DATE |
NAME |
CATEGORY |
WEB |
|
30.9.23 |
New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar |
Virus |
The Hacker News |
|
30.9.23 |
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm |
APT |
The Hacker News |
|
30.9.23 |
Post-Quantum Cryptography: Finally Real in Consumer Apps? |
Security |
The Hacker News |
|
30.9.23 |
Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites |
AI |
The Hacker News |
|
30.9.23 |
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts |
Exploit |
The Hacker News |
|
30.9.23 |
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions |
Virus |
The Hacker News |
|
30.9.23 |
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies |
BigBrothers |
The Hacker News |
|
30.9.23 |
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies |
BigBrothers |
The Hacker News |
|
30.9.23 |
Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors |
Virus |
The Hacker News |
|
30.9.23 |
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data |
Vulnerebility |
The Hacker News |
|
30.9.23 |
New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On |
Security |
The Hacker News |
|
30.9.23 |
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software |
Virus |
The Hacker News |
|
30.9.23 |
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score |
Exploit |
The Hacker News |
|
30.9.23 |
Microsoft is Rolling out Support for Passkeys in Windows 11 |
OS |
The Hacker News |
|
30.9.23 |
ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families |
Ransom |
The Hacker News |
|
30.9.23 |
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions |
Virus |
The Hacker News |
|
30.9.23 |
Threat Report: High Tech Industry targeted the most with 46% of attack traffic tagged by NLX |
Attack |
The Hacker News |
|
30.9.23 |
Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign |
BigBrothers |
The Hacker News |
|
30.9.23 |
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers |
Vulnerebility |
The Hacker News |
|
30.9.23 |
Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals |
BigBrothers |
The Hacker News |
|
30.9.23 |
Are You Willing to Pay the High Cost of Compromised Credentials? |
Incindent |
The Hacker News |
|
30.9.23 |
From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese |
BigBrothers |
The Hacker News |
|
30.9.23 |
New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government |
BigBrothers |
The Hacker News |
24.9.23 |
Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government |
Malware blog |
Palo Alto |
24.9.23 |
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda |
BigBrother blog |
Palo Alto |
24.9.23 |
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus |
BigBrother blog |
Palo Alto |
24.9.23 |
Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT |
Malware blog |
Palo Alto |
24.9.23 |
BEHIND THE SCENES OF BBTOK: ANALYZING A BANKER’S SERVER SIDE COMPONENTS |
Malware blog |
Checkpoint |
24.9.23 |
UNVEILING THE SHADOWS: THE DARK ALLIANCE BETWEEN GULOADER AND REMCOS |
Malware blog |
Checkpoint |
24.9.23 |
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants |
Malware blog |
Cisco Blog |
24.9.23 |
What’s the point of press releases from threat actors? |
Cyber blog |
Cisco Blog |
24.9.23 |
ESET's cutting-edge threat research at LABScon – Week in security with Tony Anscombe |
Cyber blog |
Eset |
24.9.23 |
Stealth Falcon preying over Middle Eastern skies with Deadglyph |
Malware blog |
Eset |
24.9.23 |
OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes |
Malware blog |
Eset |
24.9.23 |
New stealthy and modular Deadglyph malware used in govt attacks |
Virus |
BleepingComputer |
24.9.23 |
Evasive Gelsemium hackers spotted in attack against Asian govt |
BigBrothers |
BleepingComputer |
24.9.23 |
National Student Clearinghouse data breach impacts 890 schools |
Incindent |
BleepingComputer |
24.9.23 |
Air Canada discloses data breach of employee and 'certain records' |
Incindent |
BleepingComputer |
24.9.23 |
Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics |
Virus |
The Hacker News |
23.9.23 |
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware |
Apple |
The Hacker News |
23.9.23 |
New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks |
Virus |
The Hacker News |
23.9.23 |
Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware |
Apple |
Securityaffairs |
23.9.23 |
CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog |
BigBrothers |
Securityaffairs |
23.9.23 |
Information of Air Canada employees exposed in recent cyberattack |
Incindent |
Securityaffairs |
23.9.23 |
Sandman APT targets telcos with LuaDream backdoor |
APT |
Securityaffairs |
23.9.23 |
Experts warn of a 600X increase in P2Pinfect traffic |
Virus |
Securityaffairs |
