Category: Security Affairs

Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol’s ‘Operation Endgame‘ that disrupted its operations in May. The Bumblebee malware loader has resurfaced in new attacks, four months after Europol disrupted it during “Operation Endgame”…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog.…

Read more →

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server…

Read more →

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker claimed to have…

Read more →

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users receiving warnings about stolen GitLab tokens due to improper token rotation after repeated…

Read more →

Hackers exploited a now-patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software. Researchers from Positive Technologies warn that unknown threat actors have attempted to exploit a now-patched vulnerability, tracked as CVE-2024-37383 (CVSS score: 6.1),…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Expanding the…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds…

Read more →

Technology firm F5 patches a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity flaw in BIG-IQ. F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) to its Known…

Read more →

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt, Reaper, ScarCruft, Group123), exploited a recent Internet Explorer zero-day vulnerability, tracked as…

Read more →

Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to communities in California, focusing on underserved populations. They offer a range of…

Read more →

U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S., Australia, and Canada, warn about a year-long campaign carried out by Iran-linked threat actors…

Read more →

Microsoft disclosed a flaw in the macOS Apple’s Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulnerability, tracked as CVE-2024-44133 and code-named ‘HM Surf’, in Apple’s Transparency,…

Read more →

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27) with operating and controlling the cybercrime…

Read more →

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) targeting Ukrainian government agencies and Polish entities in…

Read more →

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), could allow attackers to gain root access if exploited under specific…

Read more →

VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application…

Read more →

Brazil’s Polícia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil’s Polícia Federal (PF) announced the arrest in Belo Horizonte/MG of the notorious hacker USDoD. In August, a CrowdStrike investigation revealed that the…

Read more →

Finnish Customs shut down the Tor darknet marketplace Sipulitie and seized the servers hosting the platform. Finnish Customs, with the help of Europol, Swedish and Polish law enforcement authorities and researchers at Bitdefender, shut down the Tor marketplace Sipulitie. “Finnish…

Read more →