DATE |
NAME |
CATEGORY |
WEB |
|
31.7.23 |
New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods |
Virus |
The Hacker News |
|
31.7.23 |
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor |
Virus |
The Hacker News |
|
31.7.23 |
Experts link AVRecon bot to the malware proxy service SocksEscort |
BotNet |
Securityaffairs |
|
31.7.23 |
Three flaws in Ninja Forms plugin for WordPress impact 900K sites |
Vulnerebility |
Securityaffairs |
|
31.7.23 |
Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489 |
Vulnerebility |
Securityaffairs |
|
31.7.23 |
In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues |
Exploit |
Securityaffairs |
|
31.7.23 |
New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild |
Vulnerebility |
Securityaffairs |
|
31.7.23 |
Microsoft fixes WSUS servers not pushing Windows 11 22H2 updates |
OS |
BleepingComputer |
|
31.7.23 |
Google: Android patch gap makes n-days as dangerous as zero-days |
Android |
BleepingComputer |
|
31.7.23 |
Microsoft Edge is getting a 'darker' dark mode theme |
OS |
BleepingComputer |
|
31.7.23 |
Israel's largest oil refinery website offline after DDoS attack |
BigBrothers |
BleepingComputer |
|
31.7.23 |
AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service |
BotNet |
The Hacker News |
|
31.7.23 |
Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT |
Virus |
The Hacker News |
|
31.7.23 |
Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable |
Vulnerebility |
The Hacker News |
|
30.7.23 |
CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacks |
Virus |
Securityaffairs |
|
30.7.23 |
Now Abyss Locker also targets VMware ESXi servers |
Vulnerebility |
Securityaffairs |
|
30.7.23 |
Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor |
APT |
Securityaffairs |
|
30.7.23 |
CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency |
APT |
Securityaffairs |
|
30.7.23 |
Monitor Insider Threats but Build Trust First |
Security |
Securityaffairs |
|
30.7.23 |
Anomaly detection in certificate-based TGT requests |
Security |
Securelist |
|
30.7.23 |
Linux version of Abyss Locker ransomware targets VMware ESXi servers |
Ransom |
BleepingComputer |
|
30.7.23 |
Browser developers push back on Google's “web DRM” WEI API |
Security |
BleepingComputer |
|
30.7.23 |
Apple rejects new name 'X' for Twitter iOS app because... rules |
Apple |
BleepingComputer |
|
30.7.23 |
CISA: New Submarine malware found on hacked Barracuda ESG appliances |
Virus |
BleepingComputer |
|
30.7.23 |
Apple says new App Store API rules will limit user fingerprinting |
Apple |
BleepingComputer |
|
30.7.23 |
The Week in Ransomware - July 28th 2023 - New extortion tactics |
Ransom |
BleepingComputer |
|
30.7.23 |
Ivanti patches new zero-day exploited in Norwegian govt attacks |
Vulnerebility |
BleepingComputer |
|
30.7.23 |
Twitter's rebranding to 'X' triggers Microsoft Edge security alert |
Social |
BleepingComputer |
|
30.7.23 |
CISA warns of breach risks from IDOR web app vulnerabilities |
BigBrothers |
BleepingComputer |
|
30.7.23 |
New Android malware uses OCR to steal credentials from images |
Android |
BleepingComputer |
|
30.7.23 |
Hawai'i Community College pays ransomware gang to prevent data leak |
Ransom |
BleepingComputer |
|
29.7.23 |
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data |
Android |
The Hacker News |
|
29.7.23 |
Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse |
Apple |
The Hacker News |
|
29.7.23 |
Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks |
Virus |
The Hacker News |
|
29.7.23 |
Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack |
Vulnerebility |
The Hacker News |
|
29.7.23 |
IcedID Malware Adapts and Expands Threat with Updated BackConnect Module |
Virus |
The Hacker News |
|
28.7.23 |
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures |
BigBrothers |
The Hacker News |
|
28.7.23 |
A Data Exfiltration Attack Scenario: The Porsche Experience |
Incindent |
The Hacker News |
|
28.7.23 |
Hackers Abusing Windows Search Feature to Install Remote Access Trojans |
Virus |
The Hacker News |
|
28.7.23 |
BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities |
Virus |
The Hacker News |
|
28.7.23 |
Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
DepositFiles exposed config file, jeopardizing user security |
Security |
Securityaffairs |
|
28.7.23 |
Group-IB CEO Ilya Sachkov sentenced to 14 years in a strict prison colony |
Crime |
Securityaffairs |
|
28.7.23 |
Two flaws in Linux Ubuntu affect 40% of Ubuntu users |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
Two ambulance services in UK lost access to patient records after a cyber attack on software provider |
Attack |
Securityaffairs |
|
28.7.23 |
FraudGPT, a new malicious generative AI tool appears in the threat landscape |
AI |
Securityaffairs |
|
28.7.23 |
CISA adds Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
Over 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flaw |
Vulnerebility |
Securityaffairs |
|
28.7.23 |
CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto |
Cryptocurrency |
BleepingComputer |
|
28.7.23 |
BreachForums database and private chats for sale in hacker data breach |
Incindent |
BleepingComputer |
|
28.7.23 |
Zimbra patches zero-day vulnerability exploited in XSS attacks |
Vulnerebility |
BleepingComputer |
|
28.7.23 |
SSNDOB cybercrime market admin faces 15 years after pleading guilty |
CyberCrime |
BleepingComputer |
|
28.7.23 |
WordPress Ninja Forms plugin flaw lets hackers steal submitted data |
Vulnerebility |
BleepingComputer |
|
28.7.23 |
8 million people hit by data breach at US govt contractor Maximus |
Incindent |
BleepingComputer |
|
28.7.23 |
Swiss visa appointments cancelled in UK due to 'IT incident' |
Incindent |
BleepingComputer |
|
28.7.23 |
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required |
Vulnerebility |
The Hacker News |
|
28.7.23 |
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches |
Exploit |
The Hacker News |
|