23.9.23 |
Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws |
Apple |
Securityaffairs |
23.9.23 |
Ukrainian hackers are behind the Free Download Manager supply chain attack |
Attack |
Securityaffairs |
23.9.23 |
Space and defense tech maker Exail Technologies exposes database access |
Incindent |
Securityaffairs |
23.9.23 |
Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions |
BigBrothers |
Securityaffairs |
23.9.23 |
Experts found critical flaws in Nagios XI network monitoring software |
Vulnerebility |
Securityaffairs |
23.9.23 |
The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs |
CyberCrime |
Securityaffairs |
23.9.23 |
International Criminal Court hit with a cyber attack |
Attack |
Securityaffairs |
23.9.23 |
GitLab addressed critical vulnerability CVE-2023-5009 |
Vulnerebility |
Securityaffairs |
23.9.23 |
Trend Micro addresses actively exploited zero-day in Apex One and other security Products |
Exploit |
Securityaffairs |
23.9.23 |
ShroudedSnooper threat actors target telecom companies in the Middle East |
Virus |
Securityaffairs |
23.9.23 |
Recent cyber attack is causing Clorox products shortage |
Attack |
Securityaffairs |
23.9.23 |
Dallas says Royal ransomware breached its network using stolen account |
Ransom |
BleepingComputer |
23.9.23 |
Nigerian man pleads guilty to attempted $6 million BEC email heist |
Spam |
BleepingComputer |
23.9.23 |
Recently patched Apple, Chrome zero-days exploited in spyware attacks |
Apple |
BleepingComputer |
23.9.23 |
Government of Bermuda links cyberattack to Russian hackers |
BigBrothers |
BleepingComputer |
23.9.23 |
Crypto firm Nansen asks users to reset passwords after vendor breach |
Incindent |
BleepingComputer |
23.9.23 |
T-Mobile denies new data breach rumors, points to authorized retailer |
Incindent |
BleepingComputer |
23.9.23 |
Hotel hackers redirect guests to fake Booking.com to steal cards |
Incindent |
BleepingComputer |
23.9.23 |
‘Sandman’ hackers backdoor telcos with new LuaDream malware |
Virus |
BleepingComputer |
23.9.23 |
GitHub passkeys generally available for passwordless sign-ins |
Incindent |
BleepingComputer |
23.9.23 |
Apple emergency updates fix 3 new zero-days exploited in attacks |
Apple |
BleepingComputer |
23.9.23 |
Microsoft Copilot rolls out with Windows 11 22H2 update next week |
OS |
BleepingComputer |
23.9.23 |
Pizza Hut Australia warns 193,000 customers of a data breach |
Incindent |
BleepingComputer |
23.9.23 |
P2PInfect botnet activity surges 600x with stealthier malware variants |
Virus |
BleepingComputer |
23.9.23 |
T-Mobile app glitch let users see other people's account info |
Incindent |
BleepingComputer |
23.9.23 |
TransUnion denies it was hacked, links leaked data to 3rd party |
Hack |
BleepingComputer |
23.9.23 |
Free Download Manager releases script to check for Linux malware |
Virus |
BleepingComputer |
23.9.23 |
Fake WinRAR proof-of-concept exploit drops VenomRAT malware |
Virus |
BleepingComputer |
23.9.23 |
Signal adds quantum-resistant encryption to its E2EE messaging protocol |
Security |
BleepingComputer |
22.9.23 |
How to Interpret the 2023 MITRE ATT&CK Evaluation Results |
Cyber |
The Hacker News |
22.9.23 |
Iranian Nation-State Actor OilRig Targets Israeli Organizations |
BigBrothers |
The Hacker News |
22.9.23 |
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server |
Vulnerebility |
The Hacker News |
22.9.23 |
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable |
Apple |
The Hacker News |
22.9.23 |
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents |
CyberCrime |
The Hacker News |
21.9.23 |
Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge |
Virus |
The Hacker News |
21.9.23 |
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers |
BigBrothers |
The Hacker News |
21.9.23 |
Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers |
Ransom |
The Hacker News |
21.9.23 |
Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack |
Virus |
The Hacker News |
21.9.23 |
Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT |
Virus |
The Hacker News |
20.9.23 |
Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace |
CyberCrime |
The Hacker News |
20.9.23 |
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software |
Vulnerebility |
The Hacker News |
20.9.23 |
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys |
Virus |
The Hacker News |
20.9.23 |
Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT |
Virus |
The Hacker News |
20.9.23 |
Signal Messenger Introduces PQXDH Quantum-Resistant Encryption |
Social |
The Hacker News |
20.9.23 |
GitLab Releases Urgent Security Patches for Critical Vulnerability |
Vulnerebility |
The Hacker News |
20.9.23 |
Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability |
Vulnerebility |
The Hacker News |
20.9.23 |
Claimants in Celsius crypto bankruptcy targeted in phishing attack |
Phishing |
BleepingComputer |
20.9.23 |
Trend Micro fixes endpoint protection zero-day used in attacks |
Vulnerebility |
BleepingComputer |
20.9.23 |
Hackers breached International Criminal Court’s systems last week |
Incindent |
BleepingComputer |
20.9.23 |
GitLab urges users to install security updates for critical pipeline flaw |
Security |
BleepingComputer |
20.9.23 |
Microsoft to start retiring Exchange Web Services in October 2026 |
OS |
BleepingComputer |
20.9.23 |
Hackers backdoor telecom providers with new HTTPSnoop malware |
Virus |
BleepingComputer |
20.9.23 |
APT36 state hackers infect Android devices using YouTube app clones |
APT |
BleepingComputer |
20.9.23 |
Windows Subsystem for Linux gets new 'mirrored' network mode |
OS |
BleepingComputer |
20.9.23 |
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw |
Vulnerebility |
BleepingComputer |
20.9.23 |
Bumblebee malware returns in new attacks abusing WebDAV folders |
Virus |
BleepingComputer |
20.9.23 |
Microsoft leaks 38TB of private data via unsecured Azure storage |
Incindent |
BleepingComputer |
20.9.23 |
New SprySOCKS Linux malware used in cyber espionage attacks |
Virus |
BleepingComputer |
20.9.23 |
TikTok flooded by 'Elon Musk' cryptocurrency giveaway scams |
Social |
BleepingComputer |
20.9.23 |
Google Chrome tests Microsoft Edge-like Read Aloud feature |
Security |
BleepingComputer |
20.9.23 |
Microsoft Edge is losing tablet-friendly "Web Select" feature |
Security |
BleepingComputer |
20.9.23 |
BlackCat ransomware hits Azure Storage with Sphynx encryptor |
Ransom |
BleepingComputer |
19.9.23 |
ShroudedSnooper's HTTPSnoop Backdoor Targets Middle East Telecom Companies |
Virus |
The Hacker News |
19.9.23 |
Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign |
Virus |
The Hacker News |
19.9.23 |
Inside the Code of a New XWorm Variant |
Virus |
The Hacker News |
19.9.23 |
Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities |
Virus |
The Hacker News |
19.9.23 |
Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data |
Incindent |
The Hacker News |
19.9.23 |
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability |
Vulnerebility |
The Hacker News |
19.9.23 |
Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware |
Virus |
The Hacker News |
18.9.23 |
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services |
Cryptocurrency |
The Hacker News |
18.9.23 |
Think Your MFA and PAM Solutions Protect You? Think Again |
Security |
The Hacker News |
18.9.23 |
Hook: New Android Banking Trojan That Expands on ERMAC's Legacy |
Android |
The Hacker News |
18.9.23 |
Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients |
Phishing |
The Hacker News |
18.9.23 |
Financially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks |
Ransom |
The Hacker News |
17.9.23 |
CardX released a data leak notification impacting their customers in Thailand |
Incindent |
Securityaffairs |
17.9.23 |
TikTok fined €345M by Irish DPC for violating children’s privacy |
Social |
Securityaffairs |
17.9.23 |
Iranian Peach Sandstorm group behind recent password spray attacks |
Attack |
Securityaffairs |
17.9.23 |
Caesars Entertainment paid a ransom to avoid stolen data leaks |
Ransom |
Securityaffairs |
17.9.23 |
Free Download Manager backdoored to serve Linux malware for more than 3 years |
Virus |
Securityaffairs |
17.9.23 |
Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York |
Ransom |
Securityaffairs |
17.9.23 |
UK Greater Manchester Police disclosed a data breach |
Incindent |
Securityaffairs |
17.9.23 |
North Korea's Lazarus Group Suspected in $31 Million CoinEx Heist |
APT |
The Hacker News |
17.9.23 |
TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U. |
Social |
The Hacker News |
16.9.23 |
Threat Group Assessment: Turla (aka Pensive Ursa) |
Ransom blog |
Palo Alto |
16.9.23 |
Unit 42 Attack Surface Threat Research: Constant Change in Cloud Contributes to 45% of New High/Critical Exposures Per Month |
Cyber blog |
Palo Alto |
16.9.23 |
RedLine Stealer: Answers to Unit Wireshark Quiz |
Malware blog |
Palo Alto |
16.9.23 |
Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer |
Malware blog |
Palo Alto |
16.9.23 |
GUARDING AGAINST THE UNSEEN: INVESTIGATING A STEALTHY REMCOS MALWARE ATTACK ON COLOMBIAN FIRMS |
Malware blog |
Checkpoint |
16.9.23 |
ELECTIONS SPOTLIGHT: GENERATIVE AI AND DEEP FAKES |
Security blog |
Checkpoint |
16.9.23 |
From Hidden Bee to Rhadamanthys – The Evolution of Custom Executable Formats |
Ransom blog |
Checkpoint |
16.9.23 |
