Category: Security Affairs

An international law enforcement operation, called Operation Endgame targeted multiple botnets and their operators. Between 27 and 29 May 2024, an international law enforcement operation coordinated by Europol, codenamed Operation Endgame, targeted malware droppers like IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee,…

Read more →

An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcement operation that dismantled the 911 S5 proxy botnet.…

Read more →

Identity and access management firm Okta warns of credential stuffing attacks targeting the Customer Identity Cloud (CIC) feature. Okta warns of credential stuffing attacks targeting its Customer Identity Cloud (CIC) feature since April. A credential stuffing attack is a type of cyber…

Read more →

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively being exploited in attacks…

Read more →

The cybercrime forum BreachForums has been resurrected two weeks after a law enforcement operation that seized its infrastructure. The cybercrime forum BreachForums is online again, recently a US law enforcement operation seized its infrastructure and took down the platform. The platform…

Read more →

Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm. Dutch bank ABN Amro disclosed a data breach after third-party services provider AddComm suffered a ransomware attack. AddComm distributes documents and tokens physically…

Read more →

Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred this month. Auction house Christie’s disclosed a data breach after the ransomware group RansomHub threatened to leak stolen data. The security breach occurred earlier this month. The website…

Read more →

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Security researchers at Horizon3’s Attack Team released a proof-of-concept (PoC) exploit for a remote code execution issue, tracked as CVE-2024-23108, in Fortinet’s SIEM solution.…

Read more →

Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress plugin to install malicious code in WooCommerce e-stores and harvest…

Read more →

Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router. Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-5035 (CVSS score 10.0), in TP-Link Archer C5400X gaming router. A remote, unauthenticated,…

Read more →

Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2023 cyberattack. The company is notifying 2,812,336 individuals impacted by the security…

Read more →

Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. Which is the impact? The almost overnight shift to remote work, driven by the COVID-19 pandemic, has profoundly impacted how businesses use technology.…

Read more →

Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to be able of compromised 99% of…

Read more →

Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software.  Cisco addressed a vulnerability, tracked as CVE-2024-20360 (CVSS score 8.8), in the web-based management interface of the Firepower Management Center (FMC) Software. …

Read more →

The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006. UAC-0006 has…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fake…

Read more →

Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for the Justice AV Solutions JAVS Viewer software. The attackers were…

Read more →

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advanced Research Center team spotted multiple fake AV sites used to distribute info-stealers. The malicious…

Read more →

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack. In April 2024, MITRE disclosed a security…

Read more →

GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835, that allows attackers to take over user accounts. An attacker can exploit this issue by using…

Read more →