27.7.23 |
GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users |
Vulnerebility |
The Hacker News |
|
27.7.23 |
New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads |
Virus |
The Hacker News |
|
27.7.23 |
Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining |
Cryptocurrency |
The Hacker News |
|
27.7.23 |
APT trends report Q2 2023 |
APT |
Securelist |
|
27.7.23 |
Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason |
Crime |
The Hacker News |
|
27.7.23 |
New SEC Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days |
Attack |
The Hacker News |
|
27.7.23 |
Microsoft previews Defender for IoT firmware analysis service |
IoT |
BleepingComputer |
|
27.7.23 |
Lazarus hackers linked to $60 million Alphapo cryptocurrency heist |
Cryptocurrency |
BleepingComputer |
|
27.7.23 |
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
SEC now requires companies to disclose cyberattacks in 4 days |
Attack |
BleepingComputer |
|
27.7.23 |
Windows 11 KB5028254 update fixes VPN performance issues, 27 bugs |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
Windows 10 KB5028244 update released with 19 fixes, improved security |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
NATO investigates alleged data theft by SiegedSec hackers |
BigBrothers |
BleepingComputer |
|
27.7.23 |
New Nitrogen malware pushed via Google Ads for ransomware attacks |
Ransom |
BleepingComputer |
|
27.7.23 |
Microsoft fixes bug that broke video recording in Windows apps |
Vulnerebility |
BleepingComputer |
|
27.7.23 |
ALPHV ransomware adds data leak API in new extortion strategy |
Ransom |
BleepingComputer |
|
26.7.23 |
Decoy Dog: New Breed of Malware Posing Serious Threats to Enterprise Networks |
Virus |
The Hacker News |
|
26.7.23 |
Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users |
CyberCrime |
The Hacker News |
|
26.7.23 |
New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks |
AI |
The Hacker News |
|
26.7.23 |
Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets |
Apple |
The Hacker News |
|
26.7.23 |
Atlassian addressed 3 flaws in Confluence and Bamboo products |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
VMware addressed an information disclosure flaw in VMware Tanzu Application Service for VMs and Isolation Segment |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
Apple addressed a new actively exploited zero-day tracked as CVE-2023-38606 |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
Twelve Norwegian ministries were hacked using a zero-day vulnerability |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
A flaw in OpenSSH forwarded ssh-agent allows remote code execution |
Vulnerebility |
Securityaffairs |
|
26.7.23 |
Super Admin elevation bug puts 900,000 MikroTik devices at risk |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Google Chrome to offer 'Link Previews' when hovering over links |
Security |
BleepingComputer |
|
26.7.23 |
CISA warns govt agencies to patch Ivanti bug exploited in attacks |
BigBrothers |
BleepingComputer |
|
26.7.23 |
New Realst macOS malware steals your cryptocurrency wallets |
Apple |
BleepingComputer |
|
26.7.23 |
Microsoft shares temp fix for Outlook Desktop slow saving bug |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
VMware fixes bug exposing CF API admin credentials in audit logs |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Over 400,000 corporate credentials stolen by info-stealing malware |
Incindent |
BleepingComputer |
|
26.7.23 |
Norway says Ivanti zero-day was used to hack govt IT systems |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Microsoft Sharepoint outage caused by use of wrong TLS certificate |
Security |
BleepingComputer |
|
26.7.23 |
Zenbleed attack leaks sensitive data from AMD Zen2 processors |
Attack |
BleepingComputer |
|
26.7.23 |
Lazarus hackers hijack Microsoft IIS servers to spread malware |
Virus |
BleepingComputer |
|
26.7.23 |
Ivanti patches MobileIron zero-day bug exploited in attacks |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Apple fixes new zero-day used in attacks against iPhones, Macs |
Apple |
BleepingComputer |
|
26.7.23 |
Flipper Zero now has an app store to install third-party apps |
Apple |
BleepingComputer |
|
26.7.23 |
JumpCloud hack linked to North Korea after OPSEC mistake |
BigBrothers |
BleepingComputer |
|
26.7.23 |
Microsoft shares fix for some Outlook hyperlinks not opening |
Vulnerebility |
BleepingComputer |
|
26.7.23 |
Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking |
Vulnerebility |
The Hacker News |
|
25.7.23 |
North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder |
BigBrothers |
The Hacker News |
|
25.7.23 |
Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique |
Virus |
The Hacker News |
|
25.7.23 |
macOS Under Attack: Examining the Growing Threat and User Perspectives |
Apple |
The Hacker News |
|
25.7.23 |
TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation |
Vulnerebility |
The Hacker News |
|
25.7.23 |
Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs |
Apple |
The Hacker News |
24.7.23 |
Experts warn of OSS supply chain attacks against the banking sector |
Attack |
Securityaffairs |
24.7.23 |
Apple could opt to stop iMessage and FaceTime services due to the government’s surveillance demands |
BigBrothers |
Securityaffairs |
24.7.23 |
Shadowserver reported that +15K Citrix servers are likely vulnerable to attacks exploiting the flaw CVE-2023-3519 |
Vulnerebility |
Securityaffairs |
24.7.23 |
Norwegian government IT systems hacked using zero-day flaw |
Vulnerebility |
BleepingComputer |
24.7.23 |
Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks |
Vulnerebility |
The Hacker News |
24.7.23 |
Google Messages Getting Cross-Platform End-to-End Encryption with MLS Protocol |
Safety |
The Hacker News |
24.7.23 |
Uncovering drIBAN fraud operations. Chapter 3: Exploring the drIBAN web inject kit |
Hacking blog |
Cleafy |
24.7.23 |