How Cisco Talos IR helped a healthcare company quickly resolve a Qakbot attack |
Attack blog |
Cisco Blog |
16.9.23 |
Microsoft Patch Tuesday for September 2023 — Unusually low 5 critical vulnerabilities included in Microsoft Patch Tuesday, along with two zero-days |
OS Blog |
Cisco Blog |
16.9.23 |
You can try to hide your firmware from Kelly Patterson, but she’ll find it (and break it) |
Cyber blog |
Cisco Blog |
16.9.23 |
Cybercriminals target graphic designers with GPU miners |
Cyber blog |
Cisco Blog |
16.9.23 |
Turns out even the NFL is worried about deepfakes |
Security blog |
Cisco Blog |
16.9.23 |
A secondhand account of the worst possible timing for a scammer to strike |
Spam blog |
Cisco Blog |
16.9.23 |
Eight vulnerabilities in Open Automation Software Platform could lead to information disclosure, improper authentication |
Vulnerebility blog |
Cisco Blog |
16.9.23 |
New open-source infostealer, and reflections on 2023 so far |
Malware blog |
Cisco Blog |
16.9.23 |
SapphireStealer: Open-source information stealer enables credential and data theft |
Malware blog |
Cisco Blog |
16.9.23 |
What's in a name? Strange behaviors at top-level domains creates uncertainty in DNS |
Security blog |
Cisco Blog |
16.9.23 |
Years into these games’ histories, attackers are still creating “Fortnite” and “Roblox”-related scams |
Hacking blog |
Cisco Blog |
16.9.23 |
Lazarus Group's infrastructure reuse leads to discovery of new malware |
Malware blog |
Cisco Blog |
16.9.23 |
Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT |
Malware blog |
Cisco Blog |
16.9.23 |
Three vulnerabilities in NVIDIA graphics driver could cause memory corruption |
Vulnerebility blog |
Cisco Blog |
16.9.23 |
Generating FLIRT signatures for Nim and other non-C programming languages |
Security blog |
Cisco Blog |
16.9.23 |
Recapping the top stories from Black Hat and DEF CON |
Cyber blog |
Cisco Blog |
16.9.23 |
The rise of AI-powered criminals: Identifying threats and opportunities |
Cyber blog |
Cisco Blog |
16.9.23 |
Reflecting on supply chain attacks halfway through 2023 |
Attack blog |
Cisco Blog |
16.9.23 |
Out-of-bounds write vulnerabilities in popular chemistry software; Foxit PDF Reader issues could lead to remote code execution |
Vulnerebility blog |
Cisco Blog |
16.9.23 |
Ballistic Bobcat's Sponsor backdoor – Week in security with Tony Anscombe |
Malware blog |
Eset |
16.9.23 |
Read it right! How to spot scams on Reddit |
Spam blog |
Eset |
16.9.23 |
ESET Research Podcast: Sextortion, digital usury and SQL brute-force |
Hacking blog |
Eset |
16.9.23 |
Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor |
Malware blog |
Eset |
16.9.23 |
Will you give X your biometric data? – Week in security with Tony Anscombe |
Cyber blog |
Eset |
16.9.23 |
Staying ahead of threats: 5 cybercrime trends to watch |
Cyber blog |
Eset |
16.9.23 |
Getting off the hook: 10 steps to take after clicking on a phishing link |
Phishing blog |
Eset |
16.9.23 |
Fake Signal and Telegram apps – Week in security with Tony Anscombe |
Social blog |
Eset |
16.9.23 |
What you need to know about iCloud Private Relay |
OS Blog |
Eset |
16.9.23 |
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps |
OS Blog |
Eset |
16.9.23 |
The Week in Ransomware - September 15th 2023 - Russian Roulette |
Ransom |
BleepingComputer |
16.9.23 |
Retool blames breach on Google Authenticator MFA cloud sync feature |
Incindent |
BleepingComputer |
16.9.23 |
Google extends security update support for Chromebooks to 10 years |
Security |
BleepingComputer |
16.9.23 |
ORBCOMM ransomware attack causes trucking fleet management outage |
Ransom |
BleepingComputer |
16.9.23 |
MGM casino's ESXi servers allegedly encrypted in ransomware attack |
Ransom |
BleepingComputer |
16.9.23 |
Auckland transport authority hit by suspected ransomware attack |
Ransom |
BleepingComputer |
16.9.23 |
Windows 11 Snipping Tool gets OCR support to copy text from images |
OS |
BleepingComputer |
16.9.23 |
Caesars Entertainment confirms ransom payment, customer data theft |
Ransom |
BleepingComputer |
16.9.23 |
Iranian hackers breach defense orgs in password spray attacks |
BigBrothers |
BleepingComputer |
16.9.23 |
Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit |
Exploit |
BleepingComputer |
16.9.23 |
Manchester Police officers' data exposed in ransomware attack |
Ransom |
BleepingComputer |
16.9.23 |
Fake Cisco Webex Google Ads abuse tracking templates to push malware |
Virus |
BleepingComputer |
16.9.23 |
Google Agrees to $93 Million Settlement in California's Location-Privacy Lawsuit |
Security |
The Hacker News |
16.9.23 |
DDoS 2.0: IoT Sparks New DDoS Alert |
Attack |
The Hacker News |
16.9.23 |
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers |
