was hit with a ransomware, the incident took place on…

Read more →

The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services. The Australian transportation and logistics giant Toll Group was victim of a ransomware attack, in response to…

Read more →

Twitter discloses a security incident involving third-parties that exploited its official API to match phone numbers with Twitter usernames. On December 24, 2019 the company discovered that its API were exploited by a large network of fake accounts to match Twitter usernames…

Read more →

Last week NCA arrested six individuals in the United Kingdom because they are suspected to be involved in a Malta cyber-heist and money laundering operation. Britain’s National Crime Agency (NCA) arrested six individuals in the United Kingdom because they are…

Read more →

Apple researcher discovered an important vulnerability (CVE-2019-18634) in ‘sudo’ utility that allows non-privileged Linux and macOS users to run commands as Root. Security expert Joe Vennix from Apple has discovered an important vulnerability in ‘sudo‘ utility, tracked as CVE-2019-18634, that…

Read more →

Cybercriminals are planting so-called “sleepers” in cleaning companies so that they can physically access IT infrastructure and hack them. The alert was launched by a senior police officer, cyber criminals are planting so-called “sleepers” in cleaning companies so that they…

Read more →

TVEyes was brought down after its core server and engineering workstations were infected with a ransomware attack, company CEO confirmed. TVEyes is a company that manages a popular platform for monitoring TV and radio news broadcasts, it is used worldwide by…

Read more →

Hackers have already compromised more than 2,300 Linear eMerge E3 building access systems exploiting a severe vulnerability that has yet to be fixed. Linear eMerge E3 smart building access systems designed by Nortek Security & Control (NSC) are affected by…

Read more →

The Apollon market, one of the largest marketplaces, is likely exit scamming after the administrators have locked vendors’ accounts. The Apollon market, one of the darknet’s largest marketplaces, is likely exit scamming, vendors and customers reported suspicious behavior of its…

Read more →

Russia’s Roskomnadzor watchdog wants to fine Facebook and Twitter after they refused to store data of Russian users on servers located in the country. Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data…

Read more →

The popular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. Roskomnadzor explained that the services…

Read more →

Microsoft announced the launch of an Xbox bug bounty program with rewards of up to $20,000 for critical remote code execution flaws. Microsoft is going to launch an Xbox bug bounty program that will pay rewards of up to $20,000…

Read more →

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Authorities arrest 3 Indonesian hackers behind many Magecart attacks City of Potsdam offline following a cyberattack A new piece of Ryuk Stealer targets…

Read more →

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs Security experts from Microsoft have uncovered an ongoing phishing campaign launched by the TA505 cybercrime gang (aka Evil Corp) that is employing…

Read more →

Security researchers warn of malspam campaigns aimed at spreading malware that exploits media attention on the coronavirus epidemic. Unscrupulous cybercriminal groups are attempting to exploit media attention on the coronavirus to infect systems worldwide. Recently, coronavirus is monopolizing media attention,…

Read more →

Winnti Group has compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. Hackers from the China-linked Winnti group have compromised computer systems at two Hong Kong universities during the Hong Kong…

Read more →

Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016. The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016. The Japanese…

Read more →

The United States appreciated European Union’s new rules on 5G networks, but pressed them to ban China’s Huawei technology. The EU’s executive Commission this week presented a set of rules and technical measures aimed at reducing cybersecurity risks from the…

Read more →

Crooks sometimes damage their mobile devices to destroy evidence, NIST tests forensic methods for getting data from damaged mobile phones Criminals sometimes damage their mobile phones in an attempt to destroy evidence. They might smash, shoot, submerge or cook their…

Read more →

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and…

Read more →

Iran-linked APT34 group has targeted a U.S.-based research company that provides services to businesses and government organizations. Security experts from Intezer observed targeted attacks on a US-based research company that provides services to businesses and government organizations. “Our researchers Paul Litvak…

Read more →