Uncovering drIBAN fraud operations. Chapter 2: From sLoad to Ramnit |
Hacking blog |
Cleafy |
24.7.23 |
Uncovering drIBAN fraud operations. Chapter 1: Introduction and Malspam |
Hacking blog |
Cleafy |
24.7.23 |
How to Protect Patients and Their Privacy in Your SaaS Apps |
Security |
The Hacker News |
24.7.23 |
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection |
Vulnerebility |
The Hacker News |
24.7.23 |
Banking Sector Targeted in Open-Source Software Supply Chain Attacks |
Attack |
The Hacker News |
24.7.23 |
Windows 11 23H2 update coming this fall, here's what's new |
OS |
BleepingComputer |
24.7.23 |
Clop now leaks data stolen in MOVEit attacks on clearweb sites |
Ransom |
BleepingComputer |
24.7.23 |
Microsoft enhances Windows 11 Phishing Protection with new features |
OS |
BleepingComputer |
24.7.23 |
CISA warns govt agencies to patch Adobe ColdFusion servers |
BigBrothers |
BleepingComputer |
23.7.23 |
Multiple DDoS botnets were observed targeting Zyxel devices |
Attack |
Securityaffairs |
23.7.23 |
Microsoft force-migrating Windows Mail & Calendar apps to Outlook app in August |
OS |
BleepingComputer |
23.7.23 |
Windows 11 23H2 to give you greater control over power consumption |
OS |
BleepingComputer |
23.7.23 |
Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks |
Exploit |
BleepingComputer |
22.7.23 |
CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices |
BigBrothers |
Securityaffairs |
22.7.23 |
Stolen Azure AD key offered widespread access to Microsoft cloud services |
Hack |
BleepingComputer |
22.7.23 |
The Week in Ransomware - July 21st 2023 - Avaddon Back as NoEscape |
Ransom |
BleepingComputer |
22.7.23 |
Clop gang to earn over $75 million from MOVEit extortion attacks |
Ransom |
BleepingComputer |
22.7.23 |
Netscaler ADC bug exploited to breach US critical infrastructure org |
Exploit |
BleepingComputer |
|
22.7.23 |
Apple Threatens to Pull iMessage and FaceTime from U.K. Amid Surveillance Demands |
Apple |
The Hacker News |
|
22.7.23 |
Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports |
Attack |
The Hacker News |
|
22.7.23 |
HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software |
Virus |
The Hacker News |
|
21.7.23 |
Experts believe North Korea behind JumpCloud supply chain attack |
BigBrothers |
Securityaffairs |
|
21.7.23 |
Nice Suzuki, sport: shame dealer left your data up for grabs |
CyberCrime |
Securityaffairs |
|
21.7.23 |
Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group |
APT |
Securityaffairs |
|
21.7.23 |
ALPHV/BlackCat and Clop gangs claim to have hacked cosmetics giant Estée Lauder |
Ransom |
Securityaffairs |
|
21.7.23 |
P2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systems |
Virus |
Securityaffairs |
|
21.7.23 |
Adobe out-of-band update addresses an actively exploited ColdFusion zero-day |
Vulnerebility |
Securityaffairs |
|
21.7.23 |
CISA: Citrix RCE bug exploited to breach critical infrastructure org |
Vulnerebility |
BleepingComputer |
|
21.7.23 |
VirusTotal apologizes for data leak affecting 5,600 customers |
Incindent |
BleepingComputer |
|
21.7.23 |
GitHub warns of Lazarus hackers targeting devs with malicious projects |
Virus |
BleepingComputer |
|
21.7.23 |
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers |
Vulnerebility |
BleepingComputer |
|
21.7.23 |
Google Chrome gets Windows 11's new design - how to enable it |
OS |
BleepingComputer |
|
21.7.23 |
JumpCloud breach traced back to North Korean state hackers |
Incindent |
BleepingComputer |
|
21.7.23 |
New P2PInfect worm malware targets Linux and Windows Redis servers |
Virus |
BleepingComputer |
|
21.7.23 |
APT41 hackers target Android users with WyrmSpy, DragonEgg spyware |
APT |
BleepingComputer |
|
21.7.23 |
Threat Group Assessment: Mallox Ransomware |
Ransom blog |
Palo Alto |
|
21.7.23 |
P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm |
Malware blog |
Palo Alto |
|
21.7.23 |
BYOS – BUNDLE YOUR OWN STEALER |
Malware blog |
Checkpoint |
|
21.7.23 |
MAJOR SECURITY FLAWS IN POPULAR QUICKBLOX CHAT AND VIDEO FRAMEWORK EXPOSE SENSITIVE DATA OF MILLIONS |
Vulnerebility blog |
Checkpoint |
|
21.7.23 |
CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN |
BigBrother blog |
Checkpoint |
|
21.7.23 |
Malicious campaigns target government, military and civilian entities in Ukraine, Poland |
BigBrother blog |
Cisco Blog |
|
21.7.23 |
The federal government’s cybersecurity policies are falling into place just in time to be stalled again |
BigBrother blog |
Cisco Blog |
|
21.7.23 |
Memory corruption vulnerability in Microsoft Edge; MilesightVPN and router could be taken over |
Vulnerebility blog |
Cisco Blog |
|
21.7.23 |
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation |
OS Blog |
Cisco Blog |
|
21.7.23 |
Why are there so many malware-as-a-service offerings? |
Malware blog |
Cisco Blog |
|
21.7.23 |
Implementing an ISO-compliant threat intelligence program |
Security blog |
Cisco Blog |
|
21.7.23 |
QR codes are relevant again for everyone from diners to threat actors |
Security blog |
Cisco Blog |
|
21.7.23 |
Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild |
Vulnerebility blog |
Cisco Blog |
|
21.7.23 |
Undocumented driver-based browser hijacker RedDriver targets Chinese speakers and internet cafes |
Malware blog |
Cisco Blog |
|
21.7.23 |
What happens if AI is wrong? – Week in security with Tony Anscombe |
Security blog |
Eset |
|
21.7.23 |
8 common work-from-home scams to avoid |
Spam blog |
Eset |
|
21.7.23 |
Child identity theft: how do I keep my kids’ personal data safe? |
Safety blog |
Eset |
|
21.7.23 |
Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour |
Spam blog |
Eset |
|
21.7.23 |
Key findings from ESET Threat Report H1 2023 – Week in security with Tony Anscombe |
Cyber blog |
Eset |
|
21.7.23 |
Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities |
AI |
The Hacker News |
|
21.7.23 |
Local Governments Targeted for Ransomware – How to Prevent Falling Victim |
Ransom |
The Hacker News |