Virus |
The Hacker News |
16.9.23 |
Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads |
Ransom |
The Hacker News |
15.9.23 |
Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors |
BigBrothers |
The Hacker News |
15.9.23 |
Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems |
Apple |
The Hacker News |
15.9.23 |
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years |
Virus |
The Hacker News |
14.9.23 |
Rollbar discloses data breach after hackers stole access tokens |
Incindent |
BleepingComputer |
14.9.23 |
New Windows 11 feature blocks NTLM-based attacks over SMB |
OS |
BleepingComputer |
14.9.23 |
France demands Apple pull iPhone 12 due to high RF radiation levels |
Apple |
BleepingComputer |
14.9.23 |
Microsoft Teams down: Ongoing outage behind message failures, delays |
Security |
BleepingComputer |
14.9.23 |
Hackers steal $53 million worth of cryptocurrency from CoinEx |
Cryptocurrency |
BleepingComputer |
14.9.23 |
Hackers use new 3AM ransomware to save failed LockBit attack |
Ransom |
BleepingComputer |
14.9.23 |
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks |
Exploit |
BleepingComputer |
14.9.23 |
New 'MetaStealer' malware targets Intel-based macOS systems |
Apple |
BleepingComputer |
14.9.23 |
Ransomware access broker steals accounts via Microsoft Teams phishing |
Ransom |
BleepingComputer |
14.9.23 |
Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws |
OS |
BleepingComputer |
14.9.23 |
Windows 10 KB5030211 update released with 11 improvements |
OS |
BleepingComputer |
14.9.23 |
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks |
Vulnerebility |
BleepingComputer |
14.9.23 |
Windows 11 KB5030219 cumulative update released with 24 fixes, changes |
OS |
BleepingComputer |
14.9.23 |
CISA offers free security scans for public water utilities |
BigBrothers |
BleepingComputer |
14.9.23 |
Free Download Manager site redirected Linux users to malware for years |
Virus |
BleepingComputer |
14.9.23 |
Apple backports BLASTPASS zero-day fix to older iPhones |
Apple |
BleepingComputer |
14.9.23 |
'Redfly' hackers infiltrated power supplier's network for 6 months |
Hack |
BleepingComputer |
14.9.23 |
New WiKI-Eve attack can steal numerical passwords over WiFi |
Attack |
BleepingComputer |
14.9.23 |
Google fixes another Chrome zero-day bug exploited in attacks |
Vulnerebility |
BleepingComputer |
14.9.23 |
Microsoft will block 3rd-party printer drivers in Windows Update |
OS |
BleepingComputer |
14.9.23 |
MGM Resorts shuts down IT systems after cyberattack |
Incindent |
BleepingComputer |
14.9.23 |
CISA warns govt agencies to secure iPhones against spyware attacks |
BigBrothers |
BleepingComputer |
14.9.23 |
Iranian hackers backdoor 34 orgs with new Sponsor malware |
Virus |
BleepingComputer |
14.9.23 |
Square: Last week’s outage was caused by DNS issue, not a cyberattack |
Attack |
BleepingComputer |
14.9.23 |
Facebook Messenger phishing wave targets 100K business accounts per week |
Social |
BleepingComputer |
14.9.23 |
Associated Press warns that AP Stylebook data breach led to phishing attack |
Phishing |
BleepingComputer |
14.9.23 |
'Evil Telegram' Android apps on Google Play infected 60K with spyware |
Android |
BleepingComputer |
14.9.23 |
N-Able's Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation |
Vulnerebility |
The Hacker News |
14.9.23 |
Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware |
BigBrothers |
The Hacker News |
14.9.23 |
Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints |
Vulnerebility |
The Hacker News |
14.9.23 |
Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service |
Vulnerebility |
The Hacker News |
14.9.23 |
Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family |
Ransom |
The Hacker News |
14.9.23 |
Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages |
Phishing |
The Hacker News |
13.9.23 |
Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws |
Exploit |
The Hacker News |
13.9.23 |
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability |
Exploit |
The Hacker News |
13.9.23 |
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird |
Exploit |
The Hacker News |
13.9.23 |
Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack |
Attack |
The Hacker News |
13.9.23 |
Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign |
BigBrothers |
The Hacker News |
13.9.23 |
Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper |
Virus |
The Hacker News |
13.9.23 |
Beware: MetaStealer Malware Targets Apple macOS in Recent Attacks |
Virus |
The Hacker News |
12.9.23 |
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now |
Exploit |
The Hacker News |
12.9.23 |
Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger |
