Tag: Security Affairs

Cisco addressed a critical Unity Connection security flaw that can be exploited by an unauthenticated attacker to get root privileges. Cisco has addressed a critical flaw, tracked as CVE-2024-20272, in its Unity Connection that can be exploited by a remote,…

Read more →

A U.S. District Court sentenced ShinyHunters hacker Sebastien Raoult to three years in prison and ordered him to pay more than $5 million in restitution. The member of the ShinyHunters hacker group Sebastien Raoult was sentenced in U.S. District Court…

Read more →

The Healthcare services provider HMG Healthcare has disclosed a data breach that impacted 40 affiliated nursing facilities. In November 2023, the Healthcare services provider HMG Healthcare discovered a data breach that exposed personal health information related to residents and employees…

Read more →

Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Securities and Exchange Commission (SEC)…

Read more →

The private data of hundreds of millions of Brazilian individuals were publicly accessible to threat actors, putting individuals at risk. Cybernews research revealed a publicly accessible Elasticsearch instance, which contained a staggering amount of private data belonging to Brazilian individuals.…

Read more →

Researchers and the Dutch Police released a decryptor for the Tortilla variant of the Babuk ransomware after the arrest of its operator. Cisco Talos researchers obtained a decryptor for the Babuk Tortilla ransomware variant. The experts were able to extract and…

Read more →

Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. Microsoft Patch Tuesday security updates for January 2024 fixed 49 flaws in Microsoft Windows and Windows Components; Office and Office Components; Azure;…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Superset vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Superset flaw, tracked as CVE-2023-27524, to its Known Exploited Vulnerabilities (KEV) catalog. Apache Superset is an…

Read more →

The LockBit ransomware gang claimed responsibility for the cyber attack on the Capital Health hospital network. The LockBit ransomware operation has claimed responsibility for the cyberattack that hit the Capital Health hospital network in November 2023. Capital Health Regional Medical…

Read more →

A hacker group that calls itself Anonymous Arabic is distributing a stealthy remote access trojan called Silver RAT. Cyfirma researchers observed threat actors called ‘Anonymous Arabic’ distributing a C# remote access trojan called Silver RAT. The malware supports multiple capabilities, including bypassing…

Read more →

Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web after the US security…

Read more →

Saudi Ministry of Industry and Mineral Resources (MIM) had an environment file exposed, opening up sensitive details for anybody willing to take them. The Cybernews research team believes that the sensitive data was accessible for 15 months. An environment (env.)…

Read more →

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. The U.S. DoJ charged 19 individuals worldwide for their role in the operations of the now-defunct xDedic Marketplace. In January 2019, law enforcement agencies in the US…

Read more →

A new variant of the Bandook remote access trojan (RAT) was spotted in attacks aimed at Windows machines. Reseachers from Fortinet observed a new variant of a remote access trojan dubbed Bandook that has been used in phishing attacks against Windows users.…

Read more →

A cyber attack hit the Beirut International Airport, Rafic Hariri (Lebanon), threat actors breached the Flight Information Display System (FIDS). Threat actors hit the Beirut International Airport Rafic Hariri in Lebanon and breached the Flight Information Display System (FIDS). Rafic…

Read more →

Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users, as revealed by Cybernews research. Due to its limited access to foreign financial markets, Iran has embraced cryptocurrency significantly. Last year, Iranian crypto exchanges facilitated transactions totaling nearly $3…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts…

Read more →

Sea Turtle cyber espionage group targeted telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic…

Read more →

Researchers discovered a macOS backdoor, called SpectralBlur, which shows similarities with a North Korean APT’s malware family. Security researcher Greg Lesnewich discovered a backdoor, called SpectralBlur, that targets Apple macOS. The backdoor shows similarities with the malware family KANDYKORN (aka SockRacket), which was…

Read more →

Merck has resolved a dispute with insurers regarding a $1.4 billion claim arising from the NotPetya malware incident. Merck and its insurers have agreed with a $1.4 billion claim arising from the large-scale NotPetya cyberattack. Merck & Co., Inc., known…

Read more →