|
21.7.23 |
DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks |
BotNet |
The Hacker News |
|
21.7.23 |
Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action |
Attack |
The Hacker News |
|
21.7.23 |
Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks |
Ransom |
The Hacker News |
|
21.7.23 |
Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks | Vulnerebility |
The Hacker News |
|
21.7.23 |
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities | Vulnerebility |
The Hacker News |
|
21.7.23 |
North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack |
BigBrothers |
The Hacker News |
|
21.7.23 |
Turla's New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector |
Virus |
The Hacker News |
|
20.7.23 |
Ukraine’s cyber police dismantled a massive bot farm spreading propaganda |
Crime |
Securityaffairs |
|
20.7.23 |
US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits |
BigBrothers |
Securityaffairs |
|
20.7.23 |
Estée Lauder beauty giant breached by two ransomware gangs |
Ransom |
BleepingComputer |
|
20.7.23 |
Hands on with GPT-4-powered Bing AI Chat's virtual search |
AI |
BleepingComputer |
|
20.7.23 |
Meta confirms WhatsApp is down worldwide |
Social |
BleepingComputer |
|
20.7.23 |
Adobe emergency patch fixes new ColdFusion zero-day used in attacks | Vulnerebility |
BleepingComputer |
|
20.7.23 |
OpenAI credentials stolen by the thousands for sale on the dark web |
AI |
BleepingComputer |
|
20.7.23 |
Microsoft: Hackers turn Exchange servers into malware control centers |
Virus |
BleepingComputer |
|
20.7.23 |
Microsoft expands access to cloud logging data for free after Exchange hacks |
Incindent |
BleepingComputer |
|
20.7.23 |
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems |
Virus |
The Hacker News |
|
20.7.23 |
Microsoft Expands Cloud Logging to Counter Rising Nation-State Cyber Threats |
Security |
The Hacker News |
|
20.7.23 |
Adobe Rolls Out New Patches for Actively Exploited ColdFusion Vulnerability | Vulnerebility |
The Hacker News |
|
19.7.23 |
Citrix warns of actively exploited zero-day in ADC and Gateway |
Exploit |
Securityaffairs |
|
19.7.23 |
FIA World Endurance Championship driver passports leaked |
Incindent |
Securityaffairs |
|
19.7.23 |
Virustotal data leak exposed data of some registered customers, including intelligence members |
Incindent |
Securityaffairs |
|
19.7.23 |
FIN8 Group spotted delivering the BlackCat Ransomware |
Ransom |
Securityaffairs |
|
19.7.23 |
Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability | Vulnerebility |
Securelist |
|
19.7.23 |
Facebook behavioral ads banned by Norwegian privacy watchdog |
Social |
BleepingComputer |
|
19.7.23 |
Ukraine takes down massive bot farm, seizes 150,000 SIM cards |
BigBrothers |
BleepingComputer |
|
19.7.23 |
US govt bans European spyware vendors Intellexa and Cytrox |
BigBrothers |
BleepingComputer |
|
19.7.23 |
FBI: Tech support scams now use shipping companies to collect cash |
Spam |
The Hacker News |
|
19.7.23 |
Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware |
APT |
The Hacker News |
|
19.7.23 |
Bad.Build Flaw in Google Cloud Build Raises Concerns of Privilege Escalation | Vulnerebility |
The Hacker News |
|
19.7.23 |
U.S. preparing Cyber Trust Mark for more secure smart devices |
BigBrothers |
BleepingComputer |
|
19.7.23 |
Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware |
Ransom |
BleepingComputer |
|
19.7.23 |
New critical Citrix ADC and Gateway flaw exploited as zero-day |
Exploit |
BleepingComputer |
|
19.7.23 |
Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway |
Exploit |
The Hacker News |
|
18.7.23 |
Hacking campaign targets sites using WordPress WooCommerce Payments Plugin |
Hacking |
Securityaffairs |
|
18.7.23 |
JumpCloud revealed it was hit by a sophisticated attack by a nation-state actor |
Attack |
Securityaffairs |
|
18.7.23 |
Adobe warns customers of a critical ColdFusion RCE exploited in attacks |
Exploit |
Securityaffairs |
|
18.7.23 |
Admins of Genesis Market marketplace sold their infrastructure on a hacker forum |
Incindent |
Securityaffairs |
|
18.7.23 |
FIN8 deploys ALPHV ransomware using Sardonic malware variant |
Ransom |
BleepingComputer |
|
18.7.23 |
Google Cloud Build bug lets hackers launch supply chain attacks |
Attack |
BleepingComputer |
|
18.7.23 |
Microsoft Exchange Online hit by new outage blocking emails |
OS |
BleepingComputer |
|
18.7.23 |
CISA orders govt agencies to mitigate Windows and Office zero-days |
BigBrothers |
BleepingComputer |
|
18.7.23 |
Hackers exploiting critical WordPress WooCommerce Payments bug |
Exploit |
BleepingComputer |
|
18.7.23 |
CISA shares free tools to help secure data in the cloud |
BigBrothers |
BleepingComputer |
|
18.7.23 |
Critical ColdFusion flaws exploited in attacks to drop webshells |
Exploit |
BleepingComputer |
|
18.7.23 |
Police arrests Ukrainian scareware developer after 10-year hunt |
Crime |
BleepingComputer |
|
18.7.23 |
IT worker jailed for impersonating ransomware gang to extort employer |
Ransom |
BleepingComputer |
|
18.7.23 |
Meet NoEscape: Avaddon ransomware gang's likely successor |
Ransom |
BleepingComputer |
|
18.7.23 |
JumpCloud discloses breach by state-backed APT hacking group |
APT |
BleepingComputer |
|
18.7.23 |
Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware |
Virus |
The Hacker News |
|
18.7.23 |
VirusTotal Data Leak Exposes Some Registered Customers' Details |
Incindent |
The Hacker News |
|
18.7.23 |
FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks |
Virus |
The Hacker News |
|
18.7.23 |
Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges |
Hacking |
The Hacker News |
|
18.7.23 |
Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites |
Exploit |
The Hacker News |
|
18.7.23 |
JumpCloud Blames 'Sophisticated Nation-State' Actor for Security Breach |
Incindent |
The Hacker News |
|
18.7.23 |
Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps |
Exploit |
The Hacker News |