Virus |
The Hacker News |
12.9.23 |
Charming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E. |
Virus |
The Hacker News |
12.9.23 |
How to Prevent API Breaches: A Guide to Robust Security |
Security |
The Hacker News |
12.9.23 |
Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies |
Security |
The Hacker News |
11.9.23 |
Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows |
Hack |
The Hacker News |
11.9.23 |
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World |
Virus |
The Hacker News |
10.9.23 |
US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog |
Exploit |
Securityaffairs |
10.9.23 |
Ragnar Locker gang leaks data stolen from the Israel's Mayanei Hayeshua hospital |
Ransom |
Securityaffairs |
10.9.23 |
Google rolls out Privacy Sandbox to use Chrome browsing history for ads |
Security |
BleepingComputer |
10.9.23 |
Microsoft Teams phishing attack pushes DarkGate malware |
Virus |
BleepingComputer |
9.9.23 |
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play |
Android |
The Hacker News |
9.9.23 |
Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks |
Cryptocurrency |
The Hacker News |
9.9.23 |
North Korea-linked threat actors target cybersecurity experts with a zero-day |
APT |
Securityaffairs |
9.9.23 |
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks |
Ransom |
Securityaffairs |
9.9.23 |
Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns |
Vulnerebility |
Securityaffairs |
9.9.23 |
Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware |
Apple |
Securityaffairs |
9.9.23 |
Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs |
Apple |
Securityaffairs |
9.9.23 |
A malvertising campaign is delivering a new version of the macOS Atomic Stealer |
Apple |
Securityaffairs |
9.9.23 |
Two flaws in Apache SuperSet allow to remotely hack servers |
Vulnerebility |
Securityaffairs |
9.9.23 |
The Week in Ransomware - September 8th 2023 - Conti Indictments |
Ransom |
BleepingComputer |
9.9.23 |
Notepad++ 8.5.7 released with fixes for four security vulnerabilities |
Vulnerebility |
BleepingComputer |
9.9.23 |
Ragnar Locker claims attack on Israel's Mayanei Hayeshua hospital |
Incindent |
BleepingComputer |
9.9.23 |
Dymocks Booksellers suffers data breach impacting 836k customers |
Incindent |
BleepingComputer |
9.9.23 |
U.K. and U.S. Sanction 11 Russia-based TrickBot Cybercrime Gang Members |
CyberCrime |
The Hacker News |
8.9.23 |
Cisco warns of VPN zero-day exploited by ransomware gangs |
Exploit |
BleepingComputer |
8.9.23 |
Microsoft Paint in Windows 11 gets a background removal tool |
OS |
BleepingComputer |
8.9.23 |
CISA warns of critical Apache RocketMQ bug exploited in attacks |
Exploit |
BleepingComputer |
8.9.23 |
Iranian hackers breach US aviation org via Zoho, Fortinet bugs |
BigBrothers |
BleepingComputer |
8.9.23 |
Google is enabling Chrome real-time phishing protection for everyone |
Phishing |
BleepingComputer |
8.9.23 |
Apple zero-click iMessage exploit used to infect iPhones with spyware |
Apple |
BleepingComputer |
8.9.23 |
Cisco BroadWorks impacted by critical authentication bypass flaw |
Vulnerebility |
BleepingComputer |
8.9.23 |
Google Looker Studio abused in cryptocurrency phishing attacks |
Cryptocurrency |
BleepingComputer |
8.9.23 |
Microsoft: North Korean hackers target Russian govt, defense orgs |
BigBrothers |
BleepingComputer |
8.9.23 |
Apple discloses 2 new zero-days exploited to attack iPhones, Macs |
Apple |
BleepingComputer |
8.9.23 |
Google: State hackers attack security researchers with new zero-day |
Attack |
BleepingComputer |
8.9.23 |
Windows cryptomining attacks target graphic designer's high-powered GPUs |
Cryptocurrency |
BleepingComputer |
8.9.23 |
Johnson & Johnson discloses IBM data breach impacting patients |
Incindent |
BleepingComputer |
8.9.23 |
US and UK sanction 11 TrickBot and Conti cybercrime gang members |
CyberCrime |
BleepingComputer |
8.9.23 |
Rogers silent as Canadian customers report internet outages |
Incindent |
BleepingComputer |
8.9.23 |
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones |
Apple |
The Hacker News |
8.9.23 |
Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform |
Vulnerebility |
The Hacker News |
8.9.23 |
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers |
Exploit |
The Hacker News |
8.9.23 |
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities |
Exploit |
The Hacker News |
8.9.23 |
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware |
Apple |
The Hacker News |
7.9.23 |
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks |
Vulnerebility |
The Hacker News |
7.9.23 |
Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks |
BotNet |
The Hacker News |
