Tag: Security Affairs

Vietnam Post Corporation, a Vietnamese government-owned postal service, exposed security logs and employee email addresses to external cyber threats Vietnam Post Corporation, a Vietnamese government-owned postal service, left its security logs and employee email addresses accessible to outside cyber snoopers,…

Read more →

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. The security breach was discovered…

Read more →

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry…

Read more →

Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product. SAP November 2023 Security Patch Day includes three new and three updated security notes. The most severe “hot news” is an improper access control…

Read more →

The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm. The IPStorm botnet was first uncovered in May 2019 while targeting Windows systems, not experts from Intezer reported that the bot evolved to infect…

Read more →

Mexican online casino Strendus has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling. Strendus, one of the biggest online casinos in Mexico has exposed sensitive user data, including home addresses and the…

Read more →

VMware disclosed a critical bypass vulnerability in VMware Cloud Director Appliance that can be exploited to bypass login restrictions when authenticating on certain ports. VMware disclosed an authentication bypass vulnerability, tracked as CVE-2023-34060 (CVSS score 9.8), in its Cloud Director Appliance…

Read more →

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild. Microsoft Patch Tuesday security updates for November 2023 addressed 63 new vulnerabilities in Microsoft Windows and Windows Components; Exchange Server; Office and Office Components; ASP.NET…

Read more →

Danish critical infrastructure was hit by the largest cyber attack on record that hit the country, according to Denmark’s SektorCERT. In May, Danish critical infrastructure faced the biggest cyber attack on record that hit the country, reported SektorCERT, Denmark’s Computer…

Read more →

A cyber attack on the logistics giant DP World caused significant disruptions in the operations of several major Australian ports. A cyberattack hit the international logistics firm DP World Australia and disrupted the operations in major Australian ports. DP World is…

Read more →

Experts warn of an alarming rise in ransomware operations targeting the energy sector, including nuclear facilities and related research entities. Resecurity, Inc. (USA) protecting major Fortune 100 and government agencies globally has identified an alarming rise in ransomware operators targeting…

Read more →

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog, five issues impacting Juniper…

Read more →

The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors.  In 2022, Boeing recorded $66.61 billion…

Read more →

North Korea-linked APT group Sapphire Sleet set up bogus skills assessment portals in attacks aimed at IT job seekers. The North Korea-linked APT group Sapphire Sleet (aka APT38, BlueNoroff, CageyChameleon, and CryptoCore) is considered a sub-group of the popular Lazarus…

Read more →

The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it was experiencing a computer network incident that prevented the hospital from accessing some…

Read more →

The State of Maine disclosed a data breach that impacted about 1.3 million people after an attack hit its MOVEit file transfer install. The State of Maine was the victim of the large-scale hacking campaign that targeted organizations using the MOVEit file transfer…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Police…

Read more →

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. A joint international operation conducted by the Malaysian police, the FBI, and the Australian…

Read more →

The Serbian citizen Milomir Desnica (33) has pleaded guilty to running the dark web Monopoly drug marketplace. Milomir Desnica, a 33-year-old Serbian citizen, admited to being responsible for operating the illicit Monopoly drug marketplace on the dark web. The man…

Read more →

McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 million individuals. McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive…

Read more →