|
17.7.23 |
Cisco fixed a critical flaw in SD-WAN vManage | Vulnerebility |
Securityaffairs |
|
17.7.23 |
Pompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornography |
Hacking |
Securityaffairs |
|
17.7.23 |
WormGPT, the generative AI tool to launch sophisticated BEC attacks |
Virus |
Securityaffairs |
|
17.7.23 |
Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise |
APT |
Securityaffairs |
|
17.7.23 |
Windows Copilot arrives in the fall with Windows 11 23H2 |
OS |
BleepingComputer |
|
17.7.23 |
Thousands of images on Docker Hub leak auth secrets, private keys |
Incindent |
BleepingComputer |
|
17.7.23 |
Gamaredon hackers start stealing data 30 minutes after a breach |
Exploit |
BleepingComputer |
|
17.7.23 |
Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware |
Virus |
The Hacker News |
|
17.7.23 |
Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware |
Exploit |
The Hacker News |
|
17.7.23 |
CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise |
BigBrothers |
The Hacker News |
|
17.7.23 |
WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks |
Virus |
The Hacker News |
15.7.23 |
Six Malicious Python Packages in the PyPI Targeting Windows Users |
Malware blog |
Palo Alto |
15.7.23 |
BEYOND THE HORIZON: TRAVELING THE WORLD ON CAMARO DRAGON’S USB FLASH DRIVES |
Malware blog |
Checkpoint |
15.7.23 |
CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN |
BigBrother blog |
Checkpoint |
15.7.23 |
MAJOR SECURITY FLAWS IN POPULAR QUICKBLOX CHAT AND VIDEO FRAMEWORK EXPOSE SENSITIVE DATA OF MILLIONS |
Vulnerebility blog |
Checkpoint |
15.7.23 |
STEALTH SOLDIER BACKDOOR USED IN TARGETED ESPIONAGE ATTACKS IN NORTH AFRICA |
Malware blog |
Checkpoint |
15.7.23 |
RUST BINARY ANALYSIS, FEATURE BY FEATURE |
Malware blog |
Checkpoint |
15.7.23 |
MALWARE SPOTLIGHT: CAMARO DRAGON’S TINYNOTE BACKDOOR |
Malware blog |
Checkpoint |
15.7.23 |
Old certificate, new signature: Open-source tools forge signature timestamps on Windows drivers |
OS Blog |
Cisco Blog |
15.7.23 |
Undocumented driver-based browser hijacker RedDriver targets Chinese speakers and internet cafes |
BigBrother blog |
Cisco Blog |
15.7.23 |
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation |
OS Blog |
Cisco Blog |
15.7.23 |
Malicious campaigns target government, military and civilian entities in Ukraine, Poland |
BigBrother blog |
Cisco Blog |
15.7.23 |
QR codes are relevant again for everyone from diners to threat actors |
Hacking blog |
Cisco Blog |
15.7.23 |
Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild |
Vulnerebility blog |
Cisco Blog |
15.7.23 |
The danger within: 5 steps you can take to combat insider threats |
Cyber blog |
Eset |
15.7.23 |
ESET Research Podcast: Finding the mythical BlackLotus bootkit |
Malware blog |
Eset |
15.7.23 |
Analysis of Storm-0558 techniques for unauthorized email access |
Hacking blog |
Microsoft |
|
15.7.23 |
The source code of the BlackLotus UEFI Bootkit was leaked on GitHub |
Virus |
Securityaffairs |
|
15.7.23 |
US CISA warns of Rockwell Automation ControlLogix flaws | Vulnerebility |
Securityaffairs |
|
15.7.23 |
Indexing Over 15 Million WordPress Websites with PWNPress |
Incindent |
Securityaffairs |
|
15.7.23 |
New AVrecon botnet remained under the radar for two years while targeting SOHO Routers |
BotNet |
Securityaffairs |
|
15.7.23 |
Apple re-released Rapid Security Response to fix recently disclosed zero-day |
Apple |
Securityaffairs |
|
15.7.23 |
Zimbra urges customers to manually fix actively exploited zero-day reported by Google TAG |
Exploit |
Securityaffairs |
|
15.7.23 |
Chinese hackers compromised emails of U.S. Government agencies |
BigBrothers |
Securityaffairs |
|
15.7.23 |
SonicWall urges organizations to fix critical flaws in GMS/Analytics products | Vulnerebility |
Securityaffairs |
|
15.7.23 |
Citrix fixed a critical flaw in Secure Access Client for Ubuntu | Vulnerebility |
Securityaffairs |
|
15.7.23 |
Cl0p hacker operating from Russia-Ukraine war front line – exclusive |
BigBrothers |
Securityaffairs |
|
15.7.23 |
Fortinet fixed a critical flaw in FortiOS and FortiProxy | Vulnerebility |
Securityaffairs |
|
15.7.23 |
Microsoft mitigated an attack by Chinese threat actor Storm-0558 |
BigBrothers |
Securityaffairs |
|
15.7.23 |
Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacks | Vulnerebility |
Securityaffairs |
|
15.7.23 |
HCA Healthcare data breach impacted 11 million patients |
Incindent |
Securityaffairs |
|
15.7.23 |
Apple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bug |
Apple |
Securityaffairs |
|
15.7.23 |
VMware warns customers of exploit available for critical vRealize RCE flaw CVE-2023-20864 | Vulnerebility |
Securityaffairs |
|
15.7.23 |
Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud |
CyberCrime |
Securityaffairs |
|
15.7.23 |
Experts released PoC exploit for Ubiquiti EdgeRouter flaw |
Exploit |
Securityaffairs |
|
15.7.23 |
RomCom RAT attackers target groups supporting NATO membership of Ukraine |
Virus |
Securityaffairs |
|
15.7.23 |
A flaw in Revolut US payments resulted in the theft of $20 Million | Vulnerebility |
Securityaffairs |
|
15.7.23 |
France’s government is giving the police more surveillance power |
BigBrothers |
Securityaffairs |
|
15.7.23 |
Two spyware sending data of more than 1.5M users to China were found in Google Play Store |
Android |
Securityaffairs |
|
15.7.23 |
Google addressed 3 actively exploited flaws in Android |
Android |
Securityaffairs |
|
15.7.23 |
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens | Vulnerebility |
The Hacker News |
|
15.7.23 |
Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services | Vulnerebility |
The Hacker News |
|
15.7.23 |
Genesis Market infrastructure and inventory sold on hacker forum |
Incindent |
BleepingComputer |
|
15.7.23 |
Microsoft still unsure how hackers stole Azure AD signing key |
Incindent |
BleepingComputer |
|
15.7.23 |
Rockwell warns of new APT RCE exploit targeting critical infrastructure |