7.9.23 |
Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach |
Incindent |
The Hacker News |
7.9.23 |
Rockstar Games reportedly sold games with Razor 1911 cracks on Steam |
Security |
BleepingComputer |
7.9.23 |
University of Michigan requires password resets after cyberattack |
Incindent |
BleepingComputer |
7.9.23 |
Flipper Zero can be used to launch iOS Bluetooth spam attacks |
Apple |
BleepingComputer |
7.9.23 |
Hackers stole Microsoft signing key from Windows crash dump |
Hack |
BleepingComputer |
7.9.23 |
MSI BIOS updates fix Windows unsupported processor BSOD bug |
Vulnerebility |
BleepingComputer |
7.9.23 |
Mirai variant infects low-cost Android TV boxes for DDoS attacks |
Android |
BleepingComputer |
7.9.23 |
September Android updates fix zero-day exploited in attacks |
Android |
BleepingComputer |
7.9.23 |
Toyota says filled disk storage halted Japan-based factories |
Security |
BleepingComputer |
7.9.23 |
Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake |
BigBrothers |
Securityaffairs |
7.9.23 |
Google addressed an actively exploited zero-day in Android |
Exploit |
Securityaffairs |
7.9.23 |
A zero-day in Atlas VPN Linux Client leaks users' IP address |
Vulnerebility |
Securityaffairs |
7.9.23 |
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw |
Exploit |
The Hacker News |
7.9.23 |
Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant |
Phishing |
The Hacker News |
6.9.23 |
MITRE and CISA release Caldera for OT attack emulation |
BigBrothers |
Securityaffairs |
6.9.23 |
ASUS routers are affected by three critical remote code execution flaws |
Vulnerebility |
Securityaffairs |
6.9.23 |
Hackers stole $41M worth of crypto assets from crypto gambling firm Stake |
Incindent |
Securityaffairs |
6.9.23 |
Freecycle data breach impacted 7 Million users |
Incindent |
Securityaffairs |
6.9.23 |
Meta disrupted two influence campaigns from China and Russia |
Social |
Securityaffairs |
6.9.23 |
A massive DDoS attack took down the site of the German financial agency BaFin |
Attack |
Securityaffairs |
6.9.23 |
X will collect biometric data from its premium users |
Safety |
Securityaffairs |
6.9.23 |
"Smishing Triad" Targeted USPS and US Citizens for Data Theft |
Incindent |
Securityaffairs |
6.9.23 |
Publicly available Evil_MinIO exploit used in attacks on MinIO Storage Systems |
Exploit |
Securityaffairs |
6.9.23 |
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA |
Phishing |
BleepingComputer |
6.9.23 |
Coffee Meets Bagel says recent outage caused by destructive cyberattack |
Attack |
BleepingComputer |
6.9.23 |
Atlas VPN zero-day vulnerability leaks users' real IP address |
Vulnerebility |
BleepingComputer |
6.9.23 |
Crypto casino Stake.com loses $41 million to hot wallet hackers |
Incindent |
BleepingComputer |
6.9.23 |
Chaes malware now uses Google Chrome DevTools Protocol to steal data |
Virus |
BleepingComputer |
6.9.23 |
ASUS routers vulnerable to critical remote code execution flaws |
Vulnerebility |
BleepingComputer |
6.9.23 |
Freecycle confirms massive data breach impacting 7 million users |
Incindent |
BleepingComputer |
6.9.23 |
Insurer fined $3M for exposing data of 650k clients for two years |
Incindent |
BleepingComputer |
6.9.23 |
German financial agency site disrupted by DDoS attack since Friday |
BigBrothers |
BleepingComputer |
6.9.23 |
Hackers exploit MinIO storage system to breach corporate networks |
Exploit |
BleepingComputer |
6.9.23 |
Okta: Hackers target IT help desks to gain Super Admin, disable MFA |
Hack |
BleepingComputer |
6.9.23 |
9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products |
Vulnerebility |
The Hacker News |
6.9.23 |
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts |
Phishing |
The Hacker News |
6.9.23 |
Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure |
APT |
The Hacker News |
5.9.23 |
New BLISTER Malware Update Fuelling Stealthy Network Infiltration |
Virus |
The Hacker News |
5.9.23 |
New Python Variant of Chaes Malware Targets Banking and Logistics Industries |
Virus |
The Hacker News |
5.9.23 |
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach |
Incindent |
The Hacker News |
5.9.23 |
Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster |
Cyber |
The Hacker News |
5.9.23 |
Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia |
BigBrothers |
The Hacker News |
5.9.23 |
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers |
Exploit |
The Hacker News |
4.9.23 |
University of Sydney suffered a security breach caused by a third-party service provider |
Incindent |
Securityaffairs |
4.9.23 |
Cybercrime will cost Germany $224 billion in 2023 |
CyberCrime |
Securityaffairs |
4.9.23 |
PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks |
Exploit |
Securityaffairs |
4.9.23 |
Windows 11 23H2: Top three new features |
OS |
BleepingComputer |
4.9.23 |
University of Sydney data breach impacts recent applicants |
Incindent |
BleepingComputer |
4.9.23 |
Microsoft reminds users Windows will disable insecure TLS soon |
OS |
BleepingComputer |
4.9.23 |
Children's snack recalled after its website caught serving porn |
Hack |
BleepingComputer |
4.9.23 |
X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation |
Social |
The Hacker News |
4.9.23 |
Everything You Wanted to Know About AI Security but Were Afraid to Ask |
AI |
The Hacker News |
4.9.23 |
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising |
Social |
The Hacker News |
4.9.23 |
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus |
Virus |
The Hacker News |
4.9.23 |
Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S. |
CyberCrime |
The Hacker News |
3.9.23 |
Social engineering attacks target Okta customers to achieve a highly privileged role |
Hack |
Securityaffairs |
3.9.23 |
LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM) |
Ransom |
Securityaffairs |
3.9.23 |
Chrome extensions can steal plaintext passwords from websites |
Hack |
BleepingComputer |
3.9.23 |
Fake YouPorn extortion scam threatens to leak your sex tape |
Spam |
BleepingComputer |
3.9.23 |
PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability |
Exploit |
The Hacker News |
|
2.9.23 |
Talos wars of customizations of the open-source info stealer SapphireStealer |
Virus |
Securityaffairs |
|
2.9.23 |
UNRAVELING EternalBlue: inside the WannaCry’s enabler |
Virus |
Securityaffairs |
|
2.9.23 |
Researchers released a free decryptor for the Key Group ransomware |
Ransom |
Securityaffairs |
|
2.9.23 |
North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks |
APT |
Securityaffairs |
|
2.9.23 |
Microsoft is killing WordPad in Windows after 28 years |
OS |
BleepingComputer |
|
2.9.23 |
Exploit released for critical VMware SSH auth bypass vulnerability |
Vulnerebility |
BleepingComputer |
|
2.9.23 |
Microsoft reminds of Windows 11 21H2 forced updates before end of service |
OS |
BleepingComputer |
|
2.9.23 |
Microsoft retires Visual Studio for Mac, support ends in a year |
OS |
BleepingComputer |
|
2.9.23 |
Golf gear giant Callaway data breach exposes info of 1.1 million |
Incindent |
BleepingComputer |
|
2.9.23 |
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges |
Hack |
The Hacker News |
|
2.9.23 |
Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware |
Ransom |
The Hacker News |
|
2.9.23 |
Russian State-Backed 'Infamous Chisel' Android Malware Targets Ukrainian Military |
Android |
The Hacker News |
|
2.9.23 |
New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists |
Virus |
The Hacker News |
|
1.9.23 |
Fashion retailer Forever 21 data breach impacted +500,000 individuals |
Incindent |
Securityaffairs |
|
1.9.23 |
Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware |
Android |
Securityaffairs |
|
1.9.23 |
Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication |
Ransom |
Securityaffairs |
|
1.9.23 |
Paramount Global disclosed a data breach |
Incindent |
Securityaffairs |
|
1.9.23 |
National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization |
Incindent |
Securityaffairs |
|
1.9.23 |
Abusing Windows Container Isolation Framework to avoid detection by security products |
Hack |
Securityaffairs |
|
1.9.23 |
Sourcegraph website breached using leaked admin access token |
Incindent |
BleepingComputer |
|
1.9.23 |
Forever 21 data breach: hackers accessed info of 500,000 |
Incindent |
BleepingComputer |
|
1.9.23 |
North Korean hackers behind malicious VMConnect PyPI campaign |
Virus |
BleepingComputer |
|
1.9.23 |
LogicMonitor customers hacked in reported ransomware attacks |
Ransom |
BleepingComputer |
|
1.9.23 |
Free Key Group ransomware decryptor helps victims recover data |
Ransom |
BleepingComputer |
|
1.9.23 |
GRU hackers attack Ukrainian military with new Android malware |
Android |
BleepingComputer |
|
1.9.23 |
Classiscam fraud-as-a-service expands, now targets banks and 251 brands |
CyberCrime |
BleepingComputer |
|
1.9.23 |
Classiscam Scam-as-a-Service Raked $64.5 Million During the COVID-19 Pandemic |
Spam |
The Hacker News |
|
1.9.23 |
SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations |
Virus |
The Hacker News |
|
1.9.23 |
North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository |
Virus |
The Hacker News |
|
1.9.23 |
Numbers Don't Lie: Exposing the Harsh Truths of Cyberattacks in New Report |
Cyber |
The Hacker News |
|
1.9.23 |
Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents |
BigBrothers |
The Hacker News |