Tag: Security Affairs

Experts spotted a previously undetected backdoor, dubbed Msupedge, that was employed in an attack against a university in Taiwan.  Broadcom Symantec researchers discovered a previously undetected backdoor, called Msupedge, that was employed in an attack targeting an unnamed university in…

Read more →

Researchers discovered thousands of Oracle NetSuite e-stores that are vulnerable to data leak, sensitive customer information is at risk. Cybersecurity researchers from AppOmni warn of a potential issue in Oracle NetSuite SuiteCommerce platform could allow attackers to access customer sensitive…

Read more →

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability, tracked as…

Read more →

Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potentially linked to the cybercrime group FIN7. The team collaborated with the cybersecurity experts…

Read more →

Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit attempt based on the public proof of concept (PoC) for the Ivanti vTM…

Read more →

Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), which has been exploited by the North Korea-linked Lazarus APT group. The vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8),…

Read more →

New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a new ransomware group called Mad Liberator is exploiting the remote-access application…

Read more →

Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using ‘MasterPrints, ‘which are fingerprints that can match multiple other prints. A team of researchers from US universities demonstrated how to deceive fingerprint recognition systems through dictionary attacks using…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Large-scale extortion campaign…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Deciphering the Brain Cipher Ransomware   Ideal typosquat ‘solana-py’ steals your crypto wallet keys   Ransomware attackers introduce new EDR killer to their…

Read more →

A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extortion campaign that successfully compromised and extorted multiple victim organizations by leveraging exposed environment variable files (.env files).…

Read more →

OpenAI announced it had dismantled an Iranian influence operation that was producing content related to the U.S. Presidential election. OpenAI has dismantled an Iran-linked influence operation, tracked as identified as Storm-2035, that was generating content about the U.S. presidential election. The…

Read more →

Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information.  Background check service National Public Data confirms that a threat actor has breached its systems and had access to…

Read more →

FortiGuard Labs researchers uncovered an ongoing ValleyRAT malware campaign that is targeting Chinese-speaking users. ValleyRAT is a multi-stage malware that supports multiple techniques to monitor and control compromised devices. The malicious code is also used to deploy arbitrary plugins on…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SolarWinds Web Help Desk bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk deserialization of untrusted data vulnerability, tracked as CVE-2024-28986 (CVSS…

Read more →

A Russian national was sentenced to over three years in prison for selling stolen information and credentials on a dark web marketplace. The 27-year-old Russian national Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over…

Read more →

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware…

Read more →

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise…

Read more →

Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in…

Read more →