Exploit |
BleepingComputer |
|
15.7.23 |
WordPress AIOS plugin used by 1M sites logged plaintext passwords |
Incindent |
BleepingComputer |
|
15.7.23 |
BreachForums owner Pompompurin pleads guilty to hacking charges |
Hacking |
BleepingComputer |
|
15.7.23 |
Colorado State University says data breach impacts students, staff |
Incindent |
BleepingComputer |
|
15.7.23 |
Shutterfly says Clop ransomware attack did not impact customer data |
Ransom |
BleepingComputer |
|
15.7.23 |
AVrecon malware infects 70,000 Linux routers to build botnet |
Virus |
BleepingComputer |
|
15.7.23 |
Cisco SD-WAN vManage impacted by unauthenticated REST API access | Vulnerebility |
BleepingComputer |
|
15.7.23 |
Google Play will enforce business checks to curb malware submissions |
Android |
BleepingComputer |
|
15.7.23 |
Windows 11 23H2 coming this fall as a small enablement package |
OS |
BleepingComputer |
|
15.7.23 |
Fake Linux vulnerability exploit drops data-stealing malware |
Virus |
BleepingComputer |
|
15.7.23 |
Zimbra urges admins to manually fix zero-day exploited in attacks | Vulnerebility |
BleepingComputer |
|
15.7.23 |
Source code for BlackLotus Windows UEFI malware leaked on GitHub |
Virus |
BleepingComputer |
|
14.7.23 |
TeamTNT's Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud |
Virus |
The Hacker News |
|
14.7.23 |
New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries |
BotNet |
The Hacker News |
|
14.7.23 |
Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation | Vulnerebility |
The Hacker News |
|
14.7.23 |
PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland |
Virus |
The Hacker News |
|
14.7.23 |
TeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign |
BotNet |
The Hacker News |
|
13.7.23 |
Fake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to Malware | Vulnerebility |
The Hacker News |
|
13.7.23 |
Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks |
ICS |
The Hacker News |
|
13.7.23 |
U.S. Government Agencies' Emails Compromised in China-Backed Cyber Attack |
BigBrothers |
The Hacker News |
|
13.7.23 |
New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products | Vulnerebility |
The Hacker News |
|
13.7.23 |
USB drive malware attacks spiking again in first half of 2023 |
Virus |
BleepingComputer |
|
13.7.23 |
New PyLoose Linux malware mines crypto directly from memory |
Virus |
BleepingComputer |
|
13.7.23 |
Apple re-releases zero-day patch after fixing browsing issue |
Apple |
BleepingComputer |
|
13.7.23 |
SonicWall warns admins to patch critical auth bypass bugs immediately | Vulnerebility |
BleepingComputer |
|
13.7.23 |
Russian state hackers lure Western diplomats with BMW car ads |
BigBrothers |
BleepingComputer |
|
13.7.23 |
New Windows 11 build ships with more Rust-based Kernel features |
OS |
BleepingComputer |
|
13.7.23 |
Critical RCE found in popular Ghostscript open-source PDF library | Vulnerebility |
BleepingComputer |
|
13.7.23 |
GitHub goes passwordless, announces passkeys beta preview |
Security |
BleepingComputer |
|
13.7.23 |
Fortinet warns of critical RCE flaw in FortiOS, FortiProxy devices | Vulnerebility |
BleepingComputer |
|
13.7.23 |
Ransomware payments on record-breaking trajectory for 2023 |
Ransom |
BleepingComputer |
|
13.7.23 |
Microsoft: Chinese hackers breached US govt Exchange email accounts |
BigBrothers |
BleepingComputer |
|
13.7.23 |
What's new in the Windows 11 22H2 Moment 3 update, now available |
OS |
BleepingComputer |
|
13.7.23 |
Microsoft: Unpatched Office zero-day exploited in NATO summit attacks |
BigBrothers |
BleepingComputer |
|
13.7.23 |
Windows 11 KB5028185 cumulative update released with Moment 3 features | Vulnerebility |
BleepingComputer |
|
13.7.23 |
Windows 10 KB5028168 and KB5028166 updates released | Vulnerebility |
BleepingComputer |
|
13.7.23 |
Microsoft July 2023 Patch Tuesday warns of 6 zero-days, 132 flaws | Vulnerebility |
BleepingComputer |
|
13.7.23 |
Hackers exploit Windows policy to load malicious kernel drivers |
Exploit |
BleepingComputer |
|
13.7.23 |
Microsoft rebrands Azure Active Directory to Microsoft Entra ID |
OS |
BleepingComputer |
|
13.7.23 |
Deutsche Bank confirms provider breach exposed customer data |
Incindent |
BleepingComputer |
|
13.7.23 |
Apple confirms WebKit security updates break browsing on some sites |
Apple |
BleepingComputer |
|
13.7.23 |
HCA confirms breach after hacker steals data of 11 million patients |
Incindent |
BleepingComputer |
|
12.7.23 |
Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting |
Ransom |
The Hacker News |
|
12.7.23 |
Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments |
BigBrothers |
The Hacker News |
|
12.7.23 |
Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector |
Virus |
The Hacker News |
|
12.7.23 |
Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining |
Cryptocurrency |
The Hacker News |
|
12.7.23 |
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack | Vulnerebility |
The Hacker News |
|
12.7.23 |
Hackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver Signatures |
Exploit |
The Hacker News |
|
11.7.23 |
SCARLETEEL Cryptojacking Campaign Exploiting AWS Fargate in Ongoing Campaign |
Cryptocurrency |
The Hacker News |
|
11.7.23 |
Beware of Big Head Ransomware: Spreading Through Fake Windows Updates | Vulnerebility |
The Hacker News |
|
11.7.23 |
Microsoft finally fixes broken Surface Pro X laptop cameras |
OS |
BleepingComputer |
|
11.7.23 |
RomCom hackers target NATO Summit attendees in phishing attacks |
BigBrothers |
BleepingComputer |
|
11.7.23 |
VMware warns of exploit available for critical vRealize RCE bug | Vulnerebility |
BleepingComputer |
|
11.7.23 |
Amazon's AppStore is getting more apps and games on Windows 11 |
OS |
BleepingComputer |
|
11.7.23 |
Microsoft: Windows 11 21H2 reaching end of service in October |
OS |
BleepingComputer |
|
11.7.23 |
Apple releases emergency update to fix zero-day exploited in attacks |
Apple |
BleepingComputer |
|
11.7.23 |
Former employee charged for attacking water treatment plant |
Attack |
BleepingComputer |
|
11.7.23 |
Hands on with Windows Copilot - A Bing.com web wrapper |
OS |
BleepingComputer |
|
11.7.23 |
Razer investigates data breach claims, resets user sessions |
Incindent |
BleepingComputer |
|
11.7.23 |
Microsoft Edge's Bing AI sidebar will remember previous conversations |
OS |
BleepingComputer |
|
11.7.23 |
Microsoft Edge Canary update on Windows adds mouse gestures flag |
OS |
BleepingComputer |
|
11.7.23 |
Apple Issues Urgent Patch for Zero-Day Flaw Targeting iOS, iPadOS, macOS, and Safari |
Apple |
The Hacker News |
|
10.7.23 |
New TOITOIN Banking Trojan Targeting Latin American Businesses |
Virus |
The Hacker News |
|
10.7.23 |
New Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security |
Security |
The Hacker News |
|
10.7.23 |
RomCom RAT Targeting NATO and Ukraine Support Groups |
BigBrothers |
The Hacker News |
|
10.7.23 |
Hackers Steal $20 Million by Exploiting Flaw in Revolut's Payment Systems |
Incindent |
The Hacker News |
|
9.7.23 |
Chrome's big design refresh uses Microsoft Mica effect in custom themes |
OS |
BleepingComputer |
|
9.7.23 |
Charming Kitten hackers use new ‘NokNok’ malware for macOS |
Apple |
BleepingComputer |
|
9.7.23 |
Windows Subsystem for Android gets July 2023 preview with new features |
OS |
BleepingComputer |
|
9.7.23 |
AMD releases Adrenalin 23.7.1 WHQL driver for Windows |
OS |
BleepingComputer |
|
9.7.23 |
Instagram's Threads to get Twitter-like hashtags support, edit button and more |
Social |
BleepingComputer |
|
9.7.23 |
New ‘Big Head’ ransomware displays fake Windows update alert |
Ransom |
BleepingComputer |
|
8.7.23 |
Iran-linked APT TA453 targets Windows and macOS systems |
APT |
Securityaffairs |
|
8.7.23 |
Bangladesh government website leaked data of millions of citizens |
BigBrothers |
Securityaffairs |
|
8.7.23 |
A man has been charged with a cyber attack on the Discovery Bay water treatment facility |
Attack |
Securityaffairs |
|
8.7.23 |
Progress warns customers of a new critical flaw in MOVEit Transfer software | Vulnerebility |
Securityaffairs |
|
8.7.23 |
Email crypto phishing scams: stealing from hot and cold crypto wallets |
Phishing |
Securelist |
|
8.7.23 |
CISA warns govt agencies to patch actively exploited Android driver | Vulnerebility |
BleepingComputer |
|
8.7.23 |
Critical TootRoot bug lets attackers hijack Mastodon servers | Vulnerebility |
BleepingComputer |
|
8.7.23 |
Barracuda working on fix for ongoing Email Gateway login issues | Vulnerebility |
BleepingComputer |
|
8.7.23 |
MOVEit Transfer customers warned to patch new critical flaw | Vulnerebility |
BleepingComputer |
|
8.7.23 |
Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China |
Android |
The Hacker News |
|
8.7.23 |
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing |
Virus |
The Hacker News |
|
8.7.23 |
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software | Vulnerebility |
The Hacker News |
|
8.7.23 |
Mastodon Social Network Patches Critical Flaws Allowing Server Takeover | Vulnerebility |
The Hacker News |
|
7.7.23 |
CISA and FBI warn of Truebot infecting US and Canada based organizations |
BigBrothers |
Securityaffairs |
|
7.7.23 |
Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted traffic | Vulnerebility |
Securityaffairs |
|
7.7.23 |
StackRot, a new Linux Kernel privilege escalation vulnerability | Vulnerebility |
Securityaffairs |
|
7.7.23 |
Ransomware accounts for 54% of cyber threats in the health sector |
Ransom |
Securityaffairs |
|
7.7.23 |
CVE-2022-29303 flaw in SolarView product can be exploited in attacks against the energy sector | Vulnerebility |
Securityaffairs |
7.7.23 |
RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild |
Ransom |
Securityaffairs |
|
7.7.23 |
The Port of Nagoya, the largest Japanese port, suffered a ransomware attack |
Ransom |
Securityaffairs |
|
7.7.23 |
Apps with 1.5M installs on Google Play send your data to China |
Android |
BleepingComputer |
|
7.7.23 |
CISA: Netwrix Auditor RCE bug exploited in Truebot malware attacks |
Virus |
BleepingComputer |
|
7.7.23 |
Nickelodeon investigates breach after leak of 'decades old’ data |
Incindent |
BleepingComputer |
7.7.23 |
BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days |
Ransom |
The Hacker News |
|
7.7.23 |
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities |
Android |
The Hacker News |
|
7.7.23 |
JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident |
Incindent |
The Hacker News |
|
7.7.23 |
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks |
Virus |
The Hacker News |
7.7.23 |
Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users |
Apple |
The Hacker News |
6.7.23 |
Microsoft investigates Outlook.com bug breaking email search | Vulnerebility |
BleepingComputer |
6.7.23 |
Cisco warns of bug that lets attackers break traffic encryption | Vulnerebility |
BleepingComputer |
6.7.23 |
JumpCloud resets admin API keys amid ‘ongoing incident’ |
Incindent |
BleepingComputer |
6.7.23 |
Android July security updates fix three actively exploited bugs |
Android |
BleepingComputer |
6.7.23 |
Over 130,000 solar energy monitoring systems exposed online |
Incindent |
BleepingComputer |
6.7.23 |
Microsoft fixes bug behind Windows LSA protection warnings, again | Vulnerebility |
BleepingComputer |
6.7.23 |
New StackRot Linux kernel flaw allows privilege escalation | Vulnerebility |
BleepingComputer |
6.7.23 |
New tool exploits Microsoft Teams bug to send malware to users |
Virus |
BleepingComputer |
6.7.23 |
Police arrest suspect linked to notorius OPERA1ER cybercrime gang |
Crime |
BleepingComputer |
6.7.23 |
Japan’s largest port stops operations after ransomware attack |
Ransom |
BleepingComputer |
6.7.23 |
Google Analytics data transfer to U.S. brings $1 million fine to Swedish firms |
Cyber |
BleepingComputer |
|
6.7.23 |
Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability | Vulnerebility |
The Hacker News |
|
6.7.23 |
Silentbob Campaign: Cloud-Native Environments Under Attack |
Attack |
The Hacker News |
|
6.7.23 |
INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime |
Crime |
The Hacker News |
|
6.7.23 |
RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors |
Ransom |
The Hacker News |
|
5.7.23 |
Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware |
Virus |
The Hacker News |
|
5.7.23 |
Instagram's Twitter Alternative 'Threads' Launch Halted in Europe Over Privacy Concerns |
Social |
The Hacker News |
|
5.7.23 |
Swedish Data Protection Authority Warns Companies Against Google Analytics Use |
BigBrothers |
The Hacker News |
|
4.7.23 |
Neo_Net runs eCrime campaign targeting clients of banks globally |
CyberCrime |
Securityaffairs |
|
4.7.23 |
Hackers stole millions of dollars worth of crypto assets from Poly Network platform |
Incindent |
Securityaffairs |
|
4.7.23 |
335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997 | Vulnerebility |
Securityaffairs |
|
4.7.23 |
Anonymous Sudan claims to have stolen 30 million Microsoft’s customer accounts |
Incindent |
Securityaffairs |
|
4.7.23 |
SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies |
APT |
Securityaffairs |
|
4.7.23 |
The Impacts of Data Loss on Your Organization |
Security |
Securityaffairs |
|
4.7.23 |
CISA adds Samsung and D-link bugs to its Known Exploited Vulnerabilities catalog | Vulnerebility |
Securityaffairs |
|
4.7.23 |
New Python tool checks NPM packages for manifest confusion issues |
Virus |
BleepingComputer |
|
4.7.23 |
Microsoft denies data breach, theft of 30 million customer accounts |
Incindent |
BleepingComputer |
|
4.7.23 |
Hackers target European government entities in SmugX campaign |
BigBrothers |
BleepingComputer |
|
4.7.23 |
Microsoft Edge upgrades built-in Cloudflare VPN with 5GB of data |
Security |
BleepingComputer |
|
4.7.23 |
DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors |
Attack |
The Hacker News |
|
4.7.23 |
Mexico-Based Hacker Targets Global Banks with Android Malware |
Android |
The Hacker News |
|
4.7.23 |
Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw | Vulnerebility |
The Hacker News |
|
4.7.23 |
Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX |
Virus |
The Hacker News |
|
3.7.23 |
New Windows Meduza Stealer targets tens of crypto wallets and password managers |
Virus |
Securityaffairs |
|
3.7.23 |
Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware |
Apple |
Securityaffairs |
|
3.7.23 |
WordPress sites using the Ultimate Member plugin are under attack |
Hacking |
Securityaffairs |
|
3.7.23 |
300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug | Vulnerebility |
BleepingComputer |
|
3.7.23 |
Twitter's bot spam keeps getting worse — it's about porn this time |
Social |
BleepingComputer |
|
3.7.23 |
Snappy: A tool to detect rogue WiFi access points on open networks |
Security |
BleepingComputer |
|
3.7.23 |
CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices | Vulnerebility |
The Hacker News |
|
3.7.23 |
Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets |
Virus |
The Hacker News |
|
3.7.23 |
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising |
Ransom |
The Hacker News |
|
2.7.23 |
LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC |
Ransom |
Securityaffairs |
|
2.7.23 |
Avast released a free decryptor for the Windows version of the Akira ransomware |
Ransom |
Securityaffairs |
|
2.7.23 |
BlackCat ransomware pushes Cobalt Strike via WinSCP search ads |
Ransom |
BleepingComputer |
|
1.7.23 |
Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor |
APT |
Securityaffairs |
|
1.7.23 |
miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug | Vulnerebility |
Securityaffairs |
|
1.7.23 |
North Korea-linked Andariel APT used a new malware named EarlyRat last year |
Virus |
Securityaffairs |
|
1.7.23 |
The phone monitoring app LetMeSpy disclosed a data breach |
Mobil |
Securityaffairs |
|
1.7.23 |
Previously undetected ThirdEye malware appears in the threat landscape |
Virus |
Securityaffairs |
|
1.7.23 |
Former Group-IB manager has been arrested in Kazahstan |
CyberCrime |
Securityaffairs |
|
1.7.23 |
Experts published PoC exploits for Arcserve UDP authentication bypass issue |
Exploit |
Securityaffairs |
|
1.7.23 |
Using Electromagnetic Fault Injection Attacks to take over drones |
Hacking |
Securityaffairs |
|
1.7.23 |
Experts warn of a spike in May and June of 8Base ransomware attacks |
Ransom |
Securityaffairs |
|
1.7.23 |
Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution | Vulnerebility |
Securityaffairs |
|
1.7.23 |
EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds |
CyberCrime |
Securityaffairs |
|
1.7.23 |
Mockingjay process injection technique allows EDR bypass |
Hacking |
Securityaffairs |
|
1.7.23 |
Experts found hundreds of devices within federal networks having internet-exposed management interfaces |
Mobil |
Securityaffairs |
|
1.7.23 |
The Week in Ransomware - June 30th 2023 - Mistaken Identity |
Ransom |
BleepingComputer |
|
1.7.23 |
Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs |
Exploit |
BleepingComputer |
|
1.7.23 |
Twitter now forces you to sign in to view tweets |
Social |
BleepingComputer |
|
1.7.23 |
New proxyjacking attacks monetize hacked SSH servers’ bandwidth |
Attack |
BleepingComputer |
|
1.7.23 |
Free Akira ransomware decryptor helps recover your files |
Ransom |
BleepingComputer |
|
1.7.23 |
CISA issues DDoS warning after attacks hit multiple US orgs |
BigBrothers |
BleepingComputer |
|
1.7.23 |
TSMC denies LockBit hack as ransomware gang demands $70 million |
Ransom |
BleepingComputer |
|
1.7.23 |
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts |
Hacking |
The Hacker News |
|
1.7.23 |
Beware: New 'Rustbucket' Malware Variant Targeting macOS Users |
Apple |
The Hacker News |
|
1.7.23 |
Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks |
BigBrothers |
The Hacker News |